Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          kSM8FEHBGMBIzKVFiv47VIbrLkXXp42Eb+XCkd4VmoU=
Subject key identifier:   2D:12:29:79:D8:EF:80:0F:AA:1B:D9:19:D0:D7:19:46:67:86:6E:87
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019659144854932237A5E9B459D31069EC11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0A4A
Signing time:             Mon 21 Apr 2025 16:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 16:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 16:00:23 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: a0EZx9S9t5m5wATijmVctZGak4bJczLf6BgBo2ehGH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:14:48:54:93:22:37:a5:e9:b4:59:d3:10:69:ec:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Apr 21 16:00:23 2025 GMT
            Not After : Apr 22 16:00:23 2025 GMT
        Subject: CN=2d122979d8ef800faa1bd919d0d7194667866e87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:34:33:f8:30:5f:62:1a:a9:4c:d6:53:4b:8b:
                    3e:ae:e4:42:8a:50:06:10:c6:be:0b:78:59:8e:67:
                    45:17:87:ec:a3:68:f9:cc:06:1f:da:7d:6c:39:9b:
                    ea:9f:9c:f5:cc:0d:e8:b9:03:5c:87:a8:f5:db:63:
                    2d:1a:18:ec:3f:27:21:6f:83:2c:88:db:d0:1b:ff:
                    47:cb:c1:e2:16:cd:d0:79:ba:63:c9:cc:12:06:92:
                    96:eb:11:91:f7:34:ab:c9:f9:c9:e9:39:83:14:c9:
                    7f:d7:88:8c:bc:0b:6e:32:c1:03:f1:7c:ac:0f:77:
                    fe:1a:ee:01:1f:48:59:ce:2d:8c:9d:6b:f5:7c:66:
                    7c:83:f1:e4:f2:80:18:af:df:87:51:b8:64:99:0c:
                    82:d7:31:af:c0:b1:d0:8f:01:02:ab:ae:66:bb:70:
                    cd:06:53:44:38:54:1a:2a:d6:a0:0e:cf:4c:78:fd:
                    52:13:ec:fb:d3:4b:a2:f1:ec:65:e3:e5:3f:ee:b6:
                    a7:55:b7:37:9c:7b:c4:08:27:5f:f6:03:bf:38:d5:
                    59:1b:d0:8f:e4:d9:bb:70:6e:40:64:f6:5e:2a:49:
                    30:4b:a0:8f:a8:89:02:fa:41:26:a2:10:cb:c3:f4:
                    e9:a7:9d:16:31:5d:11:a9:96:79:7c:8a:99:20:6b:
                    c5:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:12:29:79:D8:EF:80:0F:AA:1B:D9:19:D0:D7:19:46:67:86:6E:87
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:3d:c2:12:9c:1e:e4:fd:a8:8c:1b:f6:06:ee:72:c9:c7:5a:
         3f:a8:8d:91:bc:bf:97:5f:e0:da:a3:56:d7:3c:9f:61:08:71:
         6c:6e:ae:e3:53:c6:45:5a:45:68:ff:73:be:3c:c6:1a:f8:34:
         70:23:55:b9:ab:e2:af:ec:67:8f:59:e2:5b:62:60:a9:bb:01:
         08:84:09:d8:84:e0:9c:3e:21:25:16:71:84:35:25:25:1e:3d:
         0c:1d:9c:44:d8:a8:8f:be:c4:d2:a6:30:20:b8:e5:e7:10:f0:
         64:e7:6e:22:e5:63:6c:f5:e2:0e:e1:21:28:cd:70:2b:e1:ec:
         f4:91:3b:96:10:4c:4a:6f:c0:e1:b4:02:de:21:e7:0b:ad:48:
         5c:6f:13:b6:52:71:05:e2:ca:ed:22:e0:34:67:67:22:60:a7:
         6f:8d:ac:3c:88:90:5a:70:62:86:96:8b:ed:30:a5:7f:ea:41:
         0c:9d:d1:d4:e4:a6:cd:4e:cb:64:5c:4c:b3:88:43:36:12:43:
         5a:2b:7e:3e:ee:f3:f5:90:05:84:29:5e:1e:a0:ca:58:8b:ce:
         f7:8d:55:e7:24:20:2a:74:c0:7f:81:f6:44:09:ad:7d:d9:a2:
         98:ae:9e:79:b1:94:93:6a:00:21:0f:52:e0:21:b6:b8:f5:32:
         c0:65:62:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZFEhUkyI3pem0WdMQaewRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwNDIxMTYwMDIzWhcNMjUwNDIyMTYwMDIzWjAzMTEwLwYDVQQD
EygyZDEyMjk3OWQ4ZWY4MDBmYWExYmQ5MTlkMGQ3MTk0NjY3ODY2ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDQz+DBfYhqpTNZTS4s+ruRCilAG
EMa+C3hZjmdFF4fso2j5zAYf2n1sOZvqn5z1zA3ouQNch6j122MtGhjsPychb4Ms
iNvQG/9Hy8HiFs3QebpjycwSBpKW6xGR9zSryfnJ6TmDFMl/14iMvAtuMsED8Xys
D3f+Gu4BH0hZzi2MnWv1fGZ8g/Hk8oAYr9+HUbhkmQyC1zGvwLHQjwECq65mu3DN
BlNEOFQaKtagDs9MeP1SE+z700ui8exl4+U/7ranVbc3nHvECCdf9gO/ONVZG9CP
5Nm7cG5AZPZeKkkwS6CPqIkC+kEmohDLw/Tpp50WMV0RqZZ5fIqZIGvFlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0SKXnY74APqhvZGdDXGUZnhm6HMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqj3CEpwe
5P2ojBv2Bu5yycdaP6iNkby/l1/g2qNW1zyfYQhxbG6u41PGRVpFaP9zvjzGGvg0
cCNVuavir+xnj1niW2JgqbsBCIQJ2ITgnD4hJRZxhDUlJR49DB2cRNioj77E0qYw
ILjl5xDwZOduIuVjbPXiDuEhKM1wK+Hs9JE7lhBMSm/A4bQC3iHnC61IXG8TtlJx
BeLK7SLgNGdnImCnb42sPIiQWnBihpaL7TClf+pBDJ3R1OSmzU7LZFxMs4hDNhJD
Wit+Pu7z9ZAFhCleHqDKWIvO941V5yQgKnTAf4H2RAmtfdmimK6eebGUk2oAIQ9S
4CG2uPUywGViQA==
-----END CERTIFICATE-----