Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
File:                     4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json)
Hash identifier:          YTekoXSfHVNJzpfVSlHe29Ex8p3zyJQO69tnwA6V5Jg=
Subject key identifier:   F3:C1:1B:83:61:30:A1:A1:48:88:F0:B4:C6:A2:20:99:5E:E5:3D:B9
Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9
Certificate issuer:       /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
Certificate serial:       019651FFB80D9FABB9077DD4B4D4A0A935C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
Manifest number:          023A
Signing time:             Sun 20 Apr 2025 07:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:35 +0000
Files and hashes:         1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: e1JCK0KLcHw4xy1VhKE38H6tqew5xQw5Wkk63GKGG7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:b8:0d:9f:ab:b9:07:7d:d4:b4:d4:a0:a9:35:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
        Validity
            Not Before: Apr 20 07:00:35 2025 GMT
            Not After : Apr 21 07:00:35 2025 GMT
        Subject: CN=f3c11b836130a1a14888f0b4c6a220995ee53db9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b2:01:e9:41:e5:46:b6:64:cf:b8:b0:0f:91:
                    5c:ca:16:86:bf:83:ec:2d:9a:e5:58:93:52:fb:3f:
                    d0:8d:7c:d5:34:88:ca:46:a8:b2:c8:86:b0:16:0b:
                    b2:23:2f:37:9c:f3:f3:c8:27:d9:8c:05:c9:ba:37:
                    10:e3:f9:e5:0d:57:ff:30:e5:07:39:c8:b3:b7:3c:
                    86:b1:db:4d:5d:c7:f6:97:a7:b9:c2:90:13:ca:51:
                    c2:ac:ac:4d:48:a5:62:a4:43:a4:37:c7:b9:d7:2d:
                    1d:28:33:b4:84:47:64:2d:c6:e4:a7:07:35:58:cc:
                    8c:fe:69:2a:f1:4b:7b:51:7f:f0:bc:4e:7e:d2:a2:
                    52:5c:3a:b4:98:ba:a1:60:dd:78:6f:5b:97:d3:25:
                    fd:dc:4d:fe:34:e7:ab:57:f4:2d:ba:b7:0c:2e:40:
                    fb:06:6c:fb:b2:72:9e:e5:58:00:e1:74:b5:33:67:
                    ab:72:1f:e8:27:37:9a:53:81:8c:78:a6:9d:64:bf:
                    e3:c0:91:91:89:37:b6:86:06:69:42:bf:d5:94:05:
                    df:77:ed:1f:52:7c:02:5d:9a:9f:82:1b:fe:60:22:
                    88:80:44:a3:98:c9:7a:13:96:66:70:fd:40:14:8f:
                    4d:89:a1:59:65:34:ef:b1:69:fb:1c:1e:0d:a7:ea:
                    dc:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:C1:1B:83:61:30:A1:A1:48:88:F0:B4:C6:A2:20:99:5E:E5:3D:B9
            X509v3 Authority Key Identifier:
                keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:ac:9e:54:5e:86:69:cf:1a:2c:22:42:5d:10:c4:83:87:08:
         cb:1d:d1:9b:db:17:92:64:e3:ef:0b:47:c4:4d:6f:d6:f9:80:
         3d:5e:77:0e:34:df:ff:cb:ef:b5:40:87:8d:0e:1e:37:cd:99:
         6e:67:80:50:d8:ff:d7:c4:aa:ae:72:ab:5a:54:62:7a:5c:79:
         14:d8:74:80:d2:4a:61:c9:39:3f:ce:82:3e:30:bd:1c:bf:2f:
         63:cb:1c:b2:bb:ba:b9:67:87:1a:70:3d:4d:a0:d8:f0:e9:40:
         23:d6:87:d9:73:b9:f1:a3:b9:a5:89:55:1d:ca:d0:ef:67:f7:
         1c:07:3c:63:b6:9b:0b:d7:55:ba:5d:84:ba:7c:4f:d7:b6:1d:
         2e:20:46:d3:81:4c:95:75:e5:5f:18:5d:36:cf:43:f7:a7:47:
         6a:16:2e:85:64:70:24:62:c6:66:d4:87:af:d8:7e:63:b9:fc:
         c5:16:20:7d:80:1f:b3:b6:cb:c6:07:9e:f2:a4:bc:59:98:e1:
         2f:f8:ae:9d:09:10:d0:f3:20:1c:39:bb:d4:17:ae:1f:5c:76:
         40:e2:4e:c1:62:32:3e:ab:9b:5c:3d:3e:53:75:19:f1:75:62:
         ea:40:ec:9d:42:fe:2a:71:12:ce:e1:20:06:23:af:1c:30:0b:
         d3:c1:5b:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/7gNn6u5B33UtNSgqTXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx
N2M1ZTkwHhcNMjUwNDIwMDcwMDM1WhcNMjUwNDIxMDcwMDM1WjAzMTEwLwYDVQQD
EyhmM2MxMWI4MzYxMzBhMWExNDg4OGYwYjRjNmEyMjA5OTVlZTUzZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrIB6UHlRrZkz7iwD5FcyhaGv4Ps
LZrlWJNS+z/QjXzVNIjKRqiyyIawFguyIy83nPPzyCfZjAXJujcQ4/nlDVf/MOUH
OciztzyGsdtNXcf2l6e5wpATylHCrKxNSKVipEOkN8e51y0dKDO0hEdkLcbkpwc1
WMyM/mkq8Ut7UX/wvE5+0qJSXDq0mLqhYN14b1uX0yX93E3+NOerV/QturcMLkD7
Bmz7snKe5VgA4XS1M2erch/oJzeaU4GMeKadZL/jwJGRiTe2hgZpQr/VlAXfd+0f
UnwCXZqfghv+YCKIgESjmMl6E5ZmcP1AFI9NiaFZZTTvsWn7HB4Np+rc9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPBG4NhMKGhSIjwtMaiIJle5T25MB8GA1UdIwQY
MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct
YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0
LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQayeVF6G
ac8aLCJCXRDEg4cIyx3Rm9sXkmTj7wtHxE1v1vmAPV53DjTf/8vvtUCHjQ4eN82Z
bmeAUNj/18SqrnKrWlRielx5FNh0gNJKYck5P86CPjC9HL8vY8scsru6uWeHGnA9
TaDY8OlAI9aH2XO58aO5pYlVHcrQ72f3HAc8Y7abC9dVul2EunxP17YdLiBG04FM
lXXlXxhdNs9D96dHahYuhWRwJGLGZtSHr9h+Y7n8xRYgfYAfs7bLxgee8qS8WZjh
L/iunQkQ0PMgHDm71BeuH1x2QOJOwWIyPqubXD0+U3UZ8XVi6kDsnUL+KnESzuEg
BiOvHDAL08FbJg==
-----END CERTIFICATE-----