Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
File:                     pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json)
Hash identifier:          U60xAYTyh5Ib+8ZoMXVdzWmRSlLeoWVs17B1jJT22k0=
Subject key identifier:   E8:E5:B1:A4:8E:03:71:65:E7:64:5D:06:B8:FB:1F:22:9A:99:32:4D
Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D
Certificate issuer:       /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
Certificate serial:       0197469EA4CD61F48FEF05BEFA0F1D21A0B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
Manifest number:          0E1F
Signing time:             Fri 06 Jun 2025 19:01:31 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:31 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:31 +0000
Files and hashes:         1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: f41Ny5Ox4K/rJH4TET8Ia9p7251iRJiUFvUpgDVvh2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:a4:cd:61:f4:8f:ef:05:be:fa:0f:1d:21:a0:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
        Validity
            Not Before: Jun  6 19:01:31 2025 GMT
            Not After : Jun  7 19:01:31 2025 GMT
        Subject: CN=e8e5b1a48e037165e7645d06b8fb1f229a99324d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:76:76:75:d3:86:ba:c0:c5:7f:df:29:0a:eb:
                    f1:01:ee:70:84:5a:9b:90:bf:04:7a:5c:2c:35:6c:
                    ad:f4:e3:bd:f5:87:08:30:44:ff:d1:14:59:3a:7b:
                    ef:0a:9a:2e:12:14:5c:e1:c1:a7:4f:6c:4b:7f:af:
                    10:96:f6:33:d1:3e:90:69:fd:a4:39:ce:9a:a9:1f:
                    e8:28:90:c7:a1:51:0b:f6:0c:2b:22:74:42:ce:d3:
                    86:1d:ea:7f:d4:95:e4:08:1e:b6:86:01:df:61:84:
                    7f:80:d8:08:ad:b7:e2:3b:91:0d:75:46:e2:f7:49:
                    0a:25:3f:16:85:6a:82:67:9f:f3:62:f4:34:2e:d1:
                    6b:b0:ea:56:91:75:62:44:40:6a:8e:83:58:a3:fc:
                    30:c3:fd:4b:81:9d:e8:80:49:f1:7b:52:7f:9f:fc:
                    4d:fa:ce:36:0e:4c:ee:b3:46:35:26:30:f7:94:14:
                    85:a5:22:19:d9:95:1a:a7:d4:f4:a9:31:57:ef:5a:
                    28:37:7d:8b:59:22:0b:85:72:0c:8a:fe:46:dd:77:
                    54:4c:36:c6:64:38:6b:c8:e0:0c:72:72:5c:29:54:
                    79:99:41:1a:7f:94:42:ae:5d:04:06:3a:dd:1f:ac:
                    df:8a:72:92:dc:9e:7c:3e:e7:1b:8b:56:36:59:9d:
                    d7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E5:B1:A4:8E:03:71:65:E7:64:5D:06:B8:FB:1F:22:9A:99:32:4D
            X509v3 Authority Key Identifier:
                keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:d8:08:fe:80:66:04:ff:9d:f3:39:35:9e:5f:ad:e6:8f:16:
         70:e9:6e:4b:18:91:d3:e9:fe:5d:1f:58:8e:e5:79:65:f5:14:
         77:de:a2:32:c2:be:92:cd:94:05:99:ed:76:d9:67:59:32:fe:
         e4:ac:6a:8b:c4:55:aa:81:05:dd:03:0f:53:d1:6d:e1:b6:1a:
         6e:3e:a7:5c:12:33:7c:b6:0a:51:cf:77:39:37:b0:37:34:b5:
         74:07:a4:1e:e1:48:6f:9a:12:fe:dc:64:22:47:94:5d:7b:ba:
         b1:2b:7c:da:a7:a7:0b:f7:0b:4d:4b:c6:f2:34:47:58:13:f4:
         e9:f8:b6:64:c7:a6:e2:32:b1:43:91:e7:f8:9b:47:57:c2:03:
         8c:86:3d:a3:6c:11:3e:45:91:48:34:df:eb:04:72:32:10:b9:
         4e:e5:a6:ce:4c:c2:84:a6:2f:dc:03:a6:38:61:fe:35:86:2a:
         c2:b8:f7:dc:86:d6:6e:36:dd:1f:b9:78:fb:f7:a0:58:24:a5:
         ca:e6:a4:c4:1d:b4:4e:5f:44:48:ae:cf:70:ac:f3:a1:60:45:
         fb:41:59:3a:23:2e:ca:f4:8b:47:b2:94:81:11:e2:ab:5a:b7:
         42:7b:0b:aa:90:f5:94:9d:78:02:b8:56:e5:33:c5:be:58:24:
         fa:93:59:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnqTNYfSP7wW++g8dIaC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0
YzhiM2QwHhcNMjUwNjA2MTkwMTMxWhcNMjUwNjA3MTkwMTMxWjAzMTEwLwYDVQQD
EyhlOGU1YjFhNDhlMDM3MTY1ZTc2NDVkMDZiOGZiMWYyMjlhOTkzMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXZ2ddOGusDFf98pCuvxAe5whFqb
kL8EelwsNWyt9OO99YcIMET/0RRZOnvvCpouEhRc4cGnT2xLf68QlvYz0T6Qaf2k
Oc6aqR/oKJDHoVEL9gwrInRCztOGHep/1JXkCB62hgHfYYR/gNgIrbfiO5ENdUbi
90kKJT8WhWqCZ5/zYvQ0LtFrsOpWkXViREBqjoNYo/www/1LgZ3ogEnxe1J/n/xN
+s42Dkzus0Y1JjD3lBSFpSIZ2ZUap9T0qTFX71ooN32LWSILhXIMiv5G3XdUTDbG
ZDhryOAMcnJcKVR5mUEaf5RCrl0EBjrdH6zfinKS3J58Pucbi1Y2WZ3X4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjlsaSOA3Fl52RdBrj7HyKamTJNMB8GA1UdIwQY
MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt
NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2
LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXNgI/oBm
BP+d8zk1nl+t5o8WcOluSxiR0+n+XR9YjuV5ZfUUd96iMsK+ks2UBZntdtlnWTL+
5Kxqi8RVqoEF3QMPU9Ft4bYabj6nXBIzfLYKUc93OTewNzS1dAekHuFIb5oS/txk
IkeUXXu6sSt82qenC/cLTUvG8jRHWBP06fi2ZMem4jKxQ5Hn+JtHV8IDjIY9o2wR
PkWRSDTf6wRyMhC5TuWmzkzChKYv3AOmOGH+NYYqwrj33IbWbjbdH7l4+/egWCSl
yuakxB20Tl9ESK7PcKzzoWBF+0FZOiMuyvSLR7KUgRHiq1q3QnsLqpD1lJ14ArhW
5TPFvlgk+pNZ/A==
-----END CERTIFICATE-----