Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          P/2VG+qiFYJnruo2opqIvKdJFlMmHJxIPXfoPs6veA0=
Subject key identifier:   C2:AD:90:94:08:42:D6:0E:D9:86:CC:B8:A7:0A:1E:39:65:93:A3:66
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       0196545BA9474C457D27D7E17006C3D4DB50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          015F
Signing time:             Sun 20 Apr 2025 18:00:15 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:15 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:15 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: hGkV2uTjoZL2ErGGrX6L5/ygm51M0XBW+lDjSbU4bOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 18:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5b:a9:47:4c:45:7d:27:d7:e1:70:06:c3:d4:db:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Apr 20 18:00:15 2025 GMT
            Not After : Apr 21 18:00:15 2025 GMT
        Subject: CN=c2ad90940842d60ed986ccb8a70a1e396593a366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a9:f1:af:4f:dc:6d:52:e6:d2:36:f1:82:eb:
                    83:ac:32:8a:ee:16:ed:c8:ec:48:fc:96:96:cc:39:
                    d2:cc:17:a3:58:ec:af:3c:8a:46:41:0b:ba:7f:58:
                    3b:fc:f4:41:95:04:23:43:34:e5:af:4c:aa:1d:e8:
                    ac:33:d0:e7:4c:f2:7a:f0:ae:79:3c:54:08:ca:07:
                    45:01:ad:6a:59:cd:5c:b3:8b:cb:a7:5d:b0:bf:20:
                    0a:bc:d0:07:1a:9b:93:59:f7:1a:4c:5c:28:b9:78:
                    41:d2:32:3c:df:a1:92:48:60:37:5b:25:ef:97:f2:
                    9c:80:1c:26:a8:57:c3:00:2c:8f:b5:a5:c6:41:2b:
                    5f:43:e9:e8:5b:a9:d5:d1:17:19:8d:4e:7e:bb:e2:
                    d3:cf:6d:fe:cf:8c:90:f0:e5:c8:25:f1:b7:6e:28:
                    1f:c8:76:62:b7:31:bd:fb:0e:5e:c3:d1:c7:ee:35:
                    15:58:77:85:37:be:93:9f:27:db:3c:26:5a:c3:34:
                    86:8a:a8:db:12:95:94:3e:31:ee:84:c2:91:88:9b:
                    b2:95:c6:cc:61:b1:4d:d3:fb:4b:e4:b4:b9:13:e2:
                    fe:e8:ed:fd:f6:ea:c9:5b:91:3d:3b:2d:48:2d:0c:
                    37:9c:7e:7a:59:fc:33:b4:81:d4:e2:60:d4:09:a1:
                    a0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AD:90:94:08:42:D6:0E:D9:86:CC:B8:A7:0A:1E:39:65:93:A3:66
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:5a:25:d9:44:4a:7f:e0:36:77:d3:e9:f4:7f:4f:ad:ca:1d:
         e8:f2:a6:c5:4b:de:0e:ff:11:e2:59:a5:8d:36:45:fa:b6:dd:
         cc:8e:87:df:b0:7f:07:1e:6b:ae:2a:f2:3f:12:95:6c:c9:2f:
         3c:af:3c:e2:49:23:d3:8b:82:59:52:67:7f:a1:d1:0e:85:43:
         9f:66:f1:a9:6f:a6:42:50:63:ad:a3:6d:7a:f1:da:23:0b:b4:
         ce:e6:c5:07:eb:ec:6f:80:f8:74:41:9a:06:60:66:95:1b:5e:
         e8:4c:54:21:82:8b:82:81:0f:93:83:e0:69:09:59:2f:7f:e7:
         6a:09:51:ac:19:cb:a8:a1:63:3a:47:92:83:78:a7:f7:27:1a:
         66:a1:ec:3e:0e:dd:49:3b:cf:d5:f6:bf:37:dd:60:21:aa:1e:
         89:21:63:9b:f4:dc:e4:7a:e5:04:ec:0a:5c:1a:b1:c0:11:2b:
         b1:99:d3:e6:de:4a:d2:0c:7c:62:46:44:73:aa:92:7a:b7:17:
         b5:5a:c1:4e:fd:f2:d6:f5:40:5e:34:0f:78:33:85:05:56:24:
         b5:56:35:29:74:86:2c:40:11:ed:78:77:aa:9a:a8:f4:10:ce:
         0b:a5:93:63:8e:8a:54:25:69:f7:66:4d:1c:bd:30:df:84:70:
         95:d8:43:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUW6lHTEV9J9fhcAbD1NtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjUwNDIwMTgwMDE1WhcNMjUwNDIxMTgwMDE1WjAzMTEwLwYDVQQD
EyhjMmFkOTA5NDA4NDJkNjBlZDk4NmNjYjhhNzBhMWUzOTY1OTNhMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqnxr0/cbVLm0jbxguuDrDKK7hbt
yOxI/JaWzDnSzBejWOyvPIpGQQu6f1g7/PRBlQQjQzTlr0yqHeisM9DnTPJ68K55
PFQIygdFAa1qWc1cs4vLp12wvyAKvNAHGpuTWfcaTFwouXhB0jI836GSSGA3WyXv
l/KcgBwmqFfDACyPtaXGQStfQ+noW6nV0RcZjU5+u+LTz23+z4yQ8OXIJfG3bigf
yHZitzG9+w5ew9HH7jUVWHeFN76TnyfbPCZawzSGiqjbEpWUPjHuhMKRiJuylcbM
YbFN0/tL5LS5E+L+6O399urJW5E9Oy1ILQw3nH56WfwztIHU4mDUCaGgYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKtkJQIQtYO2YbMuKcKHjllk6NmMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFol2URK
f+A2d9Pp9H9Prcod6PKmxUveDv8R4lmljTZF+rbdzI6H37B/Bx5rriryPxKVbMkv
PK884kkj04uCWVJnf6HRDoVDn2bxqW+mQlBjraNtevHaIwu0zubFB+vsb4D4dEGa
BmBmlRte6ExUIYKLgoEPk4PgaQlZL3/naglRrBnLqKFjOkeSg3in9ycaZqHsPg7d
STvP1fa/N91gIaoeiSFjm/Tc5HrlBOwKXBqxwBErsZnT5t5K0gx8YkZEc6qSercX
tVrBTv3y1vVAXjQPeDOFBVYktVY1KXSGLEAR7Xh3qpqo9BDOC6WTY46KVCVp92ZN
HL0w34RwldhDSg==
-----END CERTIFICATE-----