Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
File:                     D4jGhrHhIvzcFlwCN6D149mQvwE.mft (raw, json)
Hash identifier:          qxB5/zs3Q/z47QAE4Q3opVa/xHz1TxSt12IM5QXq6Z0=
Subject key identifier:   0F:74:87:D9:EE:20:57:36:AF:BF:C5:61:FC:6A:4A:16:BF:45:16:F3
Authority key identifier: 0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01
Certificate issuer:       /CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
Certificate serial:       0196C3145F0B25342E03F05D25D62365CA0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
Manifest number:          0AE4
Signing time:             Mon 12 May 2025 06:00:14 +0000
Manifest this update:     Mon 12 May 2025 06:00:14 +0000
Manifest next update:     Tue 13 May 2025 06:00:14 +0000
Files and hashes:         1: D4jGhrHhIvzcFlwCN6D149mQvwE.crl (hash: 5mzfkjSddHNC+yoFTJxiMQ4pFH4QGEmCne4qSz0QE6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:14:5f:0b:25:34:2e:03:f0:5d:25:d6:23:65:ca:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
        Validity
            Not Before: May 12 06:00:14 2025 GMT
            Not After : May 13 06:00:14 2025 GMT
        Subject: CN=0f7487d9ee205736afbfc561fc6a4a16bf4516f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b5:bb:09:1c:2a:d9:d5:ad:57:0e:a7:08:2e:
                    ba:52:b9:e2:d7:fd:40:e1:6e:b1:b3:97:0c:55:23:
                    e6:d8:09:b7:81:f7:c7:34:cc:e2:b9:85:8b:93:19:
                    36:2e:7d:6d:75:0f:6b:3d:a1:0b:ae:22:d4:71:8c:
                    05:54:23:79:b2:10:34:5a:8f:12:07:25:82:6b:0d:
                    ca:d0:1c:81:23:18:69:9d:47:a1:99:5a:d1:f0:cf:
                    33:1e:8d:36:27:75:8e:b1:f3:7e:2a:da:72:00:59:
                    1a:14:0f:58:10:b1:a5:b0:f2:77:76:ee:7a:25:2f:
                    47:ea:44:f8:2a:61:69:38:19:da:c7:a9:75:7a:b5:
                    9f:37:2e:78:83:6b:6d:b3:5d:a4:90:e8:d9:54:d2:
                    40:07:0f:61:09:4d:43:08:57:ab:17:ab:0b:25:ab:
                    2e:0d:e7:10:e3:ec:2c:af:90:43:9f:de:76:ec:97:
                    0d:ac:5a:7b:84:19:3c:c8:5d:58:4a:01:fe:00:13:
                    dd:41:6c:f1:9b:de:be:87:ba:f9:eb:7e:26:a4:f3:
                    09:84:47:f5:e9:a6:15:c6:97:d2:5e:74:9e:6b:3c:
                    7a:9c:28:9b:2a:e6:e1:96:3c:9a:b5:c8:cc:09:66:
                    18:9e:d1:97:38:f4:9e:d1:92:90:14:26:68:23:85:
                    14:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:74:87:D9:EE:20:57:36:AF:BF:C5:61:FC:6A:4A:16:BF:45:16:F3
            X509v3 Authority Key Identifier:
                keyid:0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:75:f3:36:ff:1a:6a:57:ae:51:8b:53:49:e1:4d:b6:04:d9:
         f1:31:bc:72:36:db:cf:b2:21:8a:55:fa:69:76:f0:e9:3e:16:
         1b:49:0d:47:49:e1:86:be:b7:ce:86:d3:01:aa:b5:44:a7:2f:
         73:f8:b9:3d:f4:22:df:fa:be:c6:fa:7c:24:16:c4:5a:27:49:
         f6:af:cd:e6:0e:0f:8a:69:2a:63:d4:c3:61:de:8f:f7:b5:cf:
         57:4e:0b:88:18:1b:f0:ab:63:69:79:46:cc:73:03:8c:19:6e:
         5c:7b:1f:9e:e7:fe:60:83:a0:7d:4b:1b:ff:f3:cf:9e:45:ea:
         73:17:00:dd:ed:1f:44:6b:de:bf:ba:97:f3:f3:b3:e3:c7:6d:
         e9:40:b5:d2:a5:45:6d:ec:1e:5a:04:49:e4:f7:d0:bb:84:9c:
         b8:c4:4f:9c:12:f3:01:87:12:5a:be:f3:48:f6:d7:5b:42:e0:
         2c:1d:aa:20:54:98:fe:9a:ed:72:2e:96:03:b9:cf:07:aa:d0:
         7d:fa:ed:48:aa:ab:d8:0e:1f:0b:77:78:64:e3:94:c9:e5:cf:
         53:eb:ae:60:08:b4:2d:15:78:67:30:92:37:42:44:41:46:f0:
         d1:32:6c:be:b0:3d:b4:05:a2:8b:e1:f5:32:4e:33:14:fa:0e:
         d5:be:71:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDFF8LJTQuA/BdJdYjZcoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODhjNjg2YjFlMTIyZmNkYzE2NWMwMjM3YTBmNWUzZDk5
MGJmMDEwHhcNMjUwNTEyMDYwMDE0WhcNMjUwNTEzMDYwMDE0WjAzMTEwLwYDVQQD
EygwZjc0ODdkOWVlMjA1NzM2YWZiZmM1NjFmYzZhNGExNmJmNDUxNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7W7CRwq2dWtVw6nCC66Urni1/1A
4W6xs5cMVSPm2Am3gffHNMziuYWLkxk2Ln1tdQ9rPaELriLUcYwFVCN5shA0Wo8S
ByWCaw3K0ByBIxhpnUehmVrR8M8zHo02J3WOsfN+KtpyAFkaFA9YELGlsPJ3du56
JS9H6kT4KmFpOBnax6l1erWfNy54g2tts12kkOjZVNJABw9hCU1DCFerF6sLJasu
DecQ4+wsr5BDn9527JcNrFp7hBk8yF1YSgH+ABPdQWzxm96+h7r5634mpPMJhEf1
6aYVxpfSXnSeazx6nCibKubhljyatcjMCWYYntGXOPSe0ZKQFCZoI4UUyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA90h9nuIFc2r7/FYfxqSha/RRbzMB8GA1UdIwQY
MBaAFA+Ixoax4SL83BZcAjeg9ePZkL8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2It
YjQyMjVkZTI3MjNhLzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2ItYjQyMjVkZTI3MjNh
LzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnXzNv8a
aleuUYtTSeFNtgTZ8TG8cjbbz7IhilX6aXbw6T4WG0kNR0nhhr63zobTAaq1RKcv
c/i5PfQi3/q+xvp8JBbEWidJ9q/N5g4PimkqY9TDYd6P97XPV04LiBgb8KtjaXlG
zHMDjBluXHsfnuf+YIOgfUsb//PPnkXqcxcA3e0fRGvev7qX8/Oz48dt6UC10qVF
beweWgRJ5PfQu4ScuMRPnBLzAYcSWr7zSPbXW0LgLB2qIFSY/prtci6WA7nPB6rQ
ffrtSKqr2A4fC3d4ZOOUyeXPU+uuYAi0LRV4ZzCSN0JEQUbw0TJsvrA9tAWii+H1
Mk4zFPoO1b5x/Q==
-----END CERTIFICATE-----