Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          /GUigM7Y5zU7/97+A7vOj+pgbjvjNdPcwbQT8EF23Y0=
Subject key identifier:   14:9D:27:B5:0F:53:57:D0:8C:8C:EB:91:AE:48:80:2C:21:7B:61:E9
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019750B3D86E3059AB08912385112F394636
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0EA9
Signing time:             Sun 08 Jun 2025 18:00:52 +0000
Manifest this update:     Sun 08 Jun 2025 18:00:52 +0000
Manifest next update:     Mon 09 Jun 2025 18:00:52 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: PexJXGlkqsVPxxnSaQau4h8F6Y+N7ZvmKIZCdgRutn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b3:d8:6e:30:59:ab:08:91:23:85:11:2f:39:46:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Jun  8 18:00:52 2025 GMT
            Not After : Jun  9 18:00:52 2025 GMT
        Subject: CN=149d27b50f5357d08c8ceb91ae48802c217b61e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:d5:0a:15:6d:92:d1:52:38:4e:79:0d:15:35:
                    11:1c:92:de:4f:ff:01:64:fd:fc:e7:48:ab:c0:d1:
                    b8:2e:85:0e:b5:6c:0f:7b:48:78:2d:d7:24:6b:86:
                    d7:b0:85:d8:b4:f3:96:0a:e5:36:13:1e:e1:03:a7:
                    3b:43:23:9c:8b:94:25:93:b5:fe:e9:5c:dd:5d:06:
                    a3:4f:b6:7c:7d:59:07:1f:87:90:f5:e7:73:56:81:
                    42:c0:a8:1b:59:52:67:1c:1f:b6:1c:a6:f6:73:36:
                    38:0d:be:4c:a0:b4:b7:7e:be:ef:00:6a:98:2c:77:
                    35:52:2b:b0:f3:9a:4d:96:48:a2:e4:e1:a1:42:2c:
                    0d:d0:dc:f2:e1:f3:91:83:0d:62:cc:21:9f:92:9a:
                    93:03:bf:cf:be:15:fe:fe:5f:1e:99:b8:83:1c:b5:
                    11:6c:55:de:bd:7a:0c:93:9b:12:c5:9b:8b:cc:ef:
                    c7:37:b8:30:de:3a:74:52:a6:42:d0:1c:62:84:91:
                    ed:47:98:a4:c8:7b:3f:8d:90:d4:02:69:87:2a:27:
                    a4:af:75:7f:4d:4d:b9:18:81:ae:29:0a:80:19:f8:
                    b7:70:a0:05:a0:7e:2f:8b:45:6f:75:d8:df:8d:37:
                    76:16:41:0b:25:af:a1:a0:f6:9b:19:a8:4c:90:5f:
                    be:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:9D:27:B5:0F:53:57:D0:8C:8C:EB:91:AE:48:80:2C:21:7B:61:E9
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:87:6a:c3:85:8c:36:db:01:a2:5b:11:8f:9d:03:4f:34:f3:
         88:8a:25:5f:f4:4e:2e:97:c2:41:a1:5b:bd:a7:76:ee:2c:79:
         5c:4f:98:c5:65:a3:56:1d:30:ba:9e:0f:7a:20:9f:ea:ab:42:
         3a:6d:bf:a8:04:fe:2c:6a:87:09:a8:e3:d6:3c:f3:73:a5:9f:
         a5:7e:8b:3d:19:8f:6f:ac:5f:a9:f5:3d:d8:e3:0f:c6:44:3c:
         ee:f3:51:d9:20:28:9d:fd:7a:fa:f8:ee:ad:c8:0b:83:d1:20:
         60:1d:6a:3f:42:c8:37:fb:4f:de:be:51:ab:8f:ae:ea:25:5d:
         d9:a7:8f:56:fd:2a:8f:f0:05:2d:2a:30:c2:ff:23:ee:dc:d4:
         f5:f5:07:eb:d7:0b:a3:72:1c:8c:23:51:da:bd:85:92:c6:68:
         fa:f5:e8:77:f6:8c:db:46:62:6c:75:0f:ec:08:b7:e3:0a:1b:
         12:89:c0:05:6b:5e:87:2f:b8:38:41:f2:55:26:47:b8:b2:e8:
         a2:93:94:86:29:72:ff:50:a5:6f:dd:8a:a0:14:6f:5c:b4:82:
         54:e1:8c:d0:3a:9e:8a:1c:c6:10:fc:23:b8:b8:2d:2f:30:0b:
         e8:9d:02:75:5b:e1:29:07:19:49:ec:03:6b:c3:00:8b:d5:23:
         92:8c:f8:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQs9huMFmrCJEjhREvOUY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwNjA4MTgwMDUyWhcNMjUwNjA5MTgwMDUyWjAzMTEwLwYDVQQD
EygxNDlkMjdiNTBmNTM1N2QwOGM4Y2ViOTFhZTQ4ODAyYzIxN2I2MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NUKFW2S0VI4TnkNFTURHJLeT/8B
ZP3850irwNG4LoUOtWwPe0h4Ldcka4bXsIXYtPOWCuU2Ex7hA6c7QyOci5Qlk7X+
6VzdXQajT7Z8fVkHH4eQ9edzVoFCwKgbWVJnHB+2HKb2czY4Db5MoLS3fr7vAGqY
LHc1Uiuw85pNlkii5OGhQiwN0Nzy4fORgw1izCGfkpqTA7/PvhX+/l8embiDHLUR
bFXevXoMk5sSxZuLzO/HN7gw3jp0UqZC0BxihJHtR5ikyHs/jZDUAmmHKiekr3V/
TU25GIGuKQqAGfi3cKAFoH4vi0VvddjfjTd2FkELJa+hoPabGahMkF++UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSdJ7UPU1fQjIzrka5IgCwhe2HpMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhYdqw4WM
NtsBolsRj50DTzTziIolX/ROLpfCQaFbvad27ix5XE+YxWWjVh0wup4PeiCf6qtC
Om2/qAT+LGqHCajj1jzzc6WfpX6LPRmPb6xfqfU92OMPxkQ87vNR2SAonf16+vju
rcgLg9EgYB1qP0LIN/tP3r5Rq4+u6iVd2aePVv0qj/AFLSowwv8j7tzU9fUH69cL
o3IcjCNR2r2FksZo+vXod/aM20ZibHUP7Ai34wobEonABWtehy+4OEHyVSZHuLLo
opOUhily/1Clb92KoBRvXLSCVOGM0DqeihzGEPwjuLgtLzAL6J0CdVvhKQcZSewD
a8MAi9Ujkoz4iw==
-----END CERTIFICATE-----