Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
File:                     4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft (raw, json)
Hash identifier:          LyugUHuNQcPoFG4QUCQtcRYgvQ6+uFijrqjAEcuJdqQ=
Subject key identifier:   2D:7E:C6:54:D7:AF:4E:65:44:55:9F:73:A8:D5:FB:D4:D9:76:05:D3
Authority key identifier: E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C
Certificate issuer:       /CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
Certificate serial:       01964DB4EC6EC190D1FA43AD8CE598B8B160
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
Manifest number:          08FB
Signing time:             Sat 19 Apr 2025 11:00:24 +0000
Manifest this update:     Sat 19 Apr 2025 11:00:24 +0000
Manifest next update:     Sun 20 Apr 2025 11:00:24 +0000
Files and hashes:         1: 4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl (hash: XRspdEuznq6e3kPknKF2rN9fbvSvmlvQIx2OX2N/eIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:b4:ec:6e:c1:90:d1:fa:43:ad:8c:e5:98:b8:b1:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
        Validity
            Not Before: Apr 19 11:00:24 2025 GMT
            Not After : Apr 20 11:00:24 2025 GMT
        Subject: CN=2d7ec654d7af4e6544559f73a8d5fbd4d97605d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b6:02:47:21:81:30:1d:17:8e:35:98:ad:ea:
                    c1:50:18:8c:7a:8b:c8:e3:b6:c6:79:d2:53:01:35:
                    1c:28:ed:70:4a:98:4a:19:4d:a6:b1:ea:84:ef:00:
                    25:e9:f5:c7:4c:b4:7b:2f:f7:6b:e1:1f:82:3c:82:
                    e4:c4:33:4b:c2:b1:7c:ef:04:61:83:3c:71:14:b3:
                    bd:15:cf:54:5e:61:9e:26:5e:a6:03:3e:fb:2d:3e:
                    60:25:93:6f:b6:e7:25:0d:7a:ed:77:5b:b2:af:1e:
                    41:86:88:6d:05:d0:ce:b8:23:18:5f:72:be:ed:9c:
                    10:8d:02:f0:de:c4:fb:f3:76:bc:44:1b:e5:00:32:
                    af:dd:6e:0c:67:de:0e:c7:55:bf:e4:8d:a8:62:50:
                    32:8e:25:b9:02:77:6e:c2:6e:cd:15:d5:2c:4d:84:
                    b5:d5:a0:b4:c6:d8:d0:5c:72:c8:f4:37:36:0e:66:
                    ef:14:4c:52:90:66:d1:dc:70:a7:31:d2:fa:4a:f7:
                    94:6b:91:24:99:a5:d3:8e:04:ee:f1:b1:d2:f5:e5:
                    6b:1d:97:d8:5a:3b:a2:fb:a5:9b:da:7c:2b:87:b6:
                    61:79:7f:74:87:0d:4e:99:b9:42:64:7a:48:c3:cb:
                    c9:2b:21:13:02:bc:ff:f2:f7:d1:47:98:33:35:1c:
                    5a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:7E:C6:54:D7:AF:4E:65:44:55:9F:73:A8:D5:FB:D4:D9:76:05:D3
            X509v3 Authority Key Identifier:
                keyid:E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:49:81:2c:94:6f:43:d4:0d:b1:39:93:f4:32:f0:66:df:55:
         dd:31:2c:57:a5:40:6b:d4:f3:ee:08:82:e5:f8:fa:3b:73:8d:
         4a:de:52:e6:c0:52:ec:7f:a0:12:1c:f7:67:82:08:44:79:6f:
         df:ac:8f:47:3c:c3:68:2f:2b:38:23:19:97:ec:8a:53:78:96:
         b4:c9:fd:e1:f1:7d:ab:81:c5:c6:f2:10:89:97:92:8f:a8:55:
         bf:2c:01:8e:fe:8f:ec:3a:7a:36:93:b3:c5:ad:df:3d:b2:e8:
         8e:97:53:59:5b:73:c1:db:60:e8:9c:2b:4e:c0:bf:08:f6:ce:
         ec:a5:b0:a5:c3:d4:4c:d5:fc:9c:c5:f3:c8:78:e2:de:00:1a:
         9b:38:eb:79:57:e0:ef:71:4d:2d:2c:11:dd:74:e2:ce:04:74:
         76:49:08:6b:33:87:f1:b6:fe:a9:38:f0:af:b4:46:77:91:f8:
         a3:d0:17:c1:98:35:f4:9a:fe:f8:8c:82:ed:0d:c3:39:13:2e:
         cb:3b:6d:ab:45:a1:43:57:b3:c4:52:26:72:f9:bf:1b:16:99:
         33:8f:ff:6d:fc:12:44:bb:a1:e4:da:23:bf:72:e6:ae:f5:52:
         16:ee:fc:8a:9b:a2:ba:4c:53:d5:6d:c3:fa:88:51:d8:b4:95:
         d7:33:2c:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNtOxuwZDR+kOtjOWYuLFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMGE2ZjJlNjMzZmNmM2FkZWY4NzI1Y2M1YmUwZWE3OTE1
ZGQ0MGMwHhcNMjUwNDE5MTEwMDI0WhcNMjUwNDIwMTEwMDI0WjAzMTEwLwYDVQQD
EygyZDdlYzY1NGQ3YWY0ZTY1NDQ1NTlmNzNhOGQ1ZmJkNGQ5NzYwNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7YCRyGBMB0XjjWYrerBUBiMeovI
47bGedJTATUcKO1wSphKGU2mseqE7wAl6fXHTLR7L/dr4R+CPILkxDNLwrF87wRh
gzxxFLO9Fc9UXmGeJl6mAz77LT5gJZNvtuclDXrtd1uyrx5BhohtBdDOuCMYX3K+
7ZwQjQLw3sT783a8RBvlADKv3W4MZ94Ox1W/5I2oYlAyjiW5Anduwm7NFdUsTYS1
1aC0xtjQXHLI9Dc2DmbvFExSkGbR3HCnMdL6SveUa5EkmaXTjgTu8bHS9eVrHZfY
Wjui+6Wb2nwrh7ZheX90hw1OmblCZHpIw8vJKyETArz/8vfRR5gzNRxaXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1+xlTXr05lRFWfc6jV+9TZdgXTMB8GA1UdIwQY
MBaAFOAKby5jP8863vhyXMW+DqeRXdQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUt
ZDA5NmYxZTI1ZTk3LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUtZDA5NmYxZTI1ZTk3
LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI0mBLJRv
Q9QNsTmT9DLwZt9V3TEsV6VAa9Tz7giC5fj6O3ONSt5S5sBS7H+gEhz3Z4IIRHlv
36yPRzzDaC8rOCMZl+yKU3iWtMn94fF9q4HFxvIQiZeSj6hVvywBjv6P7Dp6NpOz
xa3fPbLojpdTWVtzwdtg6JwrTsC/CPbO7KWwpcPUTNX8nMXzyHji3gAamzjreVfg
73FNLSwR3XTizgR0dkkIazOH8bb+qTjwr7RGd5H4o9AXwZg19Jr++IyC7Q3DORMu
yzttq0WhQ1ezxFImcvm/GxaZM4//bfwSRLuh5Nojv3LmrvVSFu78ipuiukxT1W3D
+ohR2LSV1zMs9Q==
-----END CERTIFICATE-----