Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
File:                     RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft (raw, json)
Hash identifier:          l97Sfffd31NdUzESSD5CUlI/s6wOBtZ2jYYL9y+Y8+8=
Subject key identifier:   4E:35:6D:0A:3E:CD:28:F7:D2:92:17:2A:7B:24:F8:AA:F3:FC:16:47
Authority key identifier: 44:B4:37:B3:1B:50:67:03:84:FA:5D:20:D8:92:4D:61:1B:91:63:3E
Certificate issuer:       /CN=44b437b31b50670384fa5d20d8924d611b91633e
Certificate serial:       019787A1DEDF4D9ED697E6C8EDDD006A69A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
Manifest number:          0498
Signing time:             Thu 19 Jun 2025 10:00:21 +0000
Manifest this update:     Thu 19 Jun 2025 10:00:21 +0000
Manifest next update:     Fri 20 Jun 2025 10:00:21 +0000
Files and hashes:         1: RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl (hash: GxlMcR8m9QKzoTjNKQ9tjfyv9tDAJJcrV0o1fwvywog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 10:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:87:a1:de:df:4d:9e:d6:97:e6:c8:ed:dd:00:6a:69:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b437b31b50670384fa5d20d8924d611b91633e
        Validity
            Not Before: Jun 19 10:00:21 2025 GMT
            Not After : Jun 20 10:00:21 2025 GMT
        Subject: CN=4e356d0a3ecd28f7d292172a7b24f8aaf3fc1647
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:25:76:f0:f7:c8:18:ff:54:b3:64:c4:76:92:
                    f0:73:a0:70:d1:2b:9f:23:8b:9a:b4:2e:77:d9:ef:
                    84:18:0a:24:46:2d:41:b1:a3:ac:f9:98:3f:37:c2:
                    0e:4a:66:60:4a:88:d5:f0:cc:07:d2:9e:aa:a6:07:
                    b1:07:6d:9f:fd:51:e5:36:8b:e0:17:78:45:12:61:
                    e0:ba:02:85:33:d9:af:0a:d5:0f:94:e0:57:8f:93:
                    70:5d:43:d7:f2:da:12:de:88:ad:05:32:34:33:94:
                    13:1b:f6:e4:70:c0:07:45:4e:d3:78:4b:ed:65:73:
                    37:36:02:0e:c3:19:af:a3:36:6c:38:5d:73:e6:ba:
                    92:b1:46:22:4e:26:56:c4:ac:a5:9c:fb:08:0e:27:
                    c7:cf:30:bf:59:76:05:2f:c5:ae:56:ec:46:c5:8b:
                    73:dc:31:ea:c1:6f:9c:05:95:86:b0:d8:d9:7c:55:
                    09:27:cb:cb:18:25:82:d7:f3:e6:39:f2:b1:b7:8a:
                    99:8b:33:8c:5c:a1:34:d5:b2:0d:f3:0a:79:78:9e:
                    21:b9:7b:02:09:14:d2:3e:88:bd:b3:c0:e8:41:58:
                    6d:74:50:f3:6b:b7:b4:d3:a4:ac:f8:35:8d:0a:8e:
                    7f:55:70:11:28:15:e2:21:a9:c8:ee:67:1f:ae:0c:
                    ce:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:35:6D:0A:3E:CD:28:F7:D2:92:17:2A:7B:24:F8:AA:F3:FC:16:47
            X509v3 Authority Key Identifier:
                keyid:44:B4:37:B3:1B:50:67:03:84:FA:5D:20:D8:92:4D:61:1B:91:63:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e2ec34-b7f3-4055-8388-de3b75473fdd/1/RLQ3sxtQZwOE-l0g2JJNYRuRYz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:39:13:a3:21:5b:c5:4c:47:6c:83:12:1f:d0:dd:dc:f7:08:
         87:4b:4b:c6:14:e7:e4:ad:d3:cc:3d:4f:99:05:13:bd:1d:ed:
         67:ee:cb:ec:3f:10:dd:e8:dc:7f:48:da:1c:22:7c:9a:35:0d:
         21:8a:d5:fd:80:4b:d2:5c:e2:f1:4a:05:e6:3c:a5:b9:43:05:
         1e:6d:96:01:d2:fa:96:a9:d9:a6:1b:93:75:07:03:3f:e0:8e:
         8d:5b:0d:44:10:89:09:cb:0e:49:0d:7b:db:93:8c:6d:a9:10:
         1b:95:ed:78:55:75:8d:b6:85:36:34:aa:b1:2d:d1:35:25:bc:
         41:60:77:3d:d0:ab:d4:05:e5:bc:e9:5f:b5:e8:63:a4:e2:d6:
         cc:68:1a:9a:8f:79:34:95:6d:89:c7:a7:18:5c:59:fd:f7:d3:
         ab:42:de:47:64:7d:6e:71:92:2e:db:aa:5a:b2:4e:e8:89:4f:
         4a:50:c4:a8:e7:b5:19:80:6a:b2:b7:a0:fd:5a:78:71:d1:5a:
         f9:76:c5:db:7d:02:a3:d6:9d:4e:7b:42:22:e5:74:ac:0b:84:
         63:5d:3f:ab:6c:92:91:2c:df:e5:5b:77:13:16:3d:01:42:18:
         b9:24:b8:e6:43:28:9f:85:9b:77:5d:1f:f3:4d:fd:86:1b:bd:
         08:58:3b:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeHod7fTZ7Wl+bI7d0AammoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjQzN2IzMWI1MDY3MDM4NGZhNWQyMGQ4OTI0ZDYxMWI5
MTYzM2UwHhcNMjUwNjE5MTAwMDIxWhcNMjUwNjIwMTAwMDIxWjAzMTEwLwYDVQQD
Eyg0ZTM1NmQwYTNlY2QyOGY3ZDI5MjE3MmE3YjI0ZjhhYWYzZmMxNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniV28PfIGP9Us2TEdpLwc6Bw0Suf
I4uatC532e+EGAokRi1BsaOs+Zg/N8IOSmZgSojV8MwH0p6qpgexB22f/VHlNovg
F3hFEmHgugKFM9mvCtUPlOBXj5NwXUPX8toS3oitBTI0M5QTG/bkcMAHRU7TeEvt
ZXM3NgIOwxmvozZsOF1z5rqSsUYiTiZWxKylnPsIDifHzzC/WXYFL8WuVuxGxYtz
3DHqwW+cBZWGsNjZfFUJJ8vLGCWC1/PmOfKxt4qZizOMXKE01bIN8wp5eJ4huXsC
CRTSPoi9s8DoQVhtdFDza7e006Ss+DWNCo5/VXARKBXiIanI7mcfrgzOCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE41bQo+zSj30pIXKnsk+Krz/BZHMB8GA1UdIwQY
MBaAFES0N7MbUGcDhPpdINiSTWEbkWM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lMmVjMzQtYjdmMy00MDU1LTgzODgt
ZGUzYjc1NDczZmRkLzEvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lMmVjMzQtYjdmMy00MDU1LTgzODgtZGUzYjc1NDczZmRk
LzEvUkxRM3N4dFFad09FLWwwZzJKSk5ZUnVSWXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAojkToyFb
xUxHbIMSH9Dd3PcIh0tLxhTn5K3TzD1PmQUTvR3tZ+7L7D8Q3ejcf0jaHCJ8mjUN
IYrV/YBL0lzi8UoF5jyluUMFHm2WAdL6lqnZphuTdQcDP+COjVsNRBCJCcsOSQ17
25OMbakQG5XteFV1jbaFNjSqsS3RNSW8QWB3PdCr1AXlvOlftehjpOLWzGgamo95
NJVticenGFxZ/ffTq0LeR2R9bnGSLtuqWrJO6IlPSlDEqOe1GYBqsreg/Vp4cdFa
+XbF230Co9adTntCIuV0rAuEY10/q2ySkSzf5Vt3ExY9AUIYuSS45kMon4Wbd10f
8039hhu9CFg7Mw==
-----END CERTIFICATE-----