Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
File:                     4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft (raw, json)
Hash identifier:          6rd3H8FmvR5cf2XnlA0MrDKFcBdWesUv3/xDpBhxcn8=
Subject key identifier:   6F:53:2E:3D:DD:2A:14:49:0B:13:B2:22:23:E1:9F:EF:A2:F5:12:6F
Authority key identifier: E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89
Certificate issuer:       /CN=e039649faa8f9de3dae91be799a27e2ca6628789
Certificate serial:       0196553798DD56B7E74AC099F538E4E7C220
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 22:00:29 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:29 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:29 +0000
Files and hashes:         1: 4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl (hash: sQWeoTuJHAGfBEmPMakLHJ60lv3x5qR6MfWfFFRi/R4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:98:dd:56:b7:e7:4a:c0:99:f5:38:e4:e7:c2:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e039649faa8f9de3dae91be799a27e2ca6628789
        Validity
            Not Before: Apr 20 22:00:29 2025 GMT
            Not After : Apr 21 22:00:29 2025 GMT
        Subject: CN=6f532e3ddd2a14490b13b22223e19fefa2f5126f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:88:26:8f:59:03:c9:1c:42:1d:08:f7:0d:fd:
                    8d:7b:f8:a6:30:52:25:57:6b:8e:b2:94:17:ab:eb:
                    9b:13:da:db:e3:e4:7d:91:03:d6:f2:ad:a9:74:ed:
                    c9:8f:c3:c5:80:0b:12:72:cd:6b:2b:bd:01:a2:fa:
                    26:ac:dd:8d:1c:fe:c5:50:53:40:73:8f:15:c9:1e:
                    2b:c3:c1:f8:68:dd:bf:b0:b9:12:8a:39:70:9d:61:
                    cd:1b:1b:80:bc:4d:24:f5:ca:4c:97:8b:ec:34:cc:
                    72:5e:e9:2e:40:3f:30:21:ad:42:90:10:e3:9c:be:
                    d2:a6:7b:66:ff:de:cf:a6:fd:de:13:f7:37:ad:bf:
                    a4:68:9b:7d:f3:ff:6c:2e:8f:8e:85:65:98:9d:15:
                    ea:96:9d:07:4e:a6:a2:9d:8a:07:db:97:ef:e6:d3:
                    08:0d:2b:0f:4a:e8:a7:0e:eb:90:a2:78:4a:7e:3d:
                    93:c6:0a:8a:af:8a:9a:cb:18:aa:b3:72:09:fc:91:
                    84:85:ac:8d:ff:f2:0c:d4:44:5a:8a:34:a0:0c:d4:
                    46:23:fc:a8:39:b7:8e:9c:26:6c:ba:30:02:21:e1:
                    08:27:25:b2:4e:5c:d7:8f:e1:3f:51:ec:c9:e5:bc:
                    25:f5:ad:a4:d5:7f:6a:f9:c6:54:48:f3:c5:23:b0:
                    04:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:53:2E:3D:DD:2A:14:49:0B:13:B2:22:23:E1:9F:EF:A2:F5:12:6F
            X509v3 Authority Key Identifier:
                keyid:E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:e7:dc:1f:16:b1:5e:1c:dc:f9:d3:14:54:58:f8:fd:97:48:
         63:89:47:b9:6d:dc:ee:24:40:02:05:f7:e4:11:0a:0e:ca:39:
         69:27:fd:ec:b1:27:73:ad:8f:ec:8b:13:94:75:b3:6a:db:a4:
         28:e7:9d:c7:b6:1b:65:43:4a:96:16:cc:88:52:c9:87:48:bf:
         e0:bd:c3:68:6b:b1:a3:39:8e:4e:21:7f:b3:8f:95:f1:5c:ee:
         af:b6:47:e1:c3:d5:7a:c0:3c:7e:f6:a9:4f:6d:72:3d:57:59:
         13:80:08:96:d6:6a:ba:9d:c6:9b:f3:8f:35:7e:8b:b4:28:05:
         68:e8:a9:c5:39:77:80:87:91:da:a0:92:49:d3:1a:55:e0:7b:
         a6:5f:7d:b9:af:fb:a1:1c:db:1a:9a:3f:0b:bc:a2:75:ac:8c:
         48:5c:1c:72:d5:8e:fb:ab:45:d7:c9:7b:45:85:c0:1e:86:4a:
         4f:42:6e:cc:51:e3:54:7d:82:8a:7f:83:fc:62:a7:da:a2:91:
         61:69:ff:b2:29:a5:d2:14:f2:3a:43:3c:a6:f0:a8:d0:b1:ce:
         4a:0f:23:61:8e:17:81:a8:c8:32:bc:8b:2d:1e:b6:8f:1f:08:
         7b:a5:45:d6:18:6e:0f:8e:27:1d:d5:b5:c7:9b:08:bc:23:67:
         ef:b3:a1:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN5jdVrfnSsCZ9Tjk58IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMzk2NDlmYWE4ZjlkZTNkYWU5MWJlNzk5YTI3ZTJjYTY2
Mjg3ODkwHhcNMjUwNDIwMjIwMDI5WhcNMjUwNDIxMjIwMDI5WjAzMTEwLwYDVQQD
Eyg2ZjUzMmUzZGRkMmExNDQ5MGIxM2IyMjIyM2UxOWZlZmEyZjUxMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYgmj1kDyRxCHQj3Df2Ne/imMFIl
V2uOspQXq+ubE9rb4+R9kQPW8q2pdO3Jj8PFgAsScs1rK70BovomrN2NHP7FUFNA
c48VyR4rw8H4aN2/sLkSijlwnWHNGxuAvE0k9cpMl4vsNMxyXukuQD8wIa1CkBDj
nL7Spntm/97Ppv3eE/c3rb+kaJt98/9sLo+OhWWYnRXqlp0HTqainYoH25fv5tMI
DSsPSuinDuuQonhKfj2TxgqKr4qayxiqs3IJ/JGEhayN//IM1ERaijSgDNRGI/yo
ObeOnCZsujACIeEIJyWyTlzXj+E/UezJ5bwl9a2k1X9q+cZUSPPFI7AELwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9TLj3dKhRJCxOyIiPhn++i9RJvMB8GA1UdIwQY
MBaAFOA5ZJ+qj53j2ukb55mifiymYoeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgt
ZDc2NzhhMDc4N2QxLzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgtZDc2NzhhMDc4N2Qx
LzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOfcHxax
Xhzc+dMUVFj4/ZdIY4lHuW3c7iRAAgX35BEKDso5aSf97LEnc62P7IsTlHWzatuk
KOedx7YbZUNKlhbMiFLJh0i/4L3DaGuxozmOTiF/s4+V8Vzur7ZH4cPVesA8fvap
T21yPVdZE4AIltZqup3Gm/OPNX6LtCgFaOipxTl3gIeR2qCSSdMaVeB7pl99ua/7
oRzbGpo/C7yidayMSFwcctWO+6tF18l7RYXAHoZKT0JuzFHjVH2Cin+D/GKn2qKR
YWn/siml0hTyOkM8pvCo0LHOSg8jYY4XgajIMryLLR62jx8Ie6VF1hhuD44nHdW1
x5sIvCNn77Ohig==
-----END CERTIFICATE-----