Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          43CuTyo185WVY8DuwrZ1eyVDC1OnhyIxVPVsOKIIvhM=
Subject key identifier:   5C:1A:5B:35:E3:AB:38:48:BE:11:CC:FB:36:AE:B5:15:AC:17:9A:D2
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       01964A0F80DA5FE07571FB8656C2C49506FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          14FA
Signing time:             Fri 18 Apr 2025 18:00:51 +0000
Manifest this update:     Fri 18 Apr 2025 18:00:51 +0000
Manifest next update:     Sat 19 Apr 2025 18:00:51 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: cgvk5JYdCT/lqoIEOaiee159pgdR5qhhH9UC6js07wI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 18:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:0f:80:da:5f:e0:75:71:fb:86:56:c2:c4:95:06:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Apr 18 18:00:51 2025 GMT
            Not After : Apr 19 18:00:51 2025 GMT
        Subject: CN=5c1a5b35e3ab3848be11ccfb36aeb515ac179ad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7a:ce:54:b6:b9:0c:94:e5:99:46:45:6d:4a:
                    c1:66:82:39:55:22:63:e1:59:cc:86:44:51:49:2a:
                    d0:48:35:32:6d:d7:85:0c:64:a0:72:8a:2c:4a:ea:
                    e4:a5:66:53:a3:16:f6:fa:a8:fe:32:b2:94:7f:2a:
                    53:e6:8b:6c:34:9e:6a:1d:c9:f4:77:b9:6b:6d:25:
                    98:5b:e0:ca:5c:a3:78:cc:02:a2:d6:ef:1a:95:d7:
                    7e:61:fe:db:83:fb:01:be:de:30:c4:d6:48:9e:4a:
                    fd:7e:75:34:1a:ee:12:85:91:e8:d3:f1:4f:92:ff:
                    27:71:3d:86:6c:49:11:64:49:26:c4:93:1f:b8:a0:
                    10:2c:39:5f:10:b8:0f:99:51:59:e6:06:7b:e6:0e:
                    db:30:6c:79:ca:32:d1:39:72:14:3e:2a:88:ac:33:
                    c9:67:2c:c4:18:90:38:ad:aa:29:51:83:92:c9:ab:
                    d7:ef:61:fc:d3:77:a1:d1:d4:64:61:79:fa:b4:d5:
                    ce:03:bb:ee:ea:da:19:b0:0f:f4:8b:d2:40:b0:2a:
                    9c:5e:10:2a:d6:fd:41:54:15:a6:87:b4:7d:f7:b7:
                    9f:7d:6a:1b:64:03:0e:97:87:24:be:40:01:ce:97:
                    ca:c2:f5:30:12:28:f7:e8:76:2a:eb:59:7d:e9:89:
                    85:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:1A:5B:35:E3:AB:38:48:BE:11:CC:FB:36:AE:B5:15:AC:17:9A:D2
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:25:b1:fb:7e:40:a7:ae:6a:70:ee:fa:f6:ca:a0:e9:bb:0b:
         99:20:d6:43:86:c9:c3:1c:9d:8b:a9:9d:62:3d:1e:b7:f2:c3:
         da:36:06:86:4b:9b:4e:96:db:aa:64:b5:a5:7e:77:31:cc:f4:
         12:41:02:9d:b2:cf:59:4b:ce:b0:40:c4:3f:52:98:2d:2f:10:
         d1:6b:16:7b:55:b9:ee:f6:ad:41:e3:6a:be:cb:f9:dc:62:01:
         96:31:1a:0e:bb:4d:3b:28:e4:9e:09:fc:a3:53:28:18:5b:16:
         b7:d1:81:f2:4a:3e:e5:90:6f:ec:de:80:f3:e8:b7:be:5b:3a:
         90:91:f2:23:65:05:06:aa:c7:1b:b9:2a:14:17:48:97:e9:28:
         65:03:8a:6f:72:57:1d:11:7c:4e:c5:1d:20:e3:64:1c:89:31:
         f3:e3:b1:46:0d:73:ef:6a:54:d4:63:63:16:da:22:d4:cd:cc:
         1c:bf:c6:7e:13:9c:92:ee:5d:1a:c6:a0:07:e1:e8:fb:bf:d2:
         b9:9d:d3:50:22:44:4b:48:8b:ef:9f:f3:86:28:b9:e6:2d:88:
         b6:c5:b2:17:8c:45:b5:f6:3a:32:d9:25:e7:09:e2:4c:71:e9:
         d0:ec:44:bc:6e:55:dd:b8:29:3f:7e:39:61:43:d6:03:10:b1:
         42:93:bc:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKD4DaX+B1cfuGVsLElQb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUwNDE4MTgwMDUxWhcNMjUwNDE5MTgwMDUxWjAzMTEwLwYDVQQD
Eyg1YzFhNWIzNWUzYWIzODQ4YmUxMWNjZmIzNmFlYjUxNWFjMTc5YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXrOVLa5DJTlmUZFbUrBZoI5VSJj
4VnMhkRRSSrQSDUybdeFDGSgcoosSurkpWZToxb2+qj+MrKUfypT5otsNJ5qHcn0
d7lrbSWYW+DKXKN4zAKi1u8aldd+Yf7bg/sBvt4wxNZInkr9fnU0Gu4ShZHo0/FP
kv8ncT2GbEkRZEkmxJMfuKAQLDlfELgPmVFZ5gZ75g7bMGx5yjLROXIUPiqIrDPJ
ZyzEGJA4raopUYOSyavX72H803eh0dRkYXn6tNXOA7vu6toZsA/0i9JAsCqcXhAq
1v1BVBWmh7R997effWobZAMOl4ckvkABzpfKwvUwEij36HYq61l96YmFIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwaWzXjqzhIvhHM+zautRWsF5rSMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALiWx+35A
p65qcO769sqg6bsLmSDWQ4bJwxydi6mdYj0et/LD2jYGhkubTpbbqmS1pX53Mcz0
EkECnbLPWUvOsEDEP1KYLS8Q0WsWe1W57vatQeNqvsv53GIBljEaDrtNOyjkngn8
o1MoGFsWt9GB8ko+5ZBv7N6A8+i3vls6kJHyI2UFBqrHG7kqFBdIl+koZQOKb3JX
HRF8TsUdIONkHIkx8+OxRg1z72pU1GNjFtoi1M3MHL/GfhOcku5dGsagB+Ho+7/S
uZ3TUCJES0iL75/zhii55i2ItsWyF4xFtfY6Mtkl5wniTHHp0OxEvG5V3bgpP345
YUPWAxCxQpO8KQ==
-----END CERTIFICATE-----