Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          g+8vElVNFcwZYLMcL5+Isem5iTA+a7jj4amCPpmhf90=
Subject key identifier:   13:4C:48:1B:1A:3F:4B:CA:4B:BB:35:2B:05:39:BE:DE:A6:EB:80:EF
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       0196406727EDC96D1BDEBED01A5D15DA6A6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0E1C
Signing time:             Wed 16 Apr 2025 21:00:23 +0000
Manifest this update:     Wed 16 Apr 2025 21:00:23 +0000
Manifest next update:     Thu 17 Apr 2025 21:00:23 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: y1Y9YmBN4HypuP+x7RfeR4j6JpPfDl9X7fZGY8yxFM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 21:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:40:67:27:ed:c9:6d:1b:de:be:d0:1a:5d:15:da:6a:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Apr 16 21:00:23 2025 GMT
            Not After : Apr 17 21:00:23 2025 GMT
        Subject: CN=134c481b1a3f4bca4bbb352b0539bedea6eb80ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:08:3f:cd:73:0d:a6:db:27:6a:a1:09:14:f4:
                    72:d6:06:51:ec:80:73:fd:90:d4:69:eb:b7:e9:4c:
                    66:e5:5a:b4:4b:45:e3:f1:d1:04:ab:f4:92:0f:41:
                    10:07:c7:f3:cd:85:7d:1f:c5:a4:02:6c:bc:a0:16:
                    ec:1d:16:72:e5:02:de:bb:93:14:ac:20:cb:41:8b:
                    a8:0e:da:ba:7c:6c:88:41:2e:9f:6a:c8:b8:64:0b:
                    10:eb:e4:77:6b:80:c2:1f:37:6f:64:15:62:f2:e6:
                    fc:37:86:1b:4c:f9:23:9a:76:d0:1a:58:d4:09:4e:
                    0e:6b:09:64:fb:09:60:ab:46:d5:e5:4b:eb:cf:2f:
                    ca:d5:45:e6:5b:84:ec:06:fb:1f:88:ff:54:d5:b9:
                    9c:9b:85:25:4d:50:b5:be:0d:44:51:7f:cc:86:a9:
                    53:84:6b:a1:9a:77:35:5f:f5:2e:a0:83:26:8b:42:
                    3c:b7:84:99:f9:a4:8a:2a:fe:f8:d2:05:72:11:48:
                    17:eb:ee:e2:2d:73:66:c3:30:ad:17:e9:5a:1e:13:
                    24:79:c5:6f:14:df:24:09:1d:65:48:c4:94:f2:82:
                    ea:24:0e:10:3b:e8:32:f4:8d:3b:38:57:ed:8b:10:
                    d3:40:0c:1c:b9:38:13:c1:9f:3a:24:3e:c1:78:6f:
                    73:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:4C:48:1B:1A:3F:4B:CA:4B:BB:35:2B:05:39:BE:DE:A6:EB:80:EF
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:93:83:f5:4b:4b:fa:ba:86:ae:69:6e:3d:fd:42:fd:cb:ee:
         1e:2e:45:5d:5b:b5:57:46:28:8a:9e:d3:e3:b4:02:29:a5:fe:
         1f:3a:b0:ff:44:c3:b3:1d:bb:c4:f5:e6:1b:bb:42:be:63:5b:
         13:46:51:ab:f1:c5:c4:67:9d:90:46:c5:11:e0:80:04:ae:cc:
         aa:d1:df:6f:82:4f:7d:e5:2f:31:b1:86:cd:79:de:5a:85:3f:
         b6:68:cb:17:3b:56:66:61:3a:6e:d0:6a:74:a1:1b:06:ce:6f:
         cc:b8:5c:e1:dc:d0:3e:7e:16:55:81:8f:a0:d2:b9:69:23:c2:
         cd:aa:f5:e5:84:63:b6:94:aa:7f:0c:2c:fb:02:1a:d1:0c:58:
         ae:96:97:cd:42:30:8c:1f:39:5a:08:bb:ef:33:88:38:7f:26:
         09:2b:23:4b:e0:e5:9e:97:8a:ef:6a:b4:d8:ce:7b:2b:86:74:
         a8:b7:c2:be:24:4f:97:91:be:d2:c2:7e:03:df:27:1d:6d:4d:
         5d:a1:61:25:01:69:d0:17:66:70:b7:e8:4c:34:d1:e7:be:e2:
         2d:7c:7d:59:30:37:8a:9c:29:13:93:9a:23:12:3b:51:83:00:
         6f:a9:f5:50:10:f0:86:8f:b8:26:d6:e7:a8:54:05:6c:b4:13:
         9e:fe:d3:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZAZyftyW0b3r7QGl0V2mpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwNDE2MjEwMDIzWhcNMjUwNDE3MjEwMDIzWjAzMTEwLwYDVQQD
EygxMzRjNDgxYjFhM2Y0YmNhNGJiYjM1MmIwNTM5YmVkZWE2ZWI4MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAg/zXMNptsnaqEJFPRy1gZR7IBz
/ZDUaeu36Uxm5Vq0S0Xj8dEEq/SSD0EQB8fzzYV9H8WkAmy8oBbsHRZy5QLeu5MU
rCDLQYuoDtq6fGyIQS6fasi4ZAsQ6+R3a4DCHzdvZBVi8ub8N4YbTPkjmnbQGljU
CU4Oawlk+wlgq0bV5Uvrzy/K1UXmW4TsBvsfiP9U1bmcm4UlTVC1vg1EUX/MhqlT
hGuhmnc1X/UuoIMmi0I8t4SZ+aSKKv740gVyEUgX6+7iLXNmwzCtF+laHhMkecVv
FN8kCR1lSMSU8oLqJA4QO+gy9I07OFftixDTQAwcuTgTwZ86JD7BeG9zFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNMSBsaP0vKS7s1KwU5vt6m64DvMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhJOD9UtL
+rqGrmluPf1C/cvuHi5FXVu1V0Yoip7T47QCKaX+Hzqw/0TDsx27xPXmG7tCvmNb
E0ZRq/HFxGedkEbFEeCABK7MqtHfb4JPfeUvMbGGzXneWoU/tmjLFztWZmE6btBq
dKEbBs5vzLhc4dzQPn4WVYGPoNK5aSPCzar15YRjtpSqfwws+wIa0QxYrpaXzUIw
jB85Wgi77zOIOH8mCSsjS+DlnpeK72q02M57K4Z0qLfCviRPl5G+0sJ+A98nHW1N
XaFhJQFp0BdmcLfoTDTR577iLXx9WTA3ipwpE5OaIxI7UYMAb6n1UBDwho+4Jtbn
qFQFbLQTnv7TRA==
-----END CERTIFICATE-----