Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          48+nGhEwEo30yINWg1JoVWo0YKEPDFWddjrkDq949qo=
Subject key identifier:   7D:77:C7:21:BF:03:F4:D0:ED:52:78:26:76:12:6C:7B:C7:C0:1F:CB
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       01965613D6EB5C282EFE1BBB4F578BBF84A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0DD7
Signing time:             Mon 21 Apr 2025 02:01:02 +0000
Manifest this update:     Mon 21 Apr 2025 02:01:02 +0000
Manifest next update:     Tue 22 Apr 2025 02:01:02 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: m47aIKG/tdluB0cHFNtaYL88thVFG+s1YoQV/07jdNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:d6:eb:5c:28:2e:fe:1b:bb:4f:57:8b:bf:84:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Apr 21 02:01:02 2025 GMT
            Not After : Apr 22 02:01:02 2025 GMT
        Subject: CN=7d77c721bf03f4d0ed52782676126c7bc7c01fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1e:d6:9d:de:63:47:02:6d:11:6d:dc:07:92:
                    07:f0:9d:fc:51:2c:f2:d9:ca:e2:cf:1a:90:f9:7e:
                    98:2d:44:ec:21:a2:a6:0b:e4:d6:03:6b:33:8e:f6:
                    f6:5d:92:13:bf:c5:50:0b:c9:32:cd:c8:09:54:06:
                    55:47:5f:f8:77:ba:8a:45:00:18:a8:02:d6:10:ee:
                    8c:3d:0e:f9:ce:1d:0a:4b:70:6b:6a:6a:18:66:27:
                    31:b4:3c:b1:22:dc:bd:17:a1:eb:0c:49:fc:4c:1c:
                    fe:f9:6c:20:e9:48:af:8a:20:ff:fe:ae:0e:f4:e4:
                    70:04:cd:56:40:75:90:b9:ca:26:3c:47:c3:21:92:
                    55:83:01:04:aa:9a:99:fd:0e:3a:28:c1:18:af:c2:
                    e6:ea:aa:9f:0e:0b:b4:b7:e2:27:8b:c1:f6:23:a9:
                    fe:37:61:29:73:cd:a6:6b:09:0e:b9:9b:c5:b9:ee:
                    2a:88:f3:d6:05:e3:c0:e7:e4:b3:65:c9:d4:b9:ee:
                    10:42:e3:36:26:5b:8f:3d:71:31:82:88:1d:62:8c:
                    4d:63:36:f0:03:1f:02:6d:5d:41:ad:26:7e:0b:04:
                    85:69:05:80:66:94:5a:e8:e3:19:51:ac:0d:1d:64:
                    af:59:13:3d:bb:33:ad:38:f3:4d:4d:8e:9f:db:1a:
                    aa:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:77:C7:21:BF:03:F4:D0:ED:52:78:26:76:12:6C:7B:C7:C0:1F:CB
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:b1:94:f1:55:0d:bc:60:5b:96:da:39:c3:31:82:78:8c:3e:
         ea:e5:98:2b:97:c9:6b:65:bd:6e:05:6a:d3:89:26:02:ec:2d:
         b5:da:28:82:0e:fc:90:e0:92:c2:69:2f:03:38:0b:af:f5:ee:
         78:10:7d:22:99:4b:2f:c4:a7:2c:00:a9:67:3d:d4:81:24:ba:
         76:b1:dc:a3:fd:9f:7b:01:b0:0a:4d:35:ad:18:91:bf:0d:97:
         23:67:08:94:92:45:92:9e:e8:4f:87:4f:b3:58:96:dc:43:e3:
         cd:f6:77:ee:91:cf:63:0a:5e:d8:a1:4d:0c:7f:c2:b7:87:e9:
         6c:36:bb:86:a1:16:88:36:1c:9a:95:fd:61:b4:28:25:39:f0:
         55:3d:2e:20:64:27:13:91:a4:54:d2:8c:53:42:f9:f1:b4:da:
         c6:a3:bc:a7:82:33:93:d1:8b:37:e2:22:ee:ab:1d:c2:fb:37:
         26:ba:40:87:21:37:a5:81:bd:6a:d3:64:db:81:db:5f:76:f8:
         6f:d8:72:26:a0:20:f7:47:db:6a:7f:3f:06:c8:98:ae:1c:2a:
         14:1e:5d:df:69:f3:92:02:f3:85:f6:1d:a0:00:b1:ca:ad:28:
         4f:ab:a2:30:06:96:79:0a:96:20:1b:e4:af:fc:d0:ad:92:0b:
         aa:91:56:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWE9brXCgu/hu7T1eLv4SgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjUwNDIxMDIwMTAyWhcNMjUwNDIyMDIwMTAyWjAzMTEwLwYDVQQD
Eyg3ZDc3YzcyMWJmMDNmNGQwZWQ1Mjc4MjY3NjEyNmM3YmM3YzAxZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx7Wnd5jRwJtEW3cB5IH8J38USzy
2crizxqQ+X6YLUTsIaKmC+TWA2szjvb2XZITv8VQC8kyzcgJVAZVR1/4d7qKRQAY
qALWEO6MPQ75zh0KS3BramoYZicxtDyxIty9F6HrDEn8TBz++Wwg6UiviiD//q4O
9ORwBM1WQHWQucomPEfDIZJVgwEEqpqZ/Q46KMEYr8Lm6qqfDgu0t+Ini8H2I6n+
N2Epc82mawkOuZvFue4qiPPWBePA5+SzZcnUue4QQuM2JluPPXExgogdYoxNYzbw
Ax8CbV1BrSZ+CwSFaQWAZpRa6OMZUawNHWSvWRM9uzOtOPNNTY6f2xqq5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH13xyG/A/TQ7VJ4JnYSbHvHwB/LMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAarGU8VUN
vGBblto5wzGCeIw+6uWYK5fJa2W9bgVq04kmAuwttdoogg78kOCSwmkvAzgLr/Xu
eBB9IplLL8SnLACpZz3UgSS6drHco/2fewGwCk01rRiRvw2XI2cIlJJFkp7oT4dP
s1iW3EPjzfZ37pHPYwpe2KFNDH/Ct4fpbDa7hqEWiDYcmpX9YbQoJTnwVT0uIGQn
E5GkVNKMU0L58bTaxqO8p4Izk9GLN+Ii7qsdwvs3JrpAhyE3pYG9atNk24HbX3b4
b9hyJqAg90fban8/BsiYrhwqFB5d32nzkgLzhfYdoACxyq0oT6uiMAaWeQqWIBvk
r/zQrZILqpFWxQ==
-----END CERTIFICATE-----