Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          Xg3s95HugC6d/b2uiV0pluR2w38k8UPVUBNtZWFOS/w=
Subject key identifier:   8B:22:88:5D:04:D8:9B:07:40:35:F9:B5:A9:34:E7:1C:52:CF:2F:16
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019645C4C0E06D20B590C3E4F5C070CD8BA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          14F1
Signing time:             Thu 17 Apr 2025 22:00:44 +0000
Manifest this update:     Thu 17 Apr 2025 22:00:44 +0000
Manifest next update:     Fri 18 Apr 2025 22:00:44 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: WfoR/3G2AGHid88fGyWPH/REPIbaq1RYU++fc25w/j0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c4:c0:e0:6d:20:b5:90:c3:e4:f5:c0:70:cd:8b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Apr 17 22:00:44 2025 GMT
            Not After : Apr 18 22:00:44 2025 GMT
        Subject: CN=8b22885d04d89b074035f9b5a934e71c52cf2f16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7b:61:c2:26:29:96:83:2b:fb:c0:47:c5:2f:
                    7f:c4:b7:f6:88:b8:b4:b0:3e:bc:9d:b5:30:b8:48:
                    bf:39:1b:10:f9:18:a1:87:b0:0b:d6:e7:20:90:49:
                    bd:66:4b:d0:e1:0e:92:d6:dc:ef:99:37:52:a2:30:
                    10:ab:09:5d:94:12:ad:8a:5e:e2:ce:5e:ca:f7:1a:
                    83:78:64:59:a3:df:8d:56:1c:0b:10:f8:a0:89:1e:
                    18:93:40:0e:62:b4:f9:24:75:67:77:ec:d1:38:37:
                    5e:bc:93:4e:08:15:6f:ce:c9:9b:db:76:06:0c:cc:
                    98:fa:1a:65:e7:16:a9:5f:bf:fd:9b:b1:fc:bb:65:
                    36:cb:30:19:ec:57:32:46:6f:a4:21:50:c5:24:c1:
                    23:3c:8f:77:1b:31:1f:12:f6:3a:a7:d8:ea:b2:e6:
                    e1:81:c9:bb:e7:95:df:33:ed:eb:c8:8c:3f:76:41:
                    eb:d6:8d:5a:e2:ea:17:eb:d2:fc:d2:96:2a:fe:8d:
                    d0:e9:f0:b7:6e:d5:d7:c5:dc:6f:76:98:6c:63:0c:
                    d7:74:b9:14:c1:04:de:e2:98:2e:7f:f3:0e:92:bc:
                    b1:9b:04:b0:a5:00:5b:f0:fd:f5:c9:e3:f9:b0:7b:
                    31:f7:7a:af:f7:d1:a3:d7:04:59:09:55:39:34:02:
                    85:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:22:88:5D:04:D8:9B:07:40:35:F9:B5:A9:34:E7:1C:52:CF:2F:16
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:6a:8c:1c:6a:a7:4c:6d:3e:f9:62:19:42:38:07:9b:7f:62:
         c4:a8:83:32:d7:84:e0:7c:7c:dc:c1:5d:d2:72:38:6d:37:df:
         18:b9:5d:32:4d:09:ff:5f:a3:07:2f:5a:31:7b:10:6a:04:15:
         7b:bd:f8:bd:3f:85:6b:c6:16:fb:ba:26:b3:15:d9:36:81:85:
         a1:99:6e:6e:bb:47:ae:52:1e:e7:41:ad:4f:cf:f5:b4:30:cd:
         03:49:3d:87:c2:cc:4e:43:cd:35:f6:de:38:1b:66:32:f2:1a:
         cd:63:38:14:9b:87:e0:cd:59:6f:b7:bb:d3:f6:26:c4:ad:c4:
         05:77:ea:11:b1:9f:73:ab:c1:57:f1:b1:3a:c5:19:53:65:8c:
         36:0a:13:c9:7e:a8:01:26:8b:73:86:ae:39:05:d8:ff:aa:8b:
         9b:dd:3d:f8:3f:e4:df:18:99:14:a6:08:84:fd:91:0f:d7:95:
         40:fe:ba:dd:38:f6:e5:ab:6a:cd:bf:c8:c4:fe:ad:12:a4:fa:
         6e:af:5f:da:66:e4:e8:29:7a:d3:93:e1:41:ee:6a:82:a4:75:
         a4:7c:42:6e:a7:ef:cc:42:d6:c3:fc:59:7a:66:9e:3a:32:40:
         68:97:f0:dc:7b:ab:39:74:b3:22:9e:69:6d:0e:77:f5:a3:6e:
         90:48:ca:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxMDgbSC1kMPk9cBwzYuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjUwNDE3MjIwMDQ0WhcNMjUwNDE4MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg4YjIyODg1ZDA0ZDg5YjA3NDAzNWY5YjVhOTM0ZTcxYzUyY2YyZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHthwiYploMr+8BHxS9/xLf2iLi0
sD68nbUwuEi/ORsQ+Rihh7AL1ucgkEm9ZkvQ4Q6S1tzvmTdSojAQqwldlBKtil7i
zl7K9xqDeGRZo9+NVhwLEPigiR4Yk0AOYrT5JHVnd+zRODdevJNOCBVvzsmb23YG
DMyY+hpl5xapX7/9m7H8u2U2yzAZ7FcyRm+kIVDFJMEjPI93GzEfEvY6p9jqsubh
gcm755XfM+3ryIw/dkHr1o1a4uoX69L80pYq/o3Q6fC3btXXxdxvdphsYwzXdLkU
wQTe4pguf/MOkryxmwSwpQBb8P31yeP5sHsx93qv99Gj1wRZCVU5NAKFWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsiiF0E2JsHQDX5tak05xxSzy8WMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGqMHGqn
TG0++WIZQjgHm39ixKiDMteE4Hx83MFd0nI4bTffGLldMk0J/1+jBy9aMXsQagQV
e734vT+Fa8YW+7omsxXZNoGFoZlubrtHrlIe50GtT8/1tDDNA0k9h8LMTkPNNfbe
OBtmMvIazWM4FJuH4M1Zb7e70/YmxK3EBXfqEbGfc6vBV/GxOsUZU2WMNgoTyX6o
ASaLc4auOQXY/6qLm909+D/k3xiZFKYIhP2RD9eVQP663Tj25atqzb/IxP6tEqT6
bq9f2mbk6Cl605PhQe5qgqR1pHxCbqfvzELWw/xZemaeOjJAaJfw3HurOXSzIp5p
bQ539aNukEjKcw==
-----END CERTIFICATE-----