Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
File:                     4N8zRFExdiUqLLaQvPcF1kmBEfU.mft (raw, json)
Hash identifier:          QWCnwBO+5vjvHfNJhhr2LQydC+qiR4PJuXStTZ/Y700=
Subject key identifier:   C3:55:84:34:F1:D4:BC:24:B1:A1:A9:C8:08:52:95:CA:B1:B1:F8:49
Authority key identifier: E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5
Certificate issuer:       /CN=e0df3344513176252a2cb690bcf705d6498111f5
Certificate serial:       019652A4BB12D567C72C7050414B6F2414B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
Manifest number:          0817
Signing time:             Sun 20 Apr 2025 10:00:49 +0000
Manifest this update:     Sun 20 Apr 2025 10:00:49 +0000
Manifest next update:     Mon 21 Apr 2025 10:00:49 +0000
Files and hashes:         1: 4N8zRFExdiUqLLaQvPcF1kmBEfU.crl (hash: DZwF+YLbBMVrI1D75fYSNfTDhTUOnIi/DXzJabd9e1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:bb:12:d5:67:c7:2c:70:50:41:4b:6f:24:14:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0df3344513176252a2cb690bcf705d6498111f5
        Validity
            Not Before: Apr 20 10:00:49 2025 GMT
            Not After : Apr 21 10:00:49 2025 GMT
        Subject: CN=c3558434f1d4bc24b1a1a9c8085295cab1b1f849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:db:1a:f5:1c:4e:c9:dd:52:11:42:d4:80:de:
                    bd:d1:54:fc:90:d7:f3:5e:33:dd:f8:27:c6:9b:68:
                    b7:3b:a1:26:76:74:3c:51:96:f7:e0:58:02:15:e1:
                    e4:44:1c:15:c5:3a:4f:e2:7e:46:e6:47:3e:8f:b9:
                    0c:b7:e8:74:e8:77:5d:1c:3b:98:16:2d:23:37:90:
                    fa:54:fc:f2:79:8b:c6:b6:8b:6a:07:89:49:10:bd:
                    57:03:c8:28:f5:16:c9:25:da:88:9c:d7:21:3e:e4:
                    27:e4:e1:9a:ec:67:ed:e5:41:5e:64:81:91:55:4a:
                    05:c4:28:ea:eb:3e:ed:bb:7a:7d:9c:c6:03:ed:4f:
                    59:6b:07:6f:eb:25:3b:c2:79:2b:e2:9b:04:e8:a3:
                    d5:4d:b9:dd:e3:60:d1:bf:db:06:37:c4:27:c3:47:
                    c6:2e:12:b0:9a:fa:d4:e9:a8:48:33:fd:d1:ce:70:
                    ef:49:52:1a:41:8d:b5:49:2b:30:cf:18:6b:aa:16:
                    bd:3f:7b:b7:8f:8b:d3:46:f3:3f:b9:81:fd:2e:a8:
                    7e:69:e0:67:d9:98:c1:5f:49:a0:8a:a5:67:8b:5a:
                    ac:34:33:b9:36:7a:88:21:e6:cd:1e:1a:6e:17:05:
                    8b:b1:83:6a:ce:b5:b7:d3:e6:fb:d9:30:ef:42:16:
                    0c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:55:84:34:F1:D4:BC:24:B1:A1:A9:C8:08:52:95:CA:B1:B1:F8:49
            X509v3 Authority Key Identifier:
                keyid:E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:40:15:6c:78:95:ff:43:23:90:f5:57:4e:c5:1a:aa:3a:bf:
         cb:f1:a7:e1:c4:eb:bd:7c:f4:3e:74:a7:d7:a0:c3:7d:df:05:
         01:00:d9:1f:17:67:01:20:ba:6b:f9:1d:17:5f:93:78:b9:1d:
         a9:93:54:97:e3:0e:9d:ed:77:1b:9e:b8:d0:22:f8:91:21:d6:
         4c:bf:64:33:55:85:91:2c:eb:77:f9:62:b9:c1:42:99:e4:56:
         e6:ec:23:1f:32:e6:64:8f:80:ed:36:c4:b6:21:ba:a4:e0:81:
         ea:79:06:52:fb:f9:2a:a0:80:d3:94:1c:c8:a5:37:b1:18:1d:
         39:a4:f0:f3:95:2f:46:12:3e:ef:68:12:d7:6b:6a:d1:99:cb:
         3d:69:c8:53:42:27:1e:59:5a:82:71:f5:09:7f:92:2f:d2:15:
         10:14:1e:58:1d:b4:06:2b:7f:54:6a:e2:5c:74:0d:b3:30:5d:
         80:f1:84:c2:54:85:84:87:18:71:8a:1a:46:0f:8d:2c:92:50:
         f1:c8:e3:87:fd:27:75:8f:62:a2:47:44:5e:46:b8:36:de:35:
         23:66:7e:be:27:e4:f5:09:c7:f7:07:0a:8a:d7:8c:6a:c7:b0:
         b5:02:10:73:45:62:27:14:7f:63:ae:e1:47:39:97:35:1e:50:
         f0:2e:80:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpLsS1WfHLHBQQUtvJBSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGYzMzQ0NTEzMTc2MjUyYTJjYjY5MGJjZjcwNWQ2NDk4
MTExZjUwHhcNMjUwNDIwMTAwMDQ5WhcNMjUwNDIxMTAwMDQ5WjAzMTEwLwYDVQQD
EyhjMzU1ODQzNGYxZDRiYzI0YjFhMWE5YzgwODUyOTVjYWIxYjFmODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitsa9RxOyd1SEULUgN690VT8kNfz
XjPd+CfGm2i3O6EmdnQ8UZb34FgCFeHkRBwVxTpP4n5G5kc+j7kMt+h06HddHDuY
Fi0jN5D6VPzyeYvGtotqB4lJEL1XA8go9RbJJdqInNchPuQn5OGa7Gft5UFeZIGR
VUoFxCjq6z7tu3p9nMYD7U9Zawdv6yU7wnkr4psE6KPVTbnd42DRv9sGN8Qnw0fG
LhKwmvrU6ahIM/3RznDvSVIaQY21SSswzxhrqha9P3u3j4vTRvM/uYH9Lqh+aeBn
2ZjBX0mgiqVni1qsNDO5NnqIIebNHhpuFwWLsYNqzrW30+b72TDvQhYMjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNVhDTx1LwksaGpyAhSlcqxsfhJMB8GA1UdIwQY
MBaAFODfM0RRMXYlKiy2kLz3BdZJgRH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4Njgt
MjVlMjFjOWU3ZGU5LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4NjgtMjVlMjFjOWU3ZGU5
LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE0AVbHiV
/0MjkPVXTsUaqjq/y/Gn4cTrvXz0PnSn16DDfd8FAQDZHxdnASC6a/kdF1+TeLkd
qZNUl+MOne13G5640CL4kSHWTL9kM1WFkSzrd/liucFCmeRW5uwjHzLmZI+A7TbE
tiG6pOCB6nkGUvv5KqCA05QcyKU3sRgdOaTw85UvRhI+72gS12tq0ZnLPWnIU0In
HllagnH1CX+SL9IVEBQeWB20Bit/VGriXHQNszBdgPGEwlSFhIcYcYoaRg+NLJJQ
8cjjh/0ndY9iokdEXka4Nt41I2Z+vifk9QnH9wcKiteMasewtQIQc0ViJxR/Y67h
RzmXNR5Q8C6ATg==
-----END CERTIFICATE-----