Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          tXRYogeIWTlsOpPUOkEcW9pq4PjC5sdUaKE9Ytv3Wcg=
Subject key identifier:   9A:C0:4C:18:08:05:E7:3C:82:EF:D2:2E:9E:B4:56:12:FD:80:F2:8A
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       01965492FB1B023A9C964E43A872662D46B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          102F
Signing time:             Sun 20 Apr 2025 19:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:40 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: EtzBleEXrRtf/zp+NWUlWd/ZAYUuhNeSE3hUBRFfHO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:fb:1b:02:3a:9c:96:4e:43:a8:72:66:2d:46:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Apr 20 19:00:40 2025 GMT
            Not After : Apr 21 19:00:40 2025 GMT
        Subject: CN=9ac04c180805e73c82efd22e9eb45612fd80f28a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a0:45:7e:b2:cb:7d:2a:c5:c0:ff:cf:ac:ef:
                    4d:3a:4d:ae:af:ca:92:06:64:69:37:e2:d0:a4:ca:
                    d8:48:4e:78:57:70:e4:1c:2e:4c:3c:6d:16:c1:83:
                    06:53:c8:b1:c8:60:12:44:ca:a8:46:cd:47:43:df:
                    5d:0b:1b:15:d0:3b:90:6a:e8:d9:6e:52:b9:4d:27:
                    62:e6:f8:51:05:8d:ad:b6:23:2f:66:93:7a:2e:03:
                    23:cf:d0:4c:57:41:9e:45:d2:b6:f6:71:69:63:a1:
                    3b:e1:61:81:44:b4:36:1c:3a:75:88:3d:8b:cd:7f:
                    d1:dc:e4:0f:f2:5a:ad:c6:81:24:04:da:1e:ab:46:
                    52:97:07:0c:c4:0b:f8:a3:43:fd:64:c3:4d:97:2c:
                    b5:d7:dc:8d:b8:cd:f5:5d:1a:a2:d8:98:4b:39:27:
                    1f:0d:b4:ed:f3:39:a3:21:1c:20:36:73:79:0f:fc:
                    f4:a6:f9:8d:c5:c8:99:a6:58:ec:5a:aa:7d:30:5a:
                    d7:f4:c7:f1:dc:73:54:cf:e6:6e:9b:ee:34:6d:4d:
                    d8:0e:09:c9:4c:3b:c4:90:b6:7f:94:12:7d:24:98:
                    e0:86:62:ec:5a:7d:65:c9:60:97:da:a2:f0:36:49:
                    84:3d:2b:1a:6c:c2:f2:3f:94:f2:25:86:0b:93:5b:
                    4f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:C0:4C:18:08:05:E7:3C:82:EF:D2:2E:9E:B4:56:12:FD:80:F2:8A
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:cb:e2:db:20:b6:6f:97:9d:21:eb:e7:18:ad:49:96:41:b4:
         69:6c:b4:b7:67:10:a5:fd:4f:9e:a2:92:3c:9a:b1:55:bc:b7:
         b5:ee:d2:e2:58:02:46:0e:a4:5d:32:b0:45:54:2e:88:95:81:
         05:21:4d:b3:c3:e1:7d:bf:31:8f:de:28:94:53:c4:6b:55:3f:
         b4:fc:f9:80:94:15:49:4d:cc:8c:b6:9f:a8:79:77:76:8d:ec:
         c3:f0:ed:03:d5:54:c3:e1:ca:e8:76:cb:2c:63:0e:ac:04:98:
         99:3c:d7:80:ff:7c:1a:76:e4:74:c0:4e:55:fe:48:d4:d7:49:
         fa:8d:b5:1f:db:0e:44:ff:21:2f:dd:e1:37:7e:5d:3d:87:49:
         4a:52:22:a1:c4:a1:b1:f7:a0:fd:56:b3:76:8b:99:3e:76:1b:
         e2:8d:9c:8c:89:32:3c:40:f1:49:63:ec:12:a9:eb:fc:c9:1f:
         9d:a7:c9:0b:c4:06:a5:14:dd:77:f8:84:d7:04:b3:1e:42:84:
         11:56:00:48:4a:9a:44:de:8c:08:40:ad:6c:fe:48:cc:18:8a:
         23:a5:59:5c:a8:3f:f1:a5:fe:77:bb:5d:d7:d5:e0:d3:37:dc:
         e7:23:58:93:79:69:71:c6:0e:af:c6:62:c4:8f:e8:06:42:20:
         48:06:53:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkvsbAjqclk5DqHJmLUa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUwNDIwMTkwMDQwWhcNMjUwNDIxMTkwMDQwWjAzMTEwLwYDVQQD
Eyg5YWMwNGMxODA4MDVlNzNjODJlZmQyMmU5ZWI0NTYxMmZkODBmMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qBFfrLLfSrFwP/PrO9NOk2ur8qS
BmRpN+LQpMrYSE54V3DkHC5MPG0WwYMGU8ixyGASRMqoRs1HQ99dCxsV0DuQaujZ
blK5TSdi5vhRBY2ttiMvZpN6LgMjz9BMV0GeRdK29nFpY6E74WGBRLQ2HDp1iD2L
zX/R3OQP8lqtxoEkBNoeq0ZSlwcMxAv4o0P9ZMNNlyy119yNuM31XRqi2JhLOScf
DbTt8zmjIRwgNnN5D/z0pvmNxciZpljsWqp9MFrX9Mfx3HNUz+Zum+40bU3YDgnJ
TDvEkLZ/lBJ9JJjghmLsWn1lyWCX2qLwNkmEPSsabMLyP5TyJYYLk1tPFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrATBgIBec8gu/SLp60VhL9gPKKMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcvi2yC2
b5edIevnGK1JlkG0aWy0t2cQpf1PnqKSPJqxVby3te7S4lgCRg6kXTKwRVQuiJWB
BSFNs8Phfb8xj94olFPEa1U/tPz5gJQVSU3MjLafqHl3do3sw/DtA9VUw+HK6HbL
LGMOrASYmTzXgP98GnbkdMBOVf5I1NdJ+o21H9sORP8hL93hN35dPYdJSlIiocSh
sfeg/VazdouZPnYb4o2cjIkyPEDxSWPsEqnr/MkfnafJC8QGpRTdd/iE1wSzHkKE
EVYASEqaRN6MCECtbP5IzBiKI6VZXKg/8aX+d7td19Xg0zfc5yNYk3lpccYOr8Zi
xI/oBkIgSAZTWw==
-----END CERTIFICATE-----