Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
File:                     I0AYtVE7d50uHjrBqGpZO92XTKc.mft (raw, json)
Hash identifier:          OFAe/cbBMfThs8CqtQ2F/NIGFBf1rImBY5behH+BqG8=
Subject key identifier:   CE:77:4F:0F:E5:69:CA:6C:15:E9:85:91:F8:B7:FB:3D:A0:B5:19:AE
Authority key identifier: 23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7
Certificate issuer:       /CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
Certificate serial:       01967E33C050BFA909E518A35B356AFE3ADA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
Manifest number:          F4
Signing time:             Mon 28 Apr 2025 21:00:42 +0000
Manifest this update:     Mon 28 Apr 2025 21:00:42 +0000
Manifest next update:     Tue 29 Apr 2025 21:00:42 +0000
Files and hashes:         1: I0AYtVE7d50uHjrBqGpZO92XTKc.crl (hash: S3zP8RcKJFUY9gdHAbIuU4ZB1NY3kjg8m0b0tNAWctI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 21:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:33:c0:50:bf:a9:09:e5:18:a3:5b:35:6a:fe:3a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
        Validity
            Not Before: Apr 28 21:00:42 2025 GMT
            Not After : Apr 29 21:00:42 2025 GMT
        Subject: CN=ce774f0fe569ca6c15e98591f8b7fb3da0b519ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:42:cc:00:ac:e9:36:86:9c:cf:76:3b:82:fd:
                    f7:85:42:14:83:09:e1:03:3d:b9:bd:42:37:cf:95:
                    a3:c9:4a:69:9a:2c:79:5b:d2:34:85:db:ad:0c:91:
                    fc:66:d7:29:4f:18:bc:86:7f:5d:00:d7:90:eb:75:
                    76:1f:35:a7:77:d1:03:b3:b4:c8:b0:5b:83:f3:9d:
                    50:0b:ef:54:bb:01:29:17:23:41:a1:e3:13:22:2b:
                    21:cd:e1:b2:26:49:9d:90:e0:68:36:e0:a2:33:1b:
                    1c:6f:21:75:4b:2e:cb:81:e6:75:52:33:5e:76:8a:
                    07:3d:c3:b3:7d:ad:d2:78:a9:29:19:70:14:28:3f:
                    b5:70:d7:53:1b:af:27:d8:0f:89:c8:66:c6:ea:81:
                    77:8a:1e:df:5d:e9:8d:38:a3:11:be:71:cb:5d:8f:
                    09:ed:be:ca:f3:40:6b:69:30:71:bd:4d:16:6a:f8:
                    cb:a3:ed:35:6d:5d:a9:b5:b2:0f:9a:3d:80:1b:ad:
                    1b:13:97:1c:53:64:59:dc:ce:dd:1b:31:50:eb:a8:
                    70:ad:80:1f:41:a9:24:e4:59:08:f5:cc:70:65:d1:
                    ad:7c:b8:e0:d0:90:e0:14:a6:5a:74:a4:ca:f3:68:
                    a9:2f:ea:46:e5:ac:87:a1:42:da:5f:06:8e:c8:91:
                    52:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:77:4F:0F:E5:69:CA:6C:15:E9:85:91:F8:B7:FB:3D:A0:B5:19:AE
            X509v3 Authority Key Identifier:
                keyid:23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:50:31:47:02:7a:b6:65:4d:81:3f:70:58:08:3d:2c:be:48:
         fe:09:f4:c1:d4:83:89:a1:6b:f8:06:19:55:35:6f:fe:93:8b:
         52:cf:43:bb:c4:4e:f3:20:fe:73:73:12:f5:9b:b3:52:b4:7d:
         b6:a7:f8:a4:62:5f:bb:90:14:c2:4e:ed:71:fe:95:7e:3b:e4:
         1d:b5:2e:f2:7e:0f:23:79:5e:62:3e:18:fd:8f:43:2b:d0:1e:
         20:a8:b8:ac:13:2c:3f:d1:12:a6:21:c2:a7:42:a6:bd:91:04:
         2c:62:27:e8:17:56:55:7b:1a:5e:fe:4b:20:7b:90:e3:b8:0f:
         a3:9f:37:54:07:ae:19:7b:33:b3:3b:80:de:77:50:34:95:a7:
         98:96:ff:bd:27:71:4a:8e:a6:48:76:26:68:5b:00:bd:cc:b6:
         0a:43:8c:c0:0e:18:9c:ef:73:8d:c2:4e:8d:4b:d4:31:17:14:
         7e:15:40:00:5a:ca:86:0e:c3:b7:c2:2a:a9:d2:14:ac:b7:41:
         1e:09:63:b6:4e:a8:c0:2b:33:39:fe:68:b5:38:bf:70:6b:63:
         5c:70:41:88:d4:c8:9c:fb:49:58:a0:c4:21:6f:26:15:0a:1e:
         f7:58:82:cb:c3:78:28:1c:f6:e8:38:79:99:0e:ce:46:62:5e:
         99:26:18:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+M8BQv6kJ5RijWzVq/jraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDAxOGI1NTEzYjc3OWQyZTFlM2FjMWE4NmE1OTNiZGQ5
NzRjYTcwHhcNMjUwNDI4MjEwMDQyWhcNMjUwNDI5MjEwMDQyWjAzMTEwLwYDVQQD
EyhjZTc3NGYwZmU1NjljYTZjMTVlOTg1OTFmOGI3ZmIzZGEwYjUxOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqULMAKzpNoacz3Y7gv33hUIUgwnh
Az25vUI3z5WjyUppmix5W9I0hdutDJH8ZtcpTxi8hn9dANeQ63V2HzWnd9EDs7TI
sFuD851QC+9UuwEpFyNBoeMTIishzeGyJkmdkOBoNuCiMxscbyF1Sy7LgeZ1UjNe
dooHPcOzfa3SeKkpGXAUKD+1cNdTG68n2A+JyGbG6oF3ih7fXemNOKMRvnHLXY8J
7b7K80BraTBxvU0WavjLo+01bV2ptbIPmj2AG60bE5ccU2RZ3M7dGzFQ66hwrYAf
Qakk5FkI9cxwZdGtfLjg0JDgFKZadKTK82ipL+pG5ayHoULaXwaOyJFSpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM53Tw/lacpsFemFkfi3+z2gtRmuMB8GA1UdIwQY
MBaAFCNAGLVRO3edLh46wahqWTvdl0ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQt
YzNkNmM3YzhiYThhLzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQtYzNkNmM3YzhiYThh
LzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiFAxRwJ6
tmVNgT9wWAg9LL5I/gn0wdSDiaFr+AYZVTVv/pOLUs9Du8RO8yD+c3MS9ZuzUrR9
tqf4pGJfu5AUwk7tcf6VfjvkHbUu8n4PI3leYj4Y/Y9DK9AeIKi4rBMsP9ESpiHC
p0KmvZEELGIn6BdWVXsaXv5LIHuQ47gPo583VAeuGXszszuA3ndQNJWnmJb/vSdx
So6mSHYmaFsAvcy2CkOMwA4YnO9zjcJOjUvUMRcUfhVAAFrKhg7Dt8IqqdIUrLdB
Hgljtk6owCszOf5otTi/cGtjXHBBiNTInPtJWKDEIW8mFQoe91iCy8N4KBz26Dh5
mQ7ORmJemSYYvg==
-----END CERTIFICATE-----