Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          YGchRp+EIbhP3iKN32/e65qgAxDfwN4wCgfzBNBZ3Uc=
Subject key identifier:   F4:A3:99:EF:75:DD:29:F3:C9:F7:9C:42:5E:13:37:02:B2:89:08:B8
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       01974DE9DA0D306AB98AE471321CE00A9CD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          02E4
Signing time:             Sun 08 Jun 2025 05:01:00 +0000
Manifest this update:     Sun 08 Jun 2025 05:01:00 +0000
Manifest next update:     Mon 09 Jun 2025 05:01:00 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: EfDaPa7tFLYiGNrzZd9J/kg12nlwL15Mn7pJlnjASc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:e9:da:0d:30:6a:b9:8a:e4:71:32:1c:e0:0a:9c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Jun  8 05:01:00 2025 GMT
            Not After : Jun  9 05:01:00 2025 GMT
        Subject: CN=f4a399ef75dd29f3c9f79c425e133702b28908b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a6:88:88:80:49:de:4a:92:b4:3c:93:2d:a8:
                    d2:2b:98:91:b2:c3:35:f5:dc:3f:c9:45:14:2c:a3:
                    57:4b:19:27:f8:d1:ee:a8:87:e8:7b:94:ff:cf:8e:
                    af:b7:38:e8:50:3c:26:20:ef:c8:50:58:81:a4:e5:
                    b0:98:65:cb:67:0f:1e:5b:7d:e2:0b:58:52:ba:66:
                    0a:0f:c3:f3:ef:b4:2e:2a:ba:52:2e:fd:2a:61:c1:
                    35:e0:ae:24:3c:9c:82:a5:9c:ba:07:54:b3:17:f6:
                    fe:ee:e7:0e:a0:21:2e:15:5b:52:6b:6a:37:c3:7b:
                    4d:76:a6:40:46:a8:b4:e9:79:a9:32:01:a9:a3:8f:
                    fd:ee:e8:f6:2f:e4:e5:31:1b:6c:dc:b5:cd:26:41:
                    1b:b8:42:2e:ad:e8:db:c8:6d:36:de:0f:cc:2d:2c:
                    11:19:3d:78:8d:03:45:ae:d6:d4:31:83:43:c9:2c:
                    93:f8:a7:a7:54:c1:6c:29:d3:ff:97:17:98:f6:b1:
                    bf:69:1c:35:aa:9f:2e:ef:85:1c:e1:22:da:35:66:
                    cd:68:55:d8:5e:b6:86:0e:ef:35:ea:ec:8c:25:a4:
                    2d:0a:99:a4:da:c1:07:43:c5:03:07:38:4d:86:e7:
                    2d:42:7f:6f:cb:66:a4:88:fa:f4:88:46:8e:c7:38:
                    76:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A3:99:EF:75:DD:29:F3:C9:F7:9C:42:5E:13:37:02:B2:89:08:B8
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:50:5b:22:48:63:19:a1:4b:eb:fc:46:af:98:f7:37:c7:68:
         86:3c:6d:ad:a1:0f:e3:bc:ee:96:33:ed:90:24:cd:b0:fb:f0:
         60:16:50:e5:36:38:d5:4d:82:55:76:7a:c2:68:2f:d4:3f:6e:
         c1:3f:fe:a4:ff:06:15:89:11:0f:99:5e:95:63:b8:aa:27:8a:
         00:27:9a:85:68:27:e9:06:a1:fb:dd:6e:4e:ed:2b:c8:1c:37:
         d5:16:b1:a1:42:71:04:b9:70:b6:28:27:98:b1:11:08:a1:64:
         6b:4e:50:ea:d5:66:92:15:24:aa:ee:5a:c2:06:45:bb:ba:f6:
         72:b3:c3:45:ba:c6:b5:2c:cc:67:62:43:3f:77:bb:ee:10:c2:
         41:d3:00:7a:c2:a2:6b:94:5a:89:7a:b4:81:20:89:74:97:49:
         0e:95:f1:4c:ef:e2:bb:13:2e:32:30:64:76:7b:1c:9c:6c:b4:
         8c:62:2e:e3:2f:b2:62:68:24:dd:73:31:6d:61:96:74:80:e0:
         ed:4f:67:ed:55:2b:d4:fc:46:0a:69:0b:a8:72:f3:c1:38:f3:
         82:7d:98:3a:29:f3:e3:58:8d:ea:09:c4:05:7a:50:91:a4:2b:
         97:71:46:bf:98:a7:19:3b:e4:08:9d:33:96:34:8d:91:3b:2d:
         e1:b5:25:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdN6doNMGq5iuRxMhzgCpzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUwNjA4MDUwMTAwWhcNMjUwNjA5MDUwMTAwWjAzMTEwLwYDVQQD
EyhmNGEzOTllZjc1ZGQyOWYzYzlmNzljNDI1ZTEzMzcwMmIyODkwOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KaIiIBJ3kqStDyTLajSK5iRssM1
9dw/yUUULKNXSxkn+NHuqIfoe5T/z46vtzjoUDwmIO/IUFiBpOWwmGXLZw8eW33i
C1hSumYKD8Pz77QuKrpSLv0qYcE14K4kPJyCpZy6B1SzF/b+7ucOoCEuFVtSa2o3
w3tNdqZARqi06XmpMgGpo4/97uj2L+TlMRts3LXNJkEbuEIurejbyG023g/MLSwR
GT14jQNFrtbUMYNDySyT+KenVMFsKdP/lxeY9rG/aRw1qp8u74Uc4SLaNWbNaFXY
XraGDu816uyMJaQtCpmk2sEHQ8UDBzhNhuctQn9vy2akiPr0iEaOxzh28wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSjme913SnzyfecQl4TNwKyiQi4MB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVBbIkhj
GaFL6/xGr5j3N8dohjxtraEP47zuljPtkCTNsPvwYBZQ5TY41U2CVXZ6wmgv1D9u
wT/+pP8GFYkRD5lelWO4qieKACeahWgn6Qah+91uTu0ryBw31RaxoUJxBLlwtign
mLERCKFka05Q6tVmkhUkqu5awgZFu7r2crPDRbrGtSzMZ2JDP3e77hDCQdMAesKi
a5RaiXq0gSCJdJdJDpXxTO/iuxMuMjBkdnscnGy0jGIu4y+yYmgk3XMxbWGWdIDg
7U9n7VUr1PxGCmkLqHLzwTjzgn2YOinz41iN6gnEBXpQkaQrl3FGv5inGTvkCJ0z
ljSNkTst4bUlOg==
-----END CERTIFICATE-----