Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.mft
File:                     4H6guRTmNDEcyfDvoUSPy3l9OJw.mft (raw, json)
Hash identifier:          jWMRb0GOovXpiQMOdQEg8VAHJElTyMpaKFxVe5bn33k=
Subject key identifier:   E8:AB:B9:10:52:5D:9D:12:F2:67:DB:72:F3:1C:C2:8B:16:1C:1A:E3
Authority key identifier: E0:7E:A0:B9:14:E6:34:31:1C:C9:F0:EF:A1:44:8F:CB:79:7D:38:9C
Certificate issuer:       /CN=e07ea0b914e634311cc9f0efa1448fcb797d389c
Certificate serial:       019655378C32ACA8AD6FB50F34AEA9EAD0AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4H6guRTmNDEcyfDvoUSPy3l9OJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.mft
Manifest number:          0BCB
Signing time:             Sun 20 Apr 2025 22:00:25 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:25 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:25 +0000
Files and hashes:         1: 4H6guRTmNDEcyfDvoUSPy3l9OJw.crl (hash: JajsQyz6MNx3dsBMQQarqO1Ow9PnyQCqIeFXm1Bt/Pg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4H6guRTmNDEcyfDvoUSPy3l9OJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:8c:32:ac:a8:ad:6f:b5:0f:34:ae:a9:ea:d0:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e07ea0b914e634311cc9f0efa1448fcb797d389c
        Validity
            Not Before: Apr 20 22:00:25 2025 GMT
            Not After : Apr 21 22:00:25 2025 GMT
        Subject: CN=e8abb910525d9d12f267db72f31cc28b161c1ae3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a1:3b:0b:f8:45:4e:e9:79:04:1e:dc:0c:ac:
                    4e:99:40:0c:bd:22:f1:87:6c:05:73:01:21:bc:10:
                    61:2a:16:db:54:cd:79:3c:85:ed:a8:f2:c7:48:c8:
                    dc:07:8b:af:ec:d3:97:81:29:56:d9:43:7c:1c:e1:
                    af:b0:63:cb:ff:6c:9b:45:e1:3a:55:a7:6a:54:17:
                    00:4a:a5:8c:f4:c1:50:2a:18:36:67:7c:37:e8:e6:
                    6e:cc:1c:78:87:82:82:94:37:99:cb:9c:55:3f:ec:
                    fc:4c:25:ba:e1:96:ec:55:4f:ae:8d:8b:55:61:86:
                    c7:c7:e8:2a:9d:13:ae:c5:0d:5b:93:4a:3a:d4:81:
                    3d:45:0b:dc:3a:0e:41:9a:79:16:8b:d9:b0:b6:f8:
                    e6:9d:18:56:61:df:43:26:95:25:66:db:fc:c2:bb:
                    1c:65:8b:dd:a1:d3:12:15:dc:8f:3a:55:a1:ae:10:
                    e0:85:2e:f8:25:ff:10:41:c4:56:75:e6:8d:20:54:
                    89:0e:e0:fd:fb:26:ed:a1:29:8a:a2:c1:73:cd:f9:
                    f4:74:b6:cc:3c:8b:50:88:aa:8b:83:5b:08:bf:dd:
                    89:c0:01:78:e7:e0:bf:97:35:ea:19:b2:25:1d:5b:
                    f1:9a:5d:ef:10:33:89:ad:72:78:49:1b:a2:d4:6a:
                    64:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:AB:B9:10:52:5D:9D:12:F2:67:DB:72:F3:1C:C2:8B:16:1C:1A:E3
            X509v3 Authority Key Identifier:
                keyid:E0:7E:A0:B9:14:E6:34:31:1C:C9:F0:EF:A1:44:8F:CB:79:7D:38:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4H6guRTmNDEcyfDvoUSPy3l9OJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b66a81-3e89-4392-9644-6c561ab82ae3/1/4H6guRTmNDEcyfDvoUSPy3l9OJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ea:98:b2:73:fc:a9:ef:9e:c2:f3:0c:fa:8a:81:da:3d:dc:
         31:d4:3f:d2:84:fb:58:ad:ab:38:c4:7e:72:58:6b:ed:7b:bc:
         fb:2b:98:39:ba:c0:77:9d:31:fc:d7:3d:c6:a5:30:16:c4:59:
         3c:bf:a4:b7:c7:af:73:cd:d4:ff:ed:9d:29:76:4a:bc:6a:b4:
         a2:48:6f:b0:97:0c:64:20:8a:2f:0e:a6:e6:94:e0:f3:21:45:
         bc:d1:32:84:a4:f8:c3:8d:ac:65:0d:5d:cd:de:4d:24:d6:e3:
         2d:3b:d8:ac:98:d6:40:26:c3:d9:08:d2:cb:09:b7:50:f7:2d:
         66:d6:32:1d:28:5d:fe:a7:71:78:a4:15:0a:6c:f9:bf:cf:e5:
         a7:64:05:11:5a:14:16:38:4f:45:22:74:68:70:9d:13:9e:16:
         ab:c7:2b:1f:13:e3:28:83:aa:b5:59:9c:a8:b2:b1:ff:3a:ff:
         29:6c:da:dc:d0:4e:6f:0a:f4:2c:d2:31:29:b6:38:14:12:6f:
         db:d3:76:b4:8d:5d:f6:d6:61:47:9c:35:ee:6b:5c:d5:bc:70:
         61:d9:84:35:35:fb:6d:ad:5e:cd:7e:fa:da:87:cc:0d:c7:c6:
         7f:45:71:10:64:db:c6:fd:6d:e5:03:d7:c9:6e:ea:33:e3:f9:
         97:28:c2:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN4wyrKitb7UPNK6p6tCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwN2VhMGI5MTRlNjM0MzExY2M5ZjBlZmExNDQ4ZmNiNzk3
ZDM4OWMwHhcNMjUwNDIwMjIwMDI1WhcNMjUwNDIxMjIwMDI1WjAzMTEwLwYDVQQD
EyhlOGFiYjkxMDUyNWQ5ZDEyZjI2N2RiNzJmMzFjYzI4YjE2MWMxYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaE7C/hFTul5BB7cDKxOmUAMvSLx
h2wFcwEhvBBhKhbbVM15PIXtqPLHSMjcB4uv7NOXgSlW2UN8HOGvsGPL/2ybReE6
VadqVBcASqWM9MFQKhg2Z3w36OZuzBx4h4KClDeZy5xVP+z8TCW64ZbsVU+ujYtV
YYbHx+gqnROuxQ1bk0o61IE9RQvcOg5BmnkWi9mwtvjmnRhWYd9DJpUlZtv8wrsc
ZYvdodMSFdyPOlWhrhDghS74Jf8QQcRWdeaNIFSJDuD9+ybtoSmKosFzzfn0dLbM
PItQiKqLg1sIv92JwAF45+C/lzXqGbIlHVvxml3vEDOJrXJ4SRui1GpkSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiruRBSXZ0S8mfbcvMcwosWHBrjMB8GA1UdIwQY
MBaAFOB+oLkU5jQxHMnw76FEj8t5fTicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEg2Z3VSVG1OREVjeWZEdm9VU1B5M2w5T0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iNjZhODEtM2U4OS00MzkyLTk2NDQt
NmM1NjFhYjgyYWUzLzEvNEg2Z3VSVG1OREVjeWZEdm9VU1B5M2w5T0p3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iNjZhODEtM2U4OS00MzkyLTk2NDQtNmM1NjFhYjgyYWUz
LzEvNEg2Z3VSVG1OREVjeWZEdm9VU1B5M2w5T0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIeqYsnP8
qe+ewvMM+oqB2j3cMdQ/0oT7WK2rOMR+clhr7Xu8+yuYObrAd50x/Nc9xqUwFsRZ
PL+kt8evc83U/+2dKXZKvGq0okhvsJcMZCCKLw6m5pTg8yFFvNEyhKT4w42sZQ1d
zd5NJNbjLTvYrJjWQCbD2QjSywm3UPctZtYyHShd/qdxeKQVCmz5v8/lp2QFEVoU
FjhPRSJ0aHCdE54Wq8crHxPjKIOqtVmcqLKx/zr/KWza3NBObwr0LNIxKbY4FBJv
29N2tI1d9tZhR5w17mtc1bxwYdmENTX7ba1ezX762ofMDcfGf0VxEGTbxv1t5QPX
yW7qM+P5lyjCNg==
-----END CERTIFICATE-----