Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
File:                     EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft (raw, json)
Hash identifier:          V/5dT0hC31b2m02/Og07VH5JyIbnv7qhCbHHsr+Md8U=
Subject key identifier:   25:49:4B:1C:E4:5C:48:89:58:3A:96:A8:BB:D5:57:1B:C1:CD:1D:D9
Authority key identifier: 10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0
Certificate issuer:       /CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
Certificate serial:       01964FDACDD1D45AEE837A0DF8841A48445E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
Manifest number:          14F7
Signing time:             Sat 19 Apr 2025 21:01:01 +0000
Manifest this update:     Sat 19 Apr 2025 21:01:01 +0000
Manifest next update:     Sun 20 Apr 2025 21:01:01 +0000
Files and hashes:         1: EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl (hash: k3szR8dFSkdt6ADIvUFUAOoaVPxPohT4HC/q4oS0ZL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 21:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:da:cd:d1:d4:5a:ee:83:7a:0d:f8:84:1a:48:44:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10797eb5f9aa9abe52008ce7f21ab44afdeea0d0
        Validity
            Not Before: Apr 19 21:01:01 2025 GMT
            Not After : Apr 20 21:01:01 2025 GMT
        Subject: CN=25494b1ce45c4889583a96a8bbd5571bc1cd1dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:38:d0:83:2c:77:35:05:f1:6f:c4:db:bf:09:
                    1f:d9:f4:66:d7:0f:b6:3c:24:83:f6:8d:3a:cd:8a:
                    b3:0b:90:12:6d:95:a2:32:37:6c:9a:9d:1b:81:76:
                    c5:31:15:b5:52:67:24:0e:5b:97:ab:9f:1b:2c:32:
                    d5:9f:b5:de:b7:73:45:68:67:83:02:61:bd:51:dd:
                    6b:c1:d1:c4:47:b1:bb:9b:54:81:3d:3d:7f:f3:5d:
                    12:af:25:fe:46:95:c8:f9:63:2b:a0:ab:f1:d9:36:
                    6f:7b:c3:23:dd:2a:bd:38:2d:a9:ff:40:04:8c:33:
                    0b:ca:02:31:e0:74:0f:15:63:60:10:09:94:62:df:
                    fa:cb:0b:bc:d2:93:5b:23:22:2c:fa:e8:76:f9:00:
                    65:d4:f0:4f:e7:e2:a8:1f:f6:05:ca:5b:23:2c:f1:
                    05:0a:3c:4c:e2:a3:03:d5:54:78:93:1f:97:8b:a2:
                    c7:f6:1d:d5:e5:22:62:e4:bb:8c:2e:d0:a8:96:7b:
                    72:67:07:fb:d0:b8:8c:50:8d:a7:d5:14:4c:5f:48:
                    06:12:73:2f:0d:5e:6b:3e:d7:f0:fb:e6:37:8a:30:
                    35:7a:05:7d:62:4a:65:6d:78:36:04:9d:fd:43:77:
                    58:a0:32:99:0c:e8:af:42:5c:39:d0:0e:d6:58:4b:
                    95:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:49:4B:1C:E4:5C:48:89:58:3A:96:A8:BB:D5:57:1B:C1:CD:1D:D9
            X509v3 Authority Key Identifier:
                keyid:10:79:7E:B5:F9:AA:9A:BE:52:00:8C:E7:F2:1A:B4:4A:FD:EE:A0:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f5c8a3-e5ca-41ae-af8a-8db708347438/1/EHl-tfmqmr5SAIzn8hq0Sv3uoNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:35:12:cd:b7:8f:b6:b9:2d:73:04:1f:62:8d:b7:75:d7:b0:
         45:30:5a:8b:93:f6:15:65:aa:99:f8:55:97:51:e8:74:01:be:
         7b:d4:6e:e8:80:15:8f:d4:de:19:2d:53:f5:48:3b:d3:6b:57:
         f8:55:fd:31:b8:92:2b:3d:dd:6e:dc:87:bc:4a:d2:f5:51:7f:
         05:a5:cf:ab:2a:19:af:39:7d:00:0d:63:22:32:81:4b:0b:ea:
         3a:fe:f1:24:5e:88:28:fc:78:41:c9:3f:67:e5:93:5e:1a:63:
         fc:ab:00:48:91:31:e1:7c:11:8a:50:34:19:de:e4:1a:37:bb:
         a7:a6:75:24:5e:7d:13:16:7f:0d:91:45:4b:0e:d6:1a:7f:27:
         65:5d:5c:8c:5e:cc:ee:3a:10:c4:4a:ae:dd:ff:66:88:16:a3:
         09:3d:40:f9:ff:2d:0a:68:6c:a8:84:a9:2c:8f:a7:d9:c4:db:
         e4:38:18:ca:b3:6e:01:19:df:d0:ce:80:82:16:e1:59:52:86:
         42:20:04:2b:d0:06:da:f5:d6:e9:77:97:57:35:b4:e1:b8:73:
         2c:7e:70:b1:67:cf:52:47:eb:c2:43:ba:0f:96:7d:e5:c4:25:
         e5:59:57:66:00:c3:13:be:b2:eb:3d:3d:a2:af:2c:b7:4e:0e:
         76:38:d0:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2s3R1Frug3oN+IQaSEReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzk3ZWI1ZjlhYTlhYmU1MjAwOGNlN2YyMWFiNDRhZmRl
ZWEwZDAwHhcNMjUwNDE5MjEwMTAxWhcNMjUwNDIwMjEwMTAxWjAzMTEwLwYDVQQD
EygyNTQ5NGIxY2U0NWM0ODg5NTgzYTk2YThiYmQ1NTcxYmMxY2QxZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzjQgyx3NQXxb8Tbvwkf2fRm1w+2
PCSD9o06zYqzC5ASbZWiMjdsmp0bgXbFMRW1UmckDluXq58bLDLVn7Xet3NFaGeD
AmG9Ud1rwdHER7G7m1SBPT1/810SryX+RpXI+WMroKvx2TZve8Mj3Sq9OC2p/0AE
jDMLygIx4HQPFWNgEAmUYt/6ywu80pNbIyIs+uh2+QBl1PBP5+KoH/YFylsjLPEF
CjxM4qMD1VR4kx+Xi6LH9h3V5SJi5LuMLtColntyZwf70LiMUI2n1RRMX0gGEnMv
DV5rPtfw++Y3ijA1egV9YkplbXg2BJ39Q3dYoDKZDOivQlw50A7WWEuV9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVJSxzkXEiJWDqWqLvVVxvBzR3ZMB8GA1UdIwQY
MBaAFBB5frX5qpq+UgCM5/IatEr97qDQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEt
OGRiNzA4MzQ3NDM4LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNWM4YTMtZTVjYS00MWFlLWFmOGEtOGRiNzA4MzQ3NDM4
LzEvRUhsLXRmbXFtcjVTQUl6bjhocTBTdjN1b05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjUSzbeP
trktcwQfYo23ddewRTBai5P2FWWqmfhVl1HodAG+e9Ru6IAVj9TeGS1T9Ug702tX
+FX9MbiSKz3dbtyHvErS9VF/BaXPqyoZrzl9AA1jIjKBSwvqOv7xJF6IKPx4Qck/
Z+WTXhpj/KsASJEx4XwRilA0Gd7kGje7p6Z1JF59ExZ/DZFFSw7WGn8nZV1cjF7M
7joQxEqu3f9miBajCT1A+f8tCmhsqISpLI+n2cTb5DgYyrNuARnf0M6AghbhWVKG
QiAEK9AG2vXW6XeXVzW04bhzLH5wsWfPUkfrwkO6D5Z95cQl5VlXZgDDE76y6z09
oq8st04OdjjQWw==
-----END CERTIFICATE-----