Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          wYnSurEaqLuc0EIpwmo743PeERe22WqMjb4mB5nkpb8=
Subject key identifier:   B5:72:B7:97:FF:FD:4D:8E:2E:5C:89:1A:26:FA:0C:1A:E5:13:BB:86
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       01963F8B83907A2FC3CB05DA4C954A9A5E6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          03CC
Signing time:             Wed 16 Apr 2025 17:00:29 +0000
Manifest this update:     Wed 16 Apr 2025 17:00:29 +0000
Manifest next update:     Thu 17 Apr 2025 17:00:29 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: OkkIcvJnJUPSxv9AxFvCR176XmFWaOhtQF43hEhdVMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:8b:83:90:7a:2f:c3:cb:05:da:4c:95:4a:9a:5e:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Apr 16 17:00:29 2025 GMT
            Not After : Apr 17 17:00:29 2025 GMT
        Subject: CN=b572b797fffd4d8e2e5c891a26fa0c1ae513bb86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:eb:7e:f7:17:20:c0:06:5c:ae:31:41:4b:9f:
                    b5:2d:53:f8:b7:c3:ee:b5:cb:03:8c:a3:7e:ba:6a:
                    14:cf:42:3e:9b:a3:33:b8:e1:49:2e:cd:8b:be:bd:
                    5d:a4:4d:f8:7b:09:2f:34:8f:d3:41:4b:d6:2d:c6:
                    9a:df:ac:0f:3b:e8:f7:ec:b3:ce:10:ce:bc:7d:11:
                    ef:d1:53:48:42:ea:ed:b3:b8:59:89:c4:84:45:c7:
                    2f:69:ce:d9:6e:29:1a:7c:f7:cd:c8:4a:34:05:63:
                    21:b1:fe:3d:18:ce:70:b0:5b:26:61:86:1e:b3:4a:
                    30:ec:3a:77:b5:5b:96:39:ec:8b:14:04:1f:f3:ce:
                    25:d8:98:9e:13:db:89:02:2a:13:69:9a:02:10:34:
                    fc:20:df:c1:f6:58:49:cc:e7:e9:7c:f7:66:08:8d:
                    1f:03:85:58:59:7b:ae:d6:ad:27:f5:fb:60:90:35:
                    41:fc:f7:a8:47:a0:6f:4b:e5:cb:3f:dc:de:e9:f2:
                    44:28:5f:fc:7b:a3:93:27:e0:df:27:80:2d:8d:77:
                    36:95:ff:de:2d:2b:fd:34:ec:7f:77:2a:98:66:0d:
                    69:59:6f:b7:a0:13:a0:02:80:e3:1d:41:0f:aa:9c:
                    64:8c:80:00:2c:37:18:b9:87:5a:d6:c9:14:83:6c:
                    b1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:72:B7:97:FF:FD:4D:8E:2E:5C:89:1A:26:FA:0C:1A:E5:13:BB:86
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:07:d9:29:0c:ef:05:24:6f:f0:19:de:f5:9b:34:e4:ea:48:
         eb:62:27:0c:9d:9b:39:5a:99:60:1a:d6:2d:4a:62:83:85:d9:
         17:4e:3b:96:4a:dc:dc:41:ab:c6:f4:df:53:f6:18:16:0e:f5:
         fb:c2:a2:b7:d9:38:1f:89:6d:1e:88:df:b0:bc:8d:80:3d:59:
         5e:b0:f0:2d:84:88:72:fa:3e:b2:b6:f8:66:d4:74:ff:c5:25:
         16:b1:4a:8b:36:18:b9:c4:1e:91:e3:5a:a3:8e:28:8e:5b:ab:
         7f:45:76:a1:c1:94:a0:79:9c:f5:93:7d:7b:31:f6:fd:d4:f1:
         b5:71:e0:46:03:24:a4:41:d2:89:5f:b1:b1:df:f8:8e:47:7c:
         b3:13:12:ae:2e:35:7e:38:c6:94:7d:5c:7a:8c:38:c9:aa:3f:
         be:09:f7:2d:07:99:1d:ab:04:3c:c1:2f:68:d5:5a:fd:1e:89:
         9f:67:31:76:cb:40:e9:fb:c5:dc:84:1f:f7:3d:be:74:87:87:
         ec:b7:9a:9d:e3:7a:98:7c:ff:51:7e:db:88:75:7c:c3:3b:a1:
         c1:b7:2b:f5:c8:96:bc:a3:22:81:bb:30:93:0e:88:26:6b:e4:
         3a:40:e6:5a:a8:7e:c6:8a:b8:83:77:92:af:f8:f1:34:5e:f5:
         79:21:23:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/i4OQei/DywXaTJVKml5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwNDE2MTcwMDI5WhcNMjUwNDE3MTcwMDI5WjAzMTEwLwYDVQQD
EyhiNTcyYjc5N2ZmZmQ0ZDhlMmU1Yzg5MWEyNmZhMGMxYWU1MTNiYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOt+9xcgwAZcrjFBS5+1LVP4t8Pu
tcsDjKN+umoUz0I+m6MzuOFJLs2Lvr1dpE34ewkvNI/TQUvWLcaa36wPO+j37LPO
EM68fRHv0VNIQurts7hZicSERccvac7ZbikafPfNyEo0BWMhsf49GM5wsFsmYYYe
s0ow7Dp3tVuWOeyLFAQf884l2JieE9uJAioTaZoCEDT8IN/B9lhJzOfpfPdmCI0f
A4VYWXuu1q0n9ftgkDVB/PeoR6BvS+XLP9ze6fJEKF/8e6OTJ+DfJ4AtjXc2lf/e
LSv9NOx/dyqYZg1pWW+3oBOgAoDjHUEPqpxkjIAALDcYuYda1skUg2yxPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVyt5f//U2OLlyJGib6DBrlE7uGMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwfZKQzv
BSRv8Bne9Zs05OpI62InDJ2bOVqZYBrWLUpig4XZF047lkrc3EGrxvTfU/YYFg71
+8Kit9k4H4ltHojfsLyNgD1ZXrDwLYSIcvo+srb4ZtR0/8UlFrFKizYYucQekeNa
o44ojlurf0V2ocGUoHmc9ZN9ezH2/dTxtXHgRgMkpEHSiV+xsd/4jkd8sxMSri41
fjjGlH1ceow4yao/vgn3LQeZHasEPMEvaNVa/R6Jn2cxdstA6fvF3IQf9z2+dIeH
7LeaneN6mHz/UX7biHV8wzuhwbcr9ciWvKMigbswkw6IJmvkOkDmWqh+xoq4g3eS
r/jxNF71eSEj7w==
-----END CERTIFICATE-----