Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          jBOuK95aqpIT6yjK4D1ioJPe21ShGdZf/zuqxUw5NmQ=
Subject key identifier:   46:D9:70:A7:07:F3:D6:7E:66:71:06:90:F2:BF:BA:3C:CF:FF:0E:2C
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       019747B0FBB2996005F7FD3B3C5C389EB9DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          01DD
Signing time:             Sat 07 Jun 2025 00:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 00:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 00:01:10 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: CIj2Qte9ZxFAod460eMvw9R9z8jLeULZhA+86YizH6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:b0:fb:b2:99:60:05:f7:fd:3b:3c:5c:38:9e:b9:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Jun  7 00:01:10 2025 GMT
            Not After : Jun  8 00:01:10 2025 GMT
        Subject: CN=46d970a707f3d67e66710690f2bfba3ccfff0e2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a9:98:0f:2d:c3:74:ab:2f:37:e9:44:02:43:
                    9c:24:af:cf:96:68:c8:f3:39:f5:76:fa:5d:7a:7e:
                    56:c9:e4:59:ba:91:c4:63:c2:61:fc:da:b3:74:8f:
                    4b:47:e8:27:6d:db:f3:f1:a4:01:fd:5d:93:bd:d9:
                    fe:df:57:e5:50:8c:44:ff:e8:9b:68:b7:dc:dd:9e:
                    bd:34:f4:92:a8:25:5c:ce:d7:f6:32:39:1f:db:e7:
                    2c:1b:56:ab:a6:a6:3a:a9:ae:01:34:ae:41:1d:87:
                    22:1e:b1:a3:1a:83:2e:e1:c8:bf:cf:53:16:83:41:
                    a8:22:28:a1:72:fe:1e:ba:e2:7c:c7:12:78:d0:2d:
                    9d:ca:23:4a:37:84:64:e1:12:a7:34:a8:39:d2:c9:
                    7a:05:65:a0:c3:9a:27:1b:36:99:5b:66:4d:28:3d:
                    b8:3e:aa:f6:29:3d:fc:97:82:45:f1:b0:5d:4b:68:
                    4b:16:3f:88:da:ba:b1:c4:d6:44:5f:76:b9:a4:cf:
                    27:5c:c2:27:c5:27:20:40:fb:de:67:b5:b4:fe:54:
                    1d:91:03:69:fe:16:63:8a:82:b7:d9:d0:2b:c1:8f:
                    17:1d:1a:7a:6a:e3:f7:0a:4d:9f:56:82:68:8f:61:
                    6d:fe:47:f4:cf:18:7c:48:92:b2:d2:86:82:66:7d:
                    9b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D9:70:A7:07:F3:D6:7E:66:71:06:90:F2:BF:BA:3C:CF:FF:0E:2C
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:39:c0:d2:1b:80:07:b0:c8:58:64:2a:82:a5:3a:c8:1a:55:
         6e:93:4d:ac:7b:c6:8d:3b:1e:dd:c9:61:0f:e0:46:af:ce:b2:
         5d:26:1d:94:11:58:87:b0:73:7e:70:fa:e7:18:ec:e7:d3:e1:
         f5:eb:6b:17:fe:eb:af:cb:7b:66:61:c7:f6:f1:b4:29:4d:8e:
         ea:15:fb:f1:34:9d:5e:e0:26:7f:7d:1b:31:3f:c2:04:12:d6:
         ab:12:21:08:4c:eb:78:dd:19:1f:30:53:9f:77:e9:81:7d:10:
         3b:39:19:30:d6:be:d3:3a:39:ab:f7:79:cf:ae:11:f5:85:33:
         88:ff:e8:8c:da:26:7b:41:38:f2:31:87:69:4c:b9:24:2a:f5:
         62:3d:91:5e:2e:12:a1:54:1e:73:d6:52:0e:33:08:a6:ee:24:
         23:fa:cc:7e:f6:70:d7:86:66:9a:2e:b6:00:91:49:2a:6c:4d:
         75:c8:0c:30:39:38:7f:4c:0f:11:33:ac:30:6d:15:7e:e9:63:
         d4:29:6d:05:b9:4e:c5:3c:83:26:be:ef:5a:37:86:2e:d0:39:
         ee:7c:29:68:6c:c3:89:36:c2:1d:44:61:bb:ca:c2:a2:0a:85:
         63:40:78:76:43:0e:2e:c4:d5:62:e7:1a:24:80:97:b5:b7:94:
         44:10:32:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsPuymWAF9/07PFw4nrnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjUwNjA3MDAwMTEwWhcNMjUwNjA4MDAwMTEwWjAzMTEwLwYDVQQD
Eyg0NmQ5NzBhNzA3ZjNkNjdlNjY3MTA2OTBmMmJmYmEzY2NmZmYwZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6mYDy3DdKsvN+lEAkOcJK/PlmjI
8zn1dvpden5WyeRZupHEY8Jh/NqzdI9LR+gnbdvz8aQB/V2Tvdn+31flUIxE/+ib
aLfc3Z69NPSSqCVcztf2Mjkf2+csG1arpqY6qa4BNK5BHYciHrGjGoMu4ci/z1MW
g0GoIiihcv4euuJ8xxJ40C2dyiNKN4Rk4RKnNKg50sl6BWWgw5onGzaZW2ZNKD24
Pqr2KT38l4JF8bBdS2hLFj+I2rqxxNZEX3a5pM8nXMInxScgQPveZ7W0/lQdkQNp
/hZjioK32dArwY8XHRp6auP3Ck2fVoJoj2Ft/kf0zxh8SJKy0oaCZn2bkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbZcKcH89Z+ZnEGkPK/ujzP/w4sMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApjnA0huA
B7DIWGQqgqU6yBpVbpNNrHvGjTse3clhD+BGr86yXSYdlBFYh7BzfnD65xjs59Ph
9etrF/7rr8t7ZmHH9vG0KU2O6hX78TSdXuAmf30bMT/CBBLWqxIhCEzreN0ZHzBT
n3fpgX0QOzkZMNa+0zo5q/d5z64R9YUziP/ojNome0E48jGHaUy5JCr1Yj2RXi4S
oVQec9ZSDjMIpu4kI/rMfvZw14Zmmi62AJFJKmxNdcgMMDk4f0wPETOsMG0Vfulj
1CltBblOxTyDJr7vWjeGLtA57nwpaGzDiTbCHURhu8rCogqFY0B4dkMOLsTVYuca
JICXtbeURBAyrQ==
-----END CERTIFICATE-----