Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
File:                     4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json)
Hash identifier:          OD7pDaJxYVonuSpJTPBwSHO7LL81XeqjHdM7Ta6kntk=
Subject key identifier:   47:B4:92:B8:54:C3:74:1C:F7:CB:83:F4:99:CA:09:E1:50:56:66:EC
Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9
Certificate issuer:       /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
Certificate serial:       01958B16FD1BEFDD0357A2C91BCCBF66693A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
Manifest number:          01D3
Signing time:             Wed 12 Mar 2025 16:01:34 +0000
Manifest this update:     Wed 12 Mar 2025 16:01:34 +0000
Manifest next update:     Thu 13 Mar 2025 16:01:34 +0000
Files and hashes:         1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: wu5pGdebXBQ/Nedx7Aqc+hfqBa6D0apBWN2eKVr8FFg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:fd:1b:ef:dd:03:57:a2:c9:1b:cc:bf:66:69:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
        Validity
            Not Before: Mar 12 16:01:34 2025 GMT
            Not After : Mar 13 16:01:34 2025 GMT
        Subject: CN=47b492b854c3741cf7cb83f499ca09e1505666ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bd:e7:4a:40:a6:92:5b:12:32:e2:a1:ed:e3:
                    ee:2d:f9:1c:87:5c:45:22:6f:37:0e:f8:1a:fe:68:
                    cc:6b:48:a2:b8:bc:14:ed:bb:fd:41:ae:e5:78:72:
                    81:12:e4:c9:f7:8d:bb:d1:75:82:7c:63:ac:cf:42:
                    8d:06:92:c7:93:38:5a:ef:34:48:3d:08:a2:6e:a7:
                    c6:16:72:b2:7e:0f:4d:2d:e0:37:3d:f6:15:0b:16:
                    77:e5:c9:db:7c:35:60:bc:8a:1d:8a:c8:f6:85:c4:
                    7c:28:3d:cf:5f:67:a7:ce:22:bc:b0:94:fa:95:ca:
                    64:f2:f6:a6:57:3d:39:38:5e:b7:ef:89:88:b8:ea:
                    11:6e:60:d8:55:1f:6f:f1:8d:49:40:01:ea:57:10:
                    12:d3:60:2f:bb:bf:bd:6c:66:a1:b4:0d:1a:9f:21:
                    30:d2:d8:1b:01:ed:90:d6:8f:e4:a0:91:05:59:fa:
                    11:15:2c:61:1b:2b:fb:13:09:82:e5:4b:54:e9:6f:
                    1e:cf:c9:e9:5f:7f:e7:c0:e6:f2:d1:87:2c:da:c2:
                    56:be:f5:27:89:39:a8:62:e7:d8:b7:3b:9b:56:b3:
                    74:31:de:8d:71:51:40:77:a2:88:ba:b0:34:02:a6:
                    91:68:83:b9:22:45:7e:4c:54:6c:93:c9:dd:80:c3:
                    93:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B4:92:B8:54:C3:74:1C:F7:CB:83:F4:99:CA:09:E1:50:56:66:EC
            X509v3 Authority Key Identifier:
                keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:0f:68:c7:69:3a:a1:7e:4b:e0:f4:22:fb:f2:72:46:f3:c3:
         2a:26:d5:28:e0:ed:5a:83:4e:63:e3:5f:f2:fe:c8:b4:10:21:
         64:49:fb:93:39:b0:8e:d9:7e:72:27:14:71:9f:93:88:b7:82:
         fa:8b:69:da:10:2c:46:82:45:f9:c0:71:db:a1:17:44:6f:ef:
         af:86:0e:57:3d:1b:5c:65:67:15:58:00:14:8c:06:93:cd:e6:
         66:f6:4e:93:b9:9f:8b:b0:25:a6:9c:3f:c8:ce:8a:d9:5e:fa:
         af:91:b5:87:f5:aa:64:b5:7c:6c:23:24:c7:56:ad:9a:e5:7d:
         72:1f:a9:e2:a2:37:1b:18:84:03:c7:4f:d6:2c:6c:d9:e0:cc:
         52:70:79:70:15:e0:85:a1:82:c0:c3:7f:cd:8f:0d:5a:f0:74:
         09:45:9d:84:0e:fc:44:cb:04:2b:4f:89:86:33:dc:7a:1d:89:
         e7:9e:b9:6f:f5:df:9e:0c:f5:53:14:4d:1e:cf:6e:2b:3d:6e:
         6a:70:39:e5:15:39:2e:ad:80:6c:da:e8:6b:83:b4:d0:c2:da:
         45:2d:44:8c:30:19:12:2e:5d:c7:32:81:94:d9:03:a3:59:65:
         7b:39:31:ed:7f:9b:c8:84:b7:9c:43:a1:39:6a:a6:8b:bc:d8:
         8b:f3:ff:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFv0b790DV6LJG8y/Zmk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx
N2M1ZTkwHhcNMjUwMzEyMTYwMTM0WhcNMjUwMzEzMTYwMTM0WjAzMTEwLwYDVQQD
Eyg0N2I0OTJiODU0YzM3NDFjZjdjYjgzZjQ5OWNhMDllMTUwNTY2NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs73nSkCmklsSMuKh7ePuLfkch1xF
Im83Dvga/mjMa0iiuLwU7bv9Qa7leHKBEuTJ94270XWCfGOsz0KNBpLHkzha7zRI
PQiibqfGFnKyfg9NLeA3PfYVCxZ35cnbfDVgvIodisj2hcR8KD3PX2enziK8sJT6
lcpk8vamVz05OF6374mIuOoRbmDYVR9v8Y1JQAHqVxAS02Avu7+9bGahtA0anyEw
0tgbAe2Q1o/koJEFWfoRFSxhGyv7EwmC5UtU6W8ez8npX3/nwOby0Ycs2sJWvvUn
iTmoYufYtzubVrN0Md6NcVFAd6KIurA0AqaRaIO5IkV+TFRsk8ndgMOTFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe0krhUw3Qc98uD9JnKCeFQVmbsMB8GA1UdIwQY
MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct
YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0
LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaw9ox2k6
oX5L4PQi+/JyRvPDKibVKODtWoNOY+Nf8v7ItBAhZEn7kzmwjtl+cicUcZ+TiLeC
+otp2hAsRoJF+cBx26EXRG/vr4YOVz0bXGVnFVgAFIwGk83mZvZOk7mfi7Alppw/
yM6K2V76r5G1h/WqZLV8bCMkx1atmuV9ch+p4qI3GxiEA8dP1ixs2eDMUnB5cBXg
haGCwMN/zY8NWvB0CUWdhA78RMsEK0+JhjPceh2J5565b/Xfngz1UxRNHs9uKz1u
anA55RU5Lq2AbNroa4O00MLaRS1EjDAZEi5dxzKBlNkDo1llezkx7X+byIS3nEOh
OWqmi7zYi/P/mw==
-----END CERTIFICATE-----