Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          JNONRTbeUw2m8j9hf+XZWehC5669D2V7sL0qnr1wgVI=
Subject key identifier:   2E:D0:7C:A7:9E:3E:38:08:E2:36:DE:7D:53:59:48:C2:0B:71:BA:5C
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       01951134BF5A1CB8C205E34ECD71D05C4CB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0D7F
Signing time:             Mon 17 Feb 2025 00:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:24 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: yxA3Q+Vs6yktVt9lTS/GBFsTIkGFTwx/IvKYRGSVIVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:bf:5a:1c:b8:c2:05:e3:4e:cd:71:d0:5c:4c:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Feb 17 00:00:24 2025 GMT
            Not After : Feb 18 00:00:24 2025 GMT
        Subject: CN=2ed07ca79e3e3808e236de7d535948c20b71ba5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:1b:7b:68:2b:9c:25:e3:7c:da:8c:b5:78:39:
                    84:ed:38:e9:6a:af:d5:4f:fa:4c:31:aa:53:c7:cc:
                    b6:34:9c:60:8a:1a:52:1f:a9:1b:4d:09:10:d1:f3:
                    14:1b:d4:65:85:be:4c:d1:cd:05:bf:a0:b8:ed:f7:
                    8c:eb:75:21:80:88:93:25:37:2f:a6:9d:9d:7c:db:
                    44:56:1c:ea:51:a3:80:2b:04:17:d1:11:15:8d:d8:
                    73:81:be:43:51:fe:0b:ad:a9:d7:20:71:16:3d:0b:
                    72:2e:60:da:2b:29:91:7d:dd:b0:c2:41:1c:5c:a5:
                    11:7c:21:4f:49:6d:41:64:d7:dd:74:a0:a6:ae:40:
                    af:8a:27:cb:be:06:ab:fa:d1:a1:8f:20:9e:97:a5:
                    b4:7c:da:1f:96:24:97:c5:d0:93:ae:aa:fa:20:63:
                    77:ad:9d:7c:9e:6b:1b:b9:59:40:98:0c:70:d8:ad:
                    23:01:08:12:33:05:b1:e6:93:72:97:98:0f:56:c2:
                    62:11:6c:0c:7f:95:38:29:9b:49:d5:5c:16:de:77:
                    3c:09:42:2b:7e:a5:95:cf:45:f9:e1:9d:b9:56:26:
                    11:ad:41:dd:28:41:3e:f7:59:ff:67:6c:f4:d0:99:
                    b8:96:9f:be:f6:5d:fc:e0:7e:9c:ab:cd:70:87:b1:
                    3b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D0:7C:A7:9E:3E:38:08:E2:36:DE:7D:53:59:48:C2:0B:71:BA:5C
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:90:85:26:6e:cb:89:28:c6:3a:ef:c3:11:6a:c7:e7:7f:7c:
         ee:d2:60:6c:62:3b:bd:e4:fa:11:cb:88:b0:24:1a:67:f5:7d:
         11:19:e8:8f:f7:50:b5:21:a0:fa:44:ef:a5:51:d6:fe:13:74:
         fe:9d:53:f8:6c:88:34:74:57:ef:ba:ba:54:76:5c:29:26:a3:
         e9:db:08:48:dd:e7:7c:6e:37:7c:58:cc:b9:68:fe:d7:e8:fb:
         96:37:34:1f:9c:28:8d:d9:58:85:70:dd:38:7d:1d:f6:29:55:
         23:6e:80:51:2c:70:75:bf:3d:fe:0b:ba:2b:f8:6e:7e:6f:01:
         c5:eb:14:82:24:ca:32:4e:65:8c:4a:49:40:90:6b:1e:80:e5:
         db:97:d8:96:08:20:ec:c8:25:08:dd:47:57:7d:4f:cd:81:6e:
         bf:e4:14:a3:c5:78:cd:b1:0e:5f:4b:d4:f6:3b:41:aa:38:f3:
         0c:18:d7:14:7e:db:a9:82:0b:52:78:71:3a:f3:c4:94:95:93:
         17:79:8b:1d:9b:56:ff:dc:5e:8d:23:ff:cd:db:54:79:46:a0:
         02:3c:bf:36:b1:96:14:15:f3:5a:a2:22:46:c0:37:00:1b:6a:
         b1:df:a2:6c:dc:c3:d9:cb:b4:ad:25:23:71:f3:cc:96:86:6a:
         e8:ed:9b:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNL9aHLjCBeNOzXHQXEyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwMjE3MDAwMDI0WhcNMjUwMjE4MDAwMDI0WjAzMTEwLwYDVQQD
EygyZWQwN2NhNzllM2UzODA4ZTIzNmRlN2Q1MzU5NDhjMjBiNzFiYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRt7aCucJeN82oy1eDmE7Tjpaq/V
T/pMMapTx8y2NJxgihpSH6kbTQkQ0fMUG9Rlhb5M0c0Fv6C47feM63UhgIiTJTcv
pp2dfNtEVhzqUaOAKwQX0REVjdhzgb5DUf4LranXIHEWPQtyLmDaKymRfd2wwkEc
XKURfCFPSW1BZNfddKCmrkCviifLvgar+tGhjyCel6W0fNofliSXxdCTrqr6IGN3
rZ18nmsbuVlAmAxw2K0jAQgSMwWx5pNyl5gPVsJiEWwMf5U4KZtJ1VwW3nc8CUIr
fqWVz0X54Z25ViYRrUHdKEE+91n/Z2z00Jm4lp++9l384H6cq81wh7E7MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7QfKeePjgI4jbefVNZSMILcbpcMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARZCFJm7L
iSjGOu/DEWrH53987tJgbGI7veT6EcuIsCQaZ/V9ERnoj/dQtSGg+kTvpVHW/hN0
/p1T+GyINHRX77q6VHZcKSaj6dsISN3nfG43fFjMuWj+1+j7ljc0H5wojdlYhXDd
OH0d9ilVI26AUSxwdb89/gu6K/hufm8BxesUgiTKMk5ljEpJQJBrHoDl25fYlggg
7MglCN1HV31PzYFuv+QUo8V4zbEOX0vU9jtBqjjzDBjXFH7bqYILUnhxOvPElJWT
F3mLHZtW/9xejSP/zdtUeUagAjy/NrGWFBXzWqIiRsA3ABtqsd+ibNzD2cu0rSUj
cfPMloZq6O2b0w==
-----END CERTIFICATE-----