Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          toX3S6AF92cINl/DQaCwT0TJ2tJ1GqPH5vP9v3x8QX0=
Subject key identifier:   30:79:0F:8A:5C:63:8C:29:79:EF:A0:CD:37:A7:F5:B7:32:79:29:BE
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       0197CACC80C565BF8F296E2679995FAC4CF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          15BE
Signing time:             Wed 02 Jul 2025 11:01:29 +0000
Manifest this update:     Wed 02 Jul 2025 11:01:29 +0000
Manifest next update:     Thu 03 Jul 2025 11:01:29 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: UPml3wlrwp/Ng2Lle3/on48PNepFVNt2tZ4PcEhzOUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:cc:80:c5:65:bf:8f:29:6e:26:79:99:5f:ac:4c:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Jul  2 11:01:29 2025 GMT
            Not After : Jul  3 11:01:29 2025 GMT
        Subject: CN=30790f8a5c638c2979efa0cd37a7f5b7327929be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:19:4c:85:ce:28:0c:64:ad:41:16:80:75:1d:
                    a7:b0:5e:b6:4e:de:13:5b:61:6e:9a:52:28:aa:db:
                    ba:6c:17:a5:33:e8:25:81:14:06:1e:1e:f5:f6:d9:
                    1a:bb:f8:32:47:62:47:ce:91:b6:25:58:7d:a6:bb:
                    11:07:96:fa:77:29:c5:62:65:14:e7:71:8a:52:37:
                    77:50:35:8f:b7:5b:3b:d7:cf:87:f0:fb:a3:8e:a4:
                    e8:fe:2d:40:94:e9:a3:07:9a:7f:f5:31:92:d4:d1:
                    c5:3c:63:96:af:0e:62:ed:80:5c:6f:1b:19:2d:4b:
                    75:f9:6c:03:ea:46:a7:4e:e4:37:69:02:b5:f7:93:
                    ac:6a:e0:3c:9f:83:20:a3:e1:b3:2f:d8:07:34:b2:
                    8c:c8:7f:93:cc:8d:fd:c9:61:96:6d:c9:03:3b:24:
                    43:b0:5b:ab:c4:1e:f3:f4:58:61:b9:a3:2a:de:47:
                    4c:db:2c:9e:e0:f2:7a:3b:4b:5a:5e:7a:ef:af:57:
                    e2:b3:c4:6e:03:bc:6b:10:b4:20:8b:78:0e:00:a0:
                    ad:a7:49:fa:e7:df:c5:f9:a9:d9:c1:0e:00:24:0c:
                    95:36:00:12:fc:ad:3c:7f:55:8d:3d:66:f7:03:62:
                    b4:1a:bb:da:ab:18:ca:89:a5:80:fd:13:70:0a:a3:
                    4e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:79:0F:8A:5C:63:8C:29:79:EF:A0:CD:37:A7:F5:B7:32:79:29:BE
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:c1:44:8e:36:26:f8:7b:d2:55:0f:43:20:ee:2e:ae:71:d1:
         4d:d2:59:c4:ba:3e:91:2e:56:81:ca:2e:9d:c3:24:df:f3:f8:
         2d:4a:bb:d5:4c:d9:14:70:6b:76:0e:19:e3:3e:4c:ec:36:55:
         2e:85:ec:3a:58:49:77:f7:08:f9:c2:40:d6:9a:ac:82:0a:ab:
         dc:3b:e5:bc:48:04:10:e8:51:21:ac:b6:d2:55:c2:34:82:65:
         dc:0b:a1:bb:4f:8e:06:df:e4:99:80:d9:ca:d0:8d:9a:9b:39:
         55:07:01:3c:da:a7:1d:ff:6f:9e:18:40:ac:26:ab:7d:9a:ee:
         ee:1a:4d:03:b6:99:86:43:b6:ee:92:f4:f7:2a:b8:b2:a0:87:
         0f:d3:ac:79:b7:0f:61:b7:09:a6:f1:33:f9:bf:9e:47:25:cf:
         98:ff:f4:b0:f5:a7:1c:6d:28:35:d6:7b:7c:9b:96:3b:ee:21:
         f2:01:09:dd:be:c2:00:12:59:b0:cf:61:3c:01:64:79:6a:d7:
         ec:62:83:46:20:d0:5d:62:aa:b0:01:76:01:99:ad:be:fd:33:
         10:96:e7:54:57:c7:70:d8:c2:d8:37:e9:ae:9f:77:b1:61:27:
         93:70:37:25:89:87:10:02:87:9b:56:90:1c:df:eb:f8:91:2f:
         56:d4:5d:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKzIDFZb+PKW4meZlfrEzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjUwNzAyMTEwMTI5WhcNMjUwNzAzMTEwMTI5WjAzMTEwLwYDVQQD
EygzMDc5MGY4YTVjNjM4YzI5NzllZmEwY2QzN2E3ZjViNzMyNzkyOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxlMhc4oDGStQRaAdR2nsF62Tt4T
W2FumlIoqtu6bBelM+glgRQGHh719tkau/gyR2JHzpG2JVh9prsRB5b6dynFYmUU
53GKUjd3UDWPt1s718+H8PujjqTo/i1AlOmjB5p/9TGS1NHFPGOWrw5i7YBcbxsZ
LUt1+WwD6kanTuQ3aQK195OsauA8n4Mgo+GzL9gHNLKMyH+TzI39yWGWbckDOyRD
sFurxB7z9FhhuaMq3kdM2yye4PJ6O0taXnrvr1fis8RuA7xrELQgi3gOAKCtp0n6
59/F+anZwQ4AJAyVNgAS/K08f1WNPWb3A2K0GrvaqxjKiaWA/RNwCqNO1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDB5D4pcY4wpee+gzTen9bcyeSm+MB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmcFEjjYm
+HvSVQ9DIO4urnHRTdJZxLo+kS5WgcouncMk3/P4LUq71UzZFHBrdg4Z4z5M7DZV
LoXsOlhJd/cI+cJA1pqsggqr3DvlvEgEEOhRIay20lXCNIJl3Auhu0+OBt/kmYDZ
ytCNmps5VQcBPNqnHf9vnhhArCarfZru7hpNA7aZhkO27pL09yq4sqCHD9OsebcP
YbcJpvEz+b+eRyXPmP/0sPWnHG0oNdZ7fJuWO+4h8gEJ3b7CABJZsM9hPAFkeWrX
7GKDRiDQXWKqsAF2AZmtvv0zEJbnVFfHcNjC2Dfprp93sWEnk3A3JYmHEAKHm1aQ
HN/r+JEvVtRdMQ==
-----END CERTIFICATE-----