Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          AzhvYJCoTX/mW8DABeb8byJgpVEd4JlhuJIiiAkh1fU=
Subject key identifier:   F2:58:91:49:6D:FA:A1:44:97:8D:84:9F:8E:77:57:04:1C:73:FE:DE
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0197C9829E6AD8A0B8F1BB26C4E80A3FADB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0390
Signing time:             Wed 02 Jul 2025 05:01:09 +0000
Manifest this update:     Wed 02 Jul 2025 05:01:09 +0000
Manifest next update:     Thu 03 Jul 2025 05:01:09 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: CQu+WgL5rLTvzvwdfajjcmfiMlgmdxfze/PiXahyEAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 05:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:82:9e:6a:d8:a0:b8:f1:bb:26:c4:e8:0a:3f:ad:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Jul  2 05:01:09 2025 GMT
            Not After : Jul  3 05:01:09 2025 GMT
        Subject: CN=f25891496dfaa144978d849f8e7757041c73fede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1d:66:36:a2:de:7e:8c:ba:a2:d0:cd:48:a1:
                    fe:c8:e4:df:1b:79:c7:b9:49:d9:74:b9:35:c1:70:
                    26:68:65:93:95:f5:f1:c3:25:ab:8d:9a:82:ed:a2:
                    2a:12:92:60:5d:2a:e1:6f:33:bb:fb:3f:66:5e:7e:
                    c2:55:f5:35:c5:f1:30:36:bb:1e:2d:aa:b6:d4:d1:
                    48:53:ef:bc:f8:a2:a9:77:02:03:e1:33:5c:68:c2:
                    ef:72:6b:05:80:70:35:8d:bc:bf:db:9d:d9:15:f2:
                    6a:84:3d:75:94:a8:17:41:ac:75:48:0d:a0:34:89:
                    dc:be:67:f8:c7:8e:fd:d0:c1:33:bc:b4:4b:3b:41:
                    21:2f:bf:dc:11:f0:25:f8:7e:3f:0d:d2:93:47:a6:
                    db:b8:5c:f4:71:e5:a0:5c:e0:75:7f:40:7b:85:db:
                    aa:6a:5f:70:09:1f:ce:97:49:eb:a4:e1:92:bc:fe:
                    96:ef:fa:ba:11:43:bb:a0:28:fa:6a:22:1b:a6:af:
                    a6:37:b2:5a:91:e1:66:b1:96:f4:be:d2:f7:97:0b:
                    80:98:c6:b7:eb:f9:49:2a:71:e9:94:f4:5e:b0:fe:
                    ac:0d:cf:53:43:75:4d:c7:ec:3d:20:03:3e:93:97:
                    7b:ae:a1:24:4f:95:2c:fd:1c:ef:83:e4:12:22:0a:
                    6d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:58:91:49:6D:FA:A1:44:97:8D:84:9F:8E:77:57:04:1C:73:FE:DE
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f4:03:07:68:6e:85:2c:95:da:bd:2f:72:77:ae:dd:20:91:
         73:c3:25:10:63:86:bc:dd:8e:8a:6d:fe:7f:db:2c:ed:6a:e4:
         57:7d:17:28:63:1b:d5:b6:26:c9:3a:0e:a8:e8:05:38:cc:47:
         9d:36:e5:3d:03:41:a1:41:5d:7b:ca:a8:db:49:d1:58:30:53:
         35:0d:16:ce:71:30:30:ec:b3:c3:e1:35:28:c0:2e:2b:29:69:
         e1:07:a9:e7:a3:e1:5a:ab:e5:2c:1e:07:c5:78:4b:57:28:46:
         28:38:9f:66:4b:a6:bd:8d:a7:98:ca:0d:c6:9d:dd:5d:19:ea:
         98:96:10:15:b3:12:78:b2:d0:26:81:41:0c:a8:b7:6e:1f:16:
         0a:08:ca:51:79:bf:3c:52:82:7b:b5:35:af:cc:c4:9a:2e:f1:
         2f:1c:28:9b:5a:ee:a0:7d:3e:f1:03:ab:bc:99:98:70:38:ac:
         83:a8:c1:f1:f8:e7:51:3d:c8:61:a8:66:d4:68:9a:cc:03:c5:
         e0:d2:13:27:6e:ea:28:d8:44:b4:80:06:5d:ce:c2:90:c2:43:
         0d:28:e3:ff:dc:e0:bf:a8:e6:c2:ce:4d:db:36:4d:4a:5f:c5:
         9f:d5:fd:e4:41:1d:e9:56:7d:fd:9e:9a:89:58:5a:86:37:c5:
         6c:ea:d7:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJgp5q2KC48bsmxOgKP625MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwNzAyMDUwMTA5WhcNMjUwNzAzMDUwMTA5WjAzMTEwLwYDVQQD
EyhmMjU4OTE0OTZkZmFhMTQ0OTc4ZDg0OWY4ZTc3NTcwNDFjNzNmZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx1mNqLefoy6otDNSKH+yOTfG3nH
uUnZdLk1wXAmaGWTlfXxwyWrjZqC7aIqEpJgXSrhbzO7+z9mXn7CVfU1xfEwNrse
Laq21NFIU++8+KKpdwID4TNcaMLvcmsFgHA1jby/253ZFfJqhD11lKgXQax1SA2g
NIncvmf4x4790MEzvLRLO0EhL7/cEfAl+H4/DdKTR6bbuFz0ceWgXOB1f0B7hduq
al9wCR/Ol0nrpOGSvP6W7/q6EUO7oCj6aiIbpq+mN7JakeFmsZb0vtL3lwuAmMa3
6/lJKnHplPResP6sDc9TQ3VNx+w9IAM+k5d7rqEkT5Us/Rzvg+QSIgpt7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJYkUlt+qFEl42En453VwQcc/7eMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPQDB2hu
hSyV2r0vcneu3SCRc8MlEGOGvN2Oim3+f9ss7WrkV30XKGMb1bYmyToOqOgFOMxH
nTblPQNBoUFde8qo20nRWDBTNQ0WznEwMOyzw+E1KMAuKylp4Qep56PhWqvlLB4H
xXhLVyhGKDifZkumvY2nmMoNxp3dXRnqmJYQFbMSeLLQJoFBDKi3bh8WCgjKUXm/
PFKCe7U1r8zEmi7xLxwom1ruoH0+8QOrvJmYcDisg6jB8fjnUT3IYahm1GiazAPF
4NITJ27qKNhEtIAGXc7CkMJDDSjj/9zgv6jmws5N2zZNSl/Fn9X95EEd6VZ9/Z6a
iVhahjfFbOrXNw==
-----END CERTIFICATE-----