Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          jO9YV8UnqxKTVcAvRXP6JUnuHAs5JfDCcXYJIBJ1B1k=
Subject key identifier:   D4:0B:4C:2E:12:76:21:2C:5F:6A:A0:D8:5C:EC:E4:EA:D1:D1:BD:1B
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       01964A7CCE8769649ACA04D11106A0795859
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          14F7
Signing time:             Fri 18 Apr 2025 20:00:15 +0000
Manifest this update:     Fri 18 Apr 2025 20:00:15 +0000
Manifest next update:     Sat 19 Apr 2025 20:00:15 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: sYUq8vev99Y4TDGatkOOv7QY9VVzhEa9mwmoXUPUfUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:7c:ce:87:69:64:9a:ca:04:d1:11:06:a0:79:58:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Apr 18 20:00:15 2025 GMT
            Not After : Apr 19 20:00:15 2025 GMT
        Subject: CN=d40b4c2e1276212c5f6aa0d85cece4ead1d1bd1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9a:b9:5a:48:15:cb:a2:22:3b:68:1c:56:b0:
                    11:8f:d3:c0:7d:96:3e:5d:4a:4c:e6:d0:7e:ee:26:
                    40:65:74:37:8a:b1:93:41:b8:aa:28:1b:77:95:23:
                    61:94:3e:fc:c7:76:8a:39:e6:ad:a6:d5:28:71:94:
                    69:3e:1d:4c:71:52:a1:5d:10:7c:00:cf:2a:ca:f4:
                    73:fb:f1:45:46:b6:a7:c0:2e:5b:89:59:c7:7d:8a:
                    c6:02:42:92:9f:5d:46:1b:d9:c0:c9:71:97:40:37:
                    4d:74:b6:ca:29:13:23:83:09:4f:39:45:cc:c8:d2:
                    ed:89:59:1e:8e:6e:32:f6:38:a7:0f:4b:cd:e1:0f:
                    c1:f6:c6:15:1f:45:49:64:0b:cb:25:42:d5:f0:9a:
                    b8:8f:c1:fb:bf:3c:2e:91:0e:60:55:33:8a:30:2b:
                    71:cc:12:13:2d:4d:1e:5d:ea:17:19:11:a2:d7:be:
                    ee:9d:2e:9c:35:73:2d:1a:1f:3b:e6:83:8f:6b:17:
                    64:7f:96:5b:16:09:57:e0:bf:96:27:ee:55:57:2c:
                    f5:3c:9b:b9:e7:f3:55:a5:76:24:7f:5e:fa:6f:3a:
                    f6:d6:5f:66:6f:d4:43:26:c6:15:af:16:84:7d:71:
                    7a:08:8d:7c:cd:6e:78:22:bc:cb:02:47:bd:dc:b2:
                    45:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:0B:4C:2E:12:76:21:2C:5F:6A:A0:D8:5C:EC:E4:EA:D1:D1:BD:1B
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:68:88:15:0d:62:99:8c:f8:1b:8c:5c:7b:16:46:97:66:2e:
         ab:3f:d4:7f:23:bd:5c:1a:39:11:4e:3c:01:cb:c4:c8:9c:30:
         c7:93:9a:8c:35:60:8c:2a:dd:65:f0:cd:f1:03:6c:01:72:60:
         aa:1c:30:72:f9:78:af:da:7a:ed:0e:8a:a4:2c:47:5a:cc:2a:
         2e:9a:bf:16:da:b2:5c:8b:f4:ae:01:73:81:69:ff:47:47:be:
         79:fc:5d:a7:81:f8:9b:85:91:d3:3a:76:0f:89:e4:c1:3b:01:
         e6:09:f4:72:50:b1:2f:61:97:58:72:fe:90:de:6e:fd:c1:93:
         4f:ea:d6:95:cc:92:44:78:29:b6:ad:ba:ff:27:6a:ed:07:0c:
         96:3c:cc:45:91:da:70:83:5f:48:3e:b5:11:b2:2d:a8:d2:73:
         88:df:f9:c1:83:6e:8e:89:77:95:f6:ca:31:3a:fe:11:92:6f:
         fa:0d:cc:dd:37:a3:51:68:c7:b9:e7:a8:e1:ba:91:5c:23:2b:
         47:e3:ed:5f:cd:0f:0a:a0:79:d3:9a:a1:95:0d:0c:b0:5b:0f:
         40:e3:35:07:90:a4:be:b7:91:7d:75:c3:1d:69:d7:a7:91:b1:
         19:c7:2c:d6:db:1f:7e:2b:60:8a:d8:74:aa:2b:f1:85:9b:37:
         aa:45:af:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKfM6HaWSaygTREQageVhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjUwNDE4MjAwMDE1WhcNMjUwNDE5MjAwMDE1WjAzMTEwLwYDVQQD
EyhkNDBiNGMyZTEyNzYyMTJjNWY2YWEwZDg1Y2VjZTRlYWQxZDFiZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspq5WkgVy6IiO2gcVrARj9PAfZY+
XUpM5tB+7iZAZXQ3irGTQbiqKBt3lSNhlD78x3aKOeatptUocZRpPh1McVKhXRB8
AM8qyvRz+/FFRranwC5biVnHfYrGAkKSn11GG9nAyXGXQDdNdLbKKRMjgwlPOUXM
yNLtiVkejm4y9jinD0vN4Q/B9sYVH0VJZAvLJULV8Jq4j8H7vzwukQ5gVTOKMCtx
zBITLU0eXeoXGRGi177unS6cNXMtGh875oOPaxdkf5ZbFglX4L+WJ+5VVyz1PJu5
5/NVpXYkf176bzr21l9mb9RDJsYVrxaEfXF6CI18zW54IrzLAke93LJFqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQLTC4SdiEsX2qg2Fzs5OrR0b0bMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmGiIFQ1i
mYz4G4xcexZGl2Yuqz/UfyO9XBo5EU48AcvEyJwwx5OajDVgjCrdZfDN8QNsAXJg
qhwwcvl4r9p67Q6KpCxHWswqLpq/FtqyXIv0rgFzgWn/R0e+efxdp4H4m4WR0zp2
D4nkwTsB5gn0clCxL2GXWHL+kN5u/cGTT+rWlcySRHgptq26/ydq7QcMljzMRZHa
cINfSD61EbItqNJziN/5wYNujol3lfbKMTr+EZJv+g3M3TejUWjHueeo4bqRXCMr
R+PtX80PCqB505qhlQ0MsFsPQOM1B5CkvreRfXXDHWnXp5GxGccs1tsffitgith0
qivxhZs3qkWv4g==
-----END CERTIFICATE-----