Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          tvC1TdJwejT3wSxEX2uhKenpyaTMNzGQduYJ3LA2SFs=
Subject key identifier:   BE:66:9F:4D:01:E0:F8:AF:3E:C6:44:70:57:B2:33:9B:1C:A2:D1:CD
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       0197B933B224E50EF0A2BD3DBC1A87DECD96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          A4
Signing time:             Sun 29 Jun 2025 01:01:02 +0000
Manifest this update:     Sun 29 Jun 2025 01:01:02 +0000
Manifest next update:     Mon 30 Jun 2025 01:01:02 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: S+OERhYt97lxMZcTvG6LDKU4wWv3ZSnOGM7QvpLEFsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 01:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:33:b2:24:e5:0e:f0:a2:bd:3d:bc:1a:87:de:cd:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Jun 29 01:01:02 2025 GMT
            Not After : Jun 30 01:01:02 2025 GMT
        Subject: CN=be669f4d01e0f8af3ec6447057b2339b1ca2d1cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:cf:51:e6:f9:e1:0c:ce:4b:a7:66:9c:80:72:
                    fd:5b:3e:40:d9:4c:3f:09:b5:d2:48:85:03:61:75:
                    77:59:0b:58:ce:96:48:85:9b:28:c5:0a:9d:22:03:
                    05:16:0f:b2:bf:ab:f5:44:41:94:8b:21:a7:b2:73:
                    7e:b2:dc:ed:8d:ad:ca:57:24:00:05:20:64:2a:ba:
                    e8:74:43:67:85:d7:08:9b:58:89:ad:d1:cc:29:54:
                    b5:8c:88:30:8a:be:e7:bb:79:dc:40:d4:d9:38:68:
                    d0:c0:66:c9:26:c9:d8:ae:e2:91:5d:4d:f0:86:10:
                    af:e4:ba:70:23:34:69:2b:92:23:68:db:73:bc:36:
                    5c:cc:38:b5:e0:b1:26:92:0a:6e:29:d6:d5:8b:eb:
                    be:13:73:c8:94:14:ff:74:59:f2:a1:91:c9:78:2f:
                    68:15:6a:e6:b7:2d:bb:a4:ee:c9:04:bf:7b:17:87:
                    e8:29:eb:e2:37:e5:9e:54:3e:4a:5e:f1:e9:30:26:
                    b5:47:86:9b:5e:a8:f2:4d:40:dc:d4:fc:43:5a:46:
                    d3:67:1d:75:1b:2d:ce:27:c7:5d:5f:f7:6d:7a:95:
                    87:62:47:ce:e5:8a:e9:6d:58:4a:fd:60:ea:36:77:
                    5e:ba:73:0d:00:f6:2d:a6:b3:02:85:8c:08:ce:1e:
                    b5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:66:9F:4D:01:E0:F8:AF:3E:C6:44:70:57:B2:33:9B:1C:A2:D1:CD
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:d8:28:2f:c9:e0:9d:78:88:8e:2e:96:d1:41:d9:63:bb:22:
         84:d6:aa:10:11:18:ca:ae:6e:cb:fd:3b:85:9d:14:41:69:a5:
         03:1b:74:1e:bd:cd:61:7a:31:2c:77:a8:29:ad:fe:95:00:bc:
         e3:05:70:81:5e:86:53:e9:43:c8:f6:10:8b:f0:e1:9d:21:7a:
         79:4e:ea:07:1a:48:fd:b8:53:e8:e7:20:9d:8b:1f:30:3b:11:
         24:08:79:61:39:99:cd:b6:cc:5f:79:6d:db:ad:66:71:ac:96:
         9f:70:18:f8:be:62:ed:4b:17:63:4a:08:18:44:12:0c:41:97:
         ba:78:0b:7e:29:5d:6e:cf:c9:3e:62:f4:19:27:25:3b:c7:9f:
         16:0b:dd:fc:3d:a4:52:40:f6:bc:3f:c4:da:45:c6:2d:86:7f:
         5b:13:2e:67:92:82:98:07:db:e6:f1:f8:e3:f1:e8:5f:b3:92:
         f1:32:99:94:6d:12:f4:e3:80:3f:b7:a3:f0:2b:52:5b:0b:79:
         5c:9d:73:c2:cf:d0:1d:be:44:76:d6:b9:d8:3d:c0:4d:0a:ad:
         89:7c:d2:b9:5b:c7:e3:af:03:05:1a:e0:c0:d2:0e:ba:32:6a:
         58:58:7e:8a:b9:7a:08:53:4e:28:a2:d5:72:21:a0:ea:f6:0c:
         5a:be:85:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5M7Ik5Q7wor09vBqH3s2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUwNjI5MDEwMTAyWhcNMjUwNjMwMDEwMTAyWjAzMTEwLwYDVQQD
EyhiZTY2OWY0ZDAxZTBmOGFmM2VjNjQ0NzA1N2IyMzM5YjFjYTJkMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl89R5vnhDM5Lp2acgHL9Wz5A2Uw/
CbXSSIUDYXV3WQtYzpZIhZsoxQqdIgMFFg+yv6v1REGUiyGnsnN+stztja3KVyQA
BSBkKrrodENnhdcIm1iJrdHMKVS1jIgwir7nu3ncQNTZOGjQwGbJJsnYruKRXU3w
hhCv5LpwIzRpK5IjaNtzvDZczDi14LEmkgpuKdbVi+u+E3PIlBT/dFnyoZHJeC9o
FWrmty27pO7JBL97F4foKeviN+WeVD5KXvHpMCa1R4abXqjyTUDc1PxDWkbTZx11
Gy3OJ8ddX/dtepWHYkfO5YrpbVhK/WDqNndeunMNAPYtprMChYwIzh617QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5mn00B4PivPsZEcFeyM5scotHNMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmdgoL8ng
nXiIji6W0UHZY7sihNaqEBEYyq5uy/07hZ0UQWmlAxt0Hr3NYXoxLHeoKa3+lQC8
4wVwgV6GU+lDyPYQi/DhnSF6eU7qBxpI/bhT6OcgnYsfMDsRJAh5YTmZzbbMX3lt
261mcayWn3AY+L5i7UsXY0oIGEQSDEGXungLfildbs/JPmL0GSclO8efFgvd/D2k
UkD2vD/E2kXGLYZ/WxMuZ5KCmAfb5vH44/HoX7OS8TKZlG0S9OOAP7ej8CtSWwt5
XJ1zws/QHb5Edta52D3ATQqtiXzSuVvH468DBRrgwNIOujJqWFh+irl6CFNOKKLV
ciGg6vYMWr6FhA==
-----END CERTIFICATE-----