Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          KemFOUCznhWbd/nnDWWg7jJqLpV1AlliSPuKVFnw0og=
Subject key identifier:   67:9D:8F:CC:BC:87:C7:21:E7:C7:5F:75:43:6E:81:87:E5:74:0F:30
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       01974AE83E5062A83555004745245316DDC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          157F
Signing time:             Sat 07 Jun 2025 15:00:23 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:23 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:23 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: OIqEP/PiSbEG5eC5T6W3Eoeew9mxMUNeANxnhCHuTL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:3e:50:62:a8:35:55:00:47:45:24:53:16:dd:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Jun  7 15:00:23 2025 GMT
            Not After : Jun  8 15:00:23 2025 GMT
        Subject: CN=679d8fccbc87c721e7c75f75436e8187e5740f30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0e:1d:70:d9:7b:be:ee:97:bd:bf:6f:25:25:
                    42:1c:1c:08:b7:2f:bf:44:f5:5b:d0:3b:4c:d3:5a:
                    63:7c:6a:9d:cb:c7:87:73:36:28:96:de:75:e1:dd:
                    5d:e5:f7:f4:c4:b7:10:7d:fa:6a:0b:db:4e:49:32:
                    0c:3b:5f:dd:8b:82:2b:da:78:44:b8:02:55:f8:9d:
                    34:f6:3b:ab:8a:9e:9a:56:1a:0c:d2:54:9f:dc:b3:
                    90:7c:dc:24:2f:c6:b2:f5:18:0f:4f:b5:08:04:85:
                    38:03:ac:46:26:cb:54:5c:52:b8:7b:cd:2a:c3:3f:
                    52:87:24:c8:a4:7e:ce:c6:6b:fd:98:8e:02:c1:f1:
                    1c:3f:ab:b9:47:51:38:19:fc:f2:21:4a:53:b2:c2:
                    18:53:8a:50:a7:c1:77:d6:8e:6d:04:66:83:da:b0:
                    14:f0:a6:d0:3f:d2:02:0a:f7:20:90:6d:6b:0a:1c:
                    1a:ee:64:be:c4:bc:75:4a:ac:16:ab:cc:c5:0d:6f:
                    34:27:fd:48:4f:12:6b:db:b7:aa:83:6f:61:ea:62:
                    0a:80:e6:c4:16:d4:0b:bd:00:6a:cc:b3:4c:a1:76:
                    5c:5c:51:fb:e7:58:6a:45:dc:53:c2:37:ec:d2:26:
                    ab:a7:31:39:fd:25:ac:a1:74:5f:e0:fb:48:59:96:
                    f5:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:9D:8F:CC:BC:87:C7:21:E7:C7:5F:75:43:6E:81:87:E5:74:0F:30
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:f2:df:54:bd:43:e5:72:87:c4:2e:d0:6a:29:74:f8:59:0a:
         d4:57:54:9f:63:50:5b:43:c9:1b:c7:52:2b:ce:49:2a:ce:7a:
         60:5d:58:57:8d:cd:c1:88:ab:ae:0a:a1:9f:64:21:fd:76:7f:
         3b:6d:0d:06:11:5e:cd:96:35:11:6f:ee:eb:76:01:a1:5b:bb:
         4a:a1:89:a5:0b:20:96:ee:38:eb:04:b2:47:7f:4e:55:76:58:
         31:9e:35:7a:ae:cd:74:99:b5:d5:38:0f:8a:4d:f1:93:4f:e6:
         6d:8e:ed:c6:6c:bf:b0:bc:73:89:a2:90:1f:80:4f:e1:dc:6a:
         49:7a:8d:43:83:16:5b:b8:56:c2:88:a4:5f:24:c3:85:29:98:
         15:d2:ea:f4:bb:79:a7:d8:c6:c1:49:f6:fb:55:fc:7b:8e:89:
         19:2a:84:22:b7:0c:81:ea:20:13:9a:29:a6:5d:00:ae:9a:2f:
         eb:78:1b:45:95:37:c7:f4:93:66:be:55:9a:d7:ef:a8:f2:c7:
         b0:71:8c:1d:01:c3:5f:02:47:dc:37:4b:85:08:31:b1:7a:4d:
         79:bf:56:17:7a:ca:15:d3:bd:76:2b:fd:8b:a8:f7:a2:ac:21:
         9a:d1:95:6d:4e:dc:25:37:1f:14:d0:ab:a0:01:1d:b5:f2:ac:
         be:e5:5f:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6D5QYqg1VQBHRSRTFt3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUwNjA3MTUwMDIzWhcNMjUwNjA4MTUwMDIzWjAzMTEwLwYDVQQD
Eyg2NzlkOGZjY2JjODdjNzIxZTdjNzVmNzU0MzZlODE4N2U1NzQwZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ4dcNl7vu6Xvb9vJSVCHBwIty+/
RPVb0DtM01pjfGqdy8eHczYolt514d1d5ff0xLcQffpqC9tOSTIMO1/di4Ir2nhE
uAJV+J009jurip6aVhoM0lSf3LOQfNwkL8ay9RgPT7UIBIU4A6xGJstUXFK4e80q
wz9ShyTIpH7Oxmv9mI4CwfEcP6u5R1E4GfzyIUpTssIYU4pQp8F31o5tBGaD2rAU
8KbQP9ICCvcgkG1rChwa7mS+xLx1SqwWq8zFDW80J/1ITxJr27eqg29h6mIKgObE
FtQLvQBqzLNMoXZcXFH751hqRdxTwjfs0iarpzE5/SWsoXRf4PtIWZb1mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGedj8y8h8ch58dfdUNugYfldA8wMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPLfVL1D
5XKHxC7Qail0+FkK1FdUn2NQW0PJG8dSK85JKs56YF1YV43NwYirrgqhn2Qh/XZ/
O20NBhFezZY1EW/u63YBoVu7SqGJpQsglu446wSyR39OVXZYMZ41eq7NdJm11TgP
ik3xk0/mbY7txmy/sLxziaKQH4BP4dxqSXqNQ4MWW7hWwoikXyTDhSmYFdLq9Lt5
p9jGwUn2+1X8e46JGSqEIrcMgeogE5oppl0Arpov63gbRZU3x/STZr5VmtfvqPLH
sHGMHQHDXwJH3DdLhQgxsXpNeb9WF3rKFdO9div9i6j3oqwhmtGVbU7cJTcfFNCr
oAEdtfKsvuVf0g==
-----END CERTIFICATE-----