Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          4Q4pf+a5bFMBv2skq3TeG457UAOIYoG17laf8tYmrEY=
Subject key identifier:   DE:98:FA:1F:E3:EC:D1:57:E4:95:D4:43:89:93:8D:55:04:4D:2B:8A
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       01964E5A01192DE2B4D356855E4BF10C9E3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          0EF2
Signing time:             Sat 19 Apr 2025 14:00:43 +0000
Manifest this update:     Sat 19 Apr 2025 14:00:43 +0000
Manifest next update:     Sun 20 Apr 2025 14:00:43 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: eQUnXs/HIOlRlFBG7lWhqIFT76nGNytL7TrNHJXDdMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:5a:01:19:2d:e2:b4:d3:56:85:5e:4b:f1:0c:9e:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Apr 19 14:00:43 2025 GMT
            Not After : Apr 20 14:00:43 2025 GMT
        Subject: CN=de98fa1fe3ecd157e495d44389938d55044d2b8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5b:b9:46:01:20:47:9a:aa:7c:0c:ee:98:3c:
                    93:9f:c7:1e:a3:24:87:78:00:30:3e:82:b3:71:7d:
                    54:e9:00:4b:fd:99:94:51:30:0a:47:6c:2b:9d:de:
                    78:6f:6a:54:c9:1a:5d:e3:9f:5d:0c:1b:d8:53:9b:
                    24:5c:c5:85:b8:39:46:55:46:dd:93:26:bb:75:e8:
                    2e:e1:0b:8b:52:95:9b:35:82:aa:89:0b:e7:92:33:
                    45:8e:17:96:f8:c4:ce:3a:45:4d:f9:88:81:88:72:
                    1a:20:59:a5:11:b0:b3:71:c8:22:8e:27:1c:93:b2:
                    ab:66:47:c7:75:d0:b3:4d:6c:c6:43:45:1b:d3:98:
                    d3:e7:dd:ba:ca:ce:ed:8f:54:de:ee:41:65:3b:6c:
                    05:a5:56:e6:10:2b:66:70:a2:d8:c2:71:10:ea:fe:
                    a8:8e:b1:ac:03:8a:25:52:71:c6:9d:1b:ca:ee:46:
                    f1:37:e8:35:d0:06:38:93:83:76:f1:c9:cc:1b:8e:
                    f4:33:2f:10:2e:58:7e:7d:eb:68:c0:2e:67:45:49:
                    27:f9:46:5e:e5:b4:c2:e8:6c:c8:93:75:f7:25:74:
                    19:86:81:91:87:ae:87:cb:db:c5:22:4f:d7:4f:4c:
                    2f:78:ba:0e:5b:a2:08:4f:33:6f:95:2b:f8:9b:10:
                    89:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:98:FA:1F:E3:EC:D1:57:E4:95:D4:43:89:93:8D:55:04:4D:2B:8A
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:10:65:0f:b2:70:ab:c1:d0:f0:6c:93:4c:02:e5:d8:9f:03:
         7d:80:2c:3d:f9:9c:bf:68:d0:dd:d8:e9:84:c6:df:27:94:b2:
         90:62:e1:f0:90:63:19:e0:0b:ad:b6:7c:e9:65:d2:b9:ea:46:
         bd:b9:f3:e8:91:9c:75:a6:2a:e0:a9:03:14:b9:03:71:cb:86:
         90:55:28:13:21:52:90:01:d2:0c:9d:05:b3:72:63:6d:2b:da:
         0b:9b:b2:49:a4:53:bf:b8:a0:1f:10:79:3e:be:2f:6d:6d:89:
         dc:88:23:44:43:40:dc:d8:06:a1:04:a2:f7:43:73:03:25:71:
         0e:75:96:35:88:48:a7:1f:07:0a:bd:19:4b:0a:69:03:0b:87:
         3d:e8:5b:9b:6a:df:91:3d:5d:0e:c1:14:ae:e1:55:37:dd:d2:
         76:c3:6b:fb:8e:79:3a:26:4a:55:0d:10:a4:74:34:f5:5e:db:
         c0:a5:9c:2d:3a:f2:da:c6:55:1c:0b:91:0c:36:40:95:df:6d:
         56:19:d7:6a:7d:84:8d:63:48:87:c9:f6:2f:22:c7:9a:c4:1a:
         d1:2f:b8:82:22:9d:a0:36:09:0d:5e:f2:c3:1f:9f:6a:7d:0f:
         51:63:6a:c3:c9:f8:a9:11:0d:d8:4c:be:c4:cc:40:e9:d2:41:
         10:53:23:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOWgEZLeK001aFXkvxDJ48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUwNDE5MTQwMDQzWhcNMjUwNDIwMTQwMDQzWjAzMTEwLwYDVQQD
EyhkZTk4ZmExZmUzZWNkMTU3ZTQ5NWQ0NDM4OTkzOGQ1NTA0NGQyYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlu5RgEgR5qqfAzumDyTn8ceoySH
eAAwPoKzcX1U6QBL/ZmUUTAKR2wrnd54b2pUyRpd459dDBvYU5skXMWFuDlGVUbd
kya7degu4QuLUpWbNYKqiQvnkjNFjheW+MTOOkVN+YiBiHIaIFmlEbCzccgijicc
k7KrZkfHddCzTWzGQ0Ub05jT5926ys7tj1Te7kFlO2wFpVbmECtmcKLYwnEQ6v6o
jrGsA4olUnHGnRvK7kbxN+g10AY4k4N28cnMG470My8QLlh+fetowC5nRUkn+UZe
5bTC6GzIk3X3JXQZhoGRh66Hy9vFIk/XT0wveLoOW6IITzNvlSv4mxCJGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6Y+h/j7NFX5JXUQ4mTjVUETSuKMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhBlD7Jw
q8HQ8GyTTALl2J8DfYAsPfmcv2jQ3djphMbfJ5SykGLh8JBjGeALrbZ86WXSuepG
vbnz6JGcdaYq4KkDFLkDccuGkFUoEyFSkAHSDJ0Fs3JjbSvaC5uySaRTv7igHxB5
Pr4vbW2J3IgjRENA3NgGoQSi90NzAyVxDnWWNYhIpx8HCr0ZSwppAwuHPehbm2rf
kT1dDsEUruFVN93SdsNr+455OiZKVQ0QpHQ09V7bwKWcLTry2sZVHAuRDDZAld9t
VhnXan2EjWNIh8n2LyLHmsQa0S+4giKdoDYJDV7ywx+fan0PUWNqw8n4qREN2Ey+
xMxA6dJBEFMjcg==
-----END CERTIFICATE-----