Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
File:                     a-5EwhI0JTYYsNeza5Djy1xA3tE.mft (raw, json)
Hash identifier:          H4aBmRgHuXw7V7c2kgfuXVosOmzHKAdA8vVzR73/erk=
Subject key identifier:   4B:2C:1D:5D:9C:91:66:EA:0F:F2:29:D6:FA:17:44:82:5F:86:FC:94
Authority key identifier: 6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1
Certificate issuer:       /CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
Certificate serial:       0196440D1826223DD31BBFB6829AF9E437DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
Manifest number:          14F2
Signing time:             Thu 17 Apr 2025 14:00:30 +0000
Manifest this update:     Thu 17 Apr 2025 14:00:30 +0000
Manifest next update:     Fri 18 Apr 2025 14:00:30 +0000
Files and hashes:         1: a-5EwhI0JTYYsNeza5Djy1xA3tE.crl (hash: pLTYNMMtuI8JeaKq8XE5u7VUtytcmquQpzPXrBkWd4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 14:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:0d:18:26:22:3d:d3:1b:bf:b6:82:9a:f9:e4:37:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
        Validity
            Not Before: Apr 17 14:00:30 2025 GMT
            Not After : Apr 18 14:00:30 2025 GMT
        Subject: CN=4b2c1d5d9c9166ea0ff229d6fa1744825f86fc94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:bf:2f:f1:20:18:44:15:34:29:ba:76:49:ef:
                    56:c9:5f:2a:fa:89:a0:05:2e:4e:4d:c1:f5:3b:76:
                    3f:05:d6:b2:11:62:fb:a7:03:cb:3e:fb:5d:c6:0b:
                    7e:f9:ac:5c:a5:cc:d4:37:62:ca:d0:30:62:18:58:
                    50:fd:47:87:c6:ef:53:76:96:41:6d:7d:27:d8:06:
                    9d:8b:3e:f4:5d:84:b2:4c:8c:00:f7:74:9d:53:72:
                    03:82:8c:67:c5:f0:fb:4e:75:f4:60:aa:75:b4:4f:
                    15:10:1e:00:e9:86:63:b9:41:b0:e6:4b:29:bf:af:
                    1e:16:be:ec:06:99:9d:78:c9:4b:b2:1b:fe:5a:bb:
                    e4:97:91:4f:ca:9d:09:20:34:44:3f:d2:6f:0b:2a:
                    fa:b8:15:2e:15:83:0d:cd:6e:64:76:09:13:d5:0e:
                    41:01:08:c9:56:11:e9:35:05:54:07:9d:88:ca:c8:
                    34:84:27:0c:07:0d:e6:98:57:8f:be:18:21:f4:8c:
                    41:ba:11:ee:22:29:74:7b:8b:bd:3d:4b:7b:f0:f7:
                    b2:31:d5:cf:9c:c7:71:19:70:72:91:17:b4:c3:fa:
                    74:4b:a1:e8:94:3d:40:2e:70:4b:fb:2e:93:54:dc:
                    13:d2:c2:15:23:b9:76:29:7e:92:4d:22:92:e4:29:
                    80:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:2C:1D:5D:9C:91:66:EA:0F:F2:29:D6:FA:17:44:82:5F:86:FC:94
            X509v3 Authority Key Identifier:
                keyid:6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:84:5a:bc:88:bf:35:bd:47:c8:ce:89:06:12:1f:92:fb:83:
         fe:bc:2b:e2:e0:55:27:7c:a2:9f:a0:20:17:88:20:fe:57:46:
         51:60:c7:20:11:69:c5:af:c6:59:07:73:2d:63:95:75:19:02:
         d2:4b:97:8d:4a:dd:45:f8:a5:5e:36:0e:86:91:c2:02:e6:61:
         12:b3:07:e0:79:fa:ab:b3:03:ca:32:46:02:e1:f4:1f:1b:96:
         9d:86:e2:6f:75:67:b9:18:94:2a:c6:9b:3b:f9:de:0a:20:25:
         7e:c2:45:c7:22:bf:0f:dd:8d:df:aa:e7:42:86:c1:bb:97:c5:
         15:ee:05:59:b5:b8:06:a1:13:34:f9:d1:18:00:8f:83:77:d9:
         4a:e6:bb:bc:18:63:07:fd:32:bb:ad:dc:0c:7e:82:43:90:67:
         8a:5e:76:be:37:b8:7b:0c:82:e4:77:17:27:cc:85:a7:af:36:
         00:53:e4:e3:06:5d:ca:41:46:67:90:a3:7a:18:64:60:69:53:
         20:42:ed:dc:16:1e:09:fd:1f:17:0c:6a:49:34:f0:30:78:fe:
         77:a1:76:53:5e:99:c2:5d:db:5d:47:77:b8:0d:cb:68:f2:78:
         23:ec:62:dd:73:76:0d:a5:fc:c1:d1:40:a8:f9:b0:f5:39:e7:
         a2:36:a8:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEDRgmIj3TG7+2gpr55DfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWU0NGMyMTIzNDI1MzYxOGIwZDdiMzZiOTBlM2NiNWM0
MGRlZDEwHhcNMjUwNDE3MTQwMDMwWhcNMjUwNDE4MTQwMDMwWjAzMTEwLwYDVQQD
Eyg0YjJjMWQ1ZDljOTE2NmVhMGZmMjI5ZDZmYTE3NDQ4MjVmODZmYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu78v8SAYRBU0Kbp2Se9WyV8q+omg
BS5OTcH1O3Y/BdayEWL7pwPLPvtdxgt++axcpczUN2LK0DBiGFhQ/UeHxu9TdpZB
bX0n2Aadiz70XYSyTIwA93SdU3IDgoxnxfD7TnX0YKp1tE8VEB4A6YZjuUGw5ksp
v68eFr7sBpmdeMlLshv+Wrvkl5FPyp0JIDREP9JvCyr6uBUuFYMNzW5kdgkT1Q5B
AQjJVhHpNQVUB52Iysg0hCcMBw3mmFePvhgh9IxBuhHuIil0e4u9PUt78PeyMdXP
nMdxGXBykRe0w/p0S6HolD1ALnBL+y6TVNwT0sIVI7l2KX6STSKS5CmArQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEssHV2ckWbqD/Ip1voXRIJfhvyUMB8GA1UdIwQY
MBaAFGvuRMISNCU2GLDXs2uQ48tcQN7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWIt
NzY5YjNmYzI2NjRiLzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWItNzY5YjNmYzI2NjRi
LzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZoRavIi/
Nb1HyM6JBhIfkvuD/rwr4uBVJ3yin6AgF4gg/ldGUWDHIBFpxa/GWQdzLWOVdRkC
0kuXjUrdRfilXjYOhpHCAuZhErMH4Hn6q7MDyjJGAuH0HxuWnYbib3VnuRiUKsab
O/neCiAlfsJFxyK/D92N36rnQobBu5fFFe4FWbW4BqETNPnRGACPg3fZSua7vBhj
B/0yu63cDH6CQ5Bnil52vje4ewyC5HcXJ8yFp682AFPk4wZdykFGZ5CjehhkYGlT
IELt3BYeCf0fFwxqSTTwMHj+d6F2U16Zwl3bXUd3uA3LaPJ4I+xi3XN2DaX8wdFA
qPmw9TnnojaoGQ==
-----END CERTIFICATE-----