Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          Cu1R2XgpgMFCaWnPUgcFtuaF9Isde0wFXBZj0T+dIcs=
Subject key identifier:   98:50:95:52:A3:84:38:7F:7F:5C:02:19:7F:B3:C8:06:4D:3D:77:92
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       01967D578FA0EF8163C8A14840741FC91DDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          03EC
Signing time:             Mon 28 Apr 2025 17:00:12 +0000
Manifest this update:     Mon 28 Apr 2025 17:00:12 +0000
Manifest next update:     Tue 29 Apr 2025 17:00:12 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: T9mrkIpiwyATJHAVI5CjbuoXlXltcKZCLfNfl2PVQqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:57:8f:a0:ef:81:63:c8:a1:48:40:74:1f:c9:1d:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Apr 28 17:00:12 2025 GMT
            Not After : Apr 29 17:00:12 2025 GMT
        Subject: CN=98509552a384387f7f5c02197fb3c8064d3d7792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fd:62:31:7e:ff:87:6b:6b:90:8b:1e:02:12:
                    a3:d8:fe:8a:10:03:30:f4:90:0e:ff:3e:2f:b5:ff:
                    48:35:b7:26:bc:8d:94:4a:03:35:c2:78:a0:12:23:
                    b5:07:96:59:fb:08:e8:19:89:ce:b2:26:b0:42:f6:
                    cb:f5:66:22:1e:e5:ac:5a:d1:c0:2f:8a:ee:89:56:
                    d7:63:d7:4c:fa:3e:61:01:fd:39:46:f5:5c:d7:52:
                    93:41:dd:35:39:49:99:9f:b6:51:1f:db:9b:3e:42:
                    00:20:d1:17:2b:57:88:1a:53:67:60:a8:7c:32:7b:
                    61:0b:1a:25:30:c6:67:3b:fa:b3:d8:ac:fc:99:8d:
                    66:79:a1:c0:bf:f7:d8:a5:9b:0d:c4:93:6f:79:c6:
                    7c:de:ed:fa:62:74:61:18:92:c3:2c:4e:5f:00:39:
                    79:11:55:c3:68:26:e1:0e:dc:c3:3d:d4:e1:ee:8f:
                    b5:34:7a:4d:ef:89:09:53:09:a9:4f:29:3b:59:5c:
                    4e:b4:db:ff:d8:74:02:b8:12:a1:a7:37:a7:d6:91:
                    7d:b9:79:d2:6a:5b:74:35:c7:c0:d6:3f:e8:87:e5:
                    f4:a3:58:a7:0a:84:d1:a1:54:79:07:41:62:d5:9a:
                    7e:40:12:f6:df:ed:b8:33:5e:9f:f8:80:1a:a1:8b:
                    ca:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:50:95:52:A3:84:38:7F:7F:5C:02:19:7F:B3:C8:06:4D:3D:77:92
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:25:49:94:f3:4a:b2:6c:b4:27:d6:f1:81:73:c3:bd:5f:f9:
         b1:67:23:18:b6:53:33:5e:cd:b0:17:2d:c0:a9:f0:d4:b1:fe:
         a6:02:c7:09:31:fc:7f:90:89:f5:eb:61:4a:eb:6b:4a:5b:9e:
         19:74:fc:a8:0f:ca:82:1d:5d:84:1c:4e:f1:39:57:cb:48:b6:
         df:30:ff:fa:00:88:1b:0b:7e:a5:58:03:c6:4a:a3:17:c8:9f:
         cf:43:c9:85:b3:bb:28:b1:5d:37:68:82:43:46:40:7d:b5:36:
         db:ee:6d:10:67:63:01:cf:be:ee:06:b3:a0:29:89:18:95:d8:
         5c:e8:87:3b:6c:06:12:cc:38:6c:74:06:11:25:a1:66:dd:4e:
         60:5f:a6:44:93:8f:67:ee:96:a3:86:7d:e9:f7:54:32:75:05:
         b8:8c:d2:a9:26:d5:00:35:d5:ca:45:fa:25:c0:e7:9c:09:61:
         30:c8:ea:9f:7f:22:be:46:9b:e8:c8:0c:50:43:05:0d:9e:ee:
         2a:aa:bf:ea:d3:14:a5:33:f9:ec:6d:b0:cb:ac:ea:5b:06:51:
         d4:a8:26:7b:c7:9f:fa:4f:e0:44:b0:61:1a:1a:2e:fc:a8:4a:
         e0:98:49:e1:fb:0e:f7:3e:0c:f8:25:7b:bb:47:3c:d9:d0:5a:
         fa:d3:1c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9V4+g74FjyKFIQHQfyR3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwNDI4MTcwMDEyWhcNMjUwNDI5MTcwMDEyWjAzMTEwLwYDVQQD
Eyg5ODUwOTU1MmEzODQzODdmN2Y1YzAyMTk3ZmIzYzgwNjRkM2Q3NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv1iMX7/h2trkIseAhKj2P6KEAMw
9JAO/z4vtf9INbcmvI2USgM1wnigEiO1B5ZZ+wjoGYnOsiawQvbL9WYiHuWsWtHA
L4ruiVbXY9dM+j5hAf05RvVc11KTQd01OUmZn7ZRH9ubPkIAINEXK1eIGlNnYKh8
MnthCxolMMZnO/qz2Kz8mY1meaHAv/fYpZsNxJNvecZ83u36YnRhGJLDLE5fADl5
EVXDaCbhDtzDPdTh7o+1NHpN74kJUwmpTyk7WVxOtNv/2HQCuBKhpzen1pF9uXnS
alt0NcfA1j/oh+X0o1inCoTRoVR5B0Fi1Zp+QBL23+24M16f+IAaoYvKrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhQlVKjhDh/f1wCGX+zyAZNPXeSMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSVJlPNK
smy0J9bxgXPDvV/5sWcjGLZTM17NsBctwKnw1LH+pgLHCTH8f5CJ9ethSutrSlue
GXT8qA/Kgh1dhBxO8TlXy0i23zD/+gCIGwt+pVgDxkqjF8ifz0PJhbO7KLFdN2iC
Q0ZAfbU22+5tEGdjAc++7gazoCmJGJXYXOiHO2wGEsw4bHQGESWhZt1OYF+mRJOP
Z+6Wo4Z96fdUMnUFuIzSqSbVADXVykX6JcDnnAlhMMjqn38ivkab6MgMUEMFDZ7u
Kqq/6tMUpTP57G2wy6zqWwZR1Kgme8ef+k/gRLBhGhou/KhK4JhJ4fsO9z4M+CV7
u0c82dBa+tMcyQ==
-----END CERTIFICATE-----