Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          5XFfrsnzJiq8oUB8wkDXC0a4YXe09nsFBuEmOBDLsgM=
Subject key identifier:   58:72:10:99:D5:8F:44:F4:13:A1:5C:6C:EF:CC:E7:72:1E:23:2D:38
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       0196857FD7B6BB9E9BDCE885E169D6C3140E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0A61
Signing time:             Wed 30 Apr 2025 07:01:09 +0000
Manifest this update:     Wed 30 Apr 2025 07:01:09 +0000
Manifest next update:     Thu 01 May 2025 07:01:09 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: n7Y2JcSDCzdIbMM5L3Y+5bvyTJEq3nZKzjwVCwA0OFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:7f:d7:b6:bb:9e:9b:dc:e8:85:e1:69:d6:c3:14:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Apr 30 07:01:09 2025 GMT
            Not After : May  1 07:01:09 2025 GMT
        Subject: CN=58721099d58f44f413a15c6cefcce7721e232d38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:30:77:8e:84:fc:87:0d:75:24:5b:79:bd:d6:
                    cb:fb:bb:3d:10:81:a0:04:49:50:b7:9a:11:dd:77:
                    8d:b4:cf:cb:87:57:c0:b7:11:2e:af:98:aa:f4:b0:
                    b8:b6:a5:04:d4:ff:6d:41:f0:0a:f0:3d:bd:af:3a:
                    22:36:ba:91:8d:33:51:73:63:98:c6:d0:cc:2b:9d:
                    86:04:31:ad:77:11:fb:99:92:74:11:27:72:f4:9f:
                    68:ac:a5:64:d3:24:34:0f:fe:bf:24:dd:6a:df:c5:
                    6e:53:b3:bc:18:21:56:85:ae:f8:16:fc:06:22:8a:
                    9e:cd:be:a8:8d:22:a5:5b:b7:9a:15:1b:72:86:c9:
                    ed:1a:0c:70:2e:fc:a9:ff:94:fb:0c:49:b3:b1:69:
                    d4:9d:10:09:5c:29:47:1f:02:33:31:f5:29:fc:2b:
                    b2:fc:f0:b2:43:c2:31:49:58:b3:be:e9:1a:d6:4f:
                    1f:c0:b9:5e:28:c3:ff:ce:70:a3:17:87:54:4e:8d:
                    a0:4f:86:b9:da:b9:f1:aa:46:a4:0b:39:11:d3:78:
                    9f:0e:ed:9d:93:d2:ca:d9:13:d9:34:e5:3d:d7:41:
                    57:44:ea:70:d1:65:5e:f9:3f:5d:2a:8e:35:90:3c:
                    c7:ee:a3:23:bf:0d:29:6f:e9:82:64:26:07:71:ca:
                    65:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:72:10:99:D5:8F:44:F4:13:A1:5C:6C:EF:CC:E7:72:1E:23:2D:38
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:5e:5c:51:a7:98:a7:28:61:57:82:c4:09:86:34:7c:88:0e:
         30:8d:9b:66:88:1f:e5:9d:de:d7:47:95:9f:0b:e3:b8:54:de:
         33:20:8b:26:4a:24:45:dd:ea:25:32:3b:48:d0:b5:36:d3:d7:
         bb:ee:83:95:f5:78:2a:a3:6a:cd:4f:58:df:68:ff:c3:d1:84:
         bc:0f:1c:4f:6c:df:8f:f1:29:b8:3e:dd:aa:93:05:ce:d4:a2:
         86:74:3f:21:2b:50:37:e8:7d:6b:3b:36:78:8f:5c:7a:45:7a:
         65:47:99:2f:1c:c5:d0:6c:cf:80:ec:a2:5e:01:5c:44:e0:57:
         7b:75:91:c5:59:bf:a0:04:71:4f:05:2b:dc:11:84:1c:36:67:
         f7:5f:41:92:86:46:08:3d:79:a9:8e:46:83:c1:7c:34:db:af:
         2f:8e:56:23:bc:10:6e:fc:96:1f:e0:7e:56:8a:66:b2:1a:a0:
         e4:bc:82:6f:1d:29:5a:65:de:d3:77:50:59:dc:08:ad:88:77:
         fa:93:7d:af:f7:7d:e8:c3:c4:d4:38:88:4e:1a:f2:ef:8c:6c:
         43:74:69:5b:40:6e:6b:d8:e6:08:2c:42:fa:84:d5:33:bd:c9:
         bc:7d:16:1c:8a:7d:80:a1:d4:01:51:1c:d9:59:78:88:57:7c:
         63:ed:db:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFf9e2u56b3OiF4WnWwxQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwNDMwMDcwMTA5WhcNMjUwNTAxMDcwMTA5WjAzMTEwLwYDVQQD
Eyg1ODcyMTA5OWQ1OGY0NGY0MTNhMTVjNmNlZmNjZTc3MjFlMjMyZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjB3joT8hw11JFt5vdbL+7s9EIGg
BElQt5oR3XeNtM/Lh1fAtxEur5iq9LC4tqUE1P9tQfAK8D29rzoiNrqRjTNRc2OY
xtDMK52GBDGtdxH7mZJ0ESdy9J9orKVk0yQ0D/6/JN1q38VuU7O8GCFWha74FvwG
Ioqezb6ojSKlW7eaFRtyhsntGgxwLvyp/5T7DEmzsWnUnRAJXClHHwIzMfUp/Cuy
/PCyQ8IxSVizvuka1k8fwLleKMP/znCjF4dUTo2gT4a52rnxqkakCzkR03ifDu2d
k9LK2RPZNOU910FXROpw0WVe+T9dKo41kDzH7qMjvw0pb+mCZCYHccpl7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhyEJnVj0T0E6FcbO/M53IeIy04MB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR15cUaeY
pyhhV4LECYY0fIgOMI2bZogf5Z3e10eVnwvjuFTeMyCLJkokRd3qJTI7SNC1NtPX
u+6DlfV4KqNqzU9Y32j/w9GEvA8cT2zfj/EpuD7dqpMFztSihnQ/IStQN+h9azs2
eI9cekV6ZUeZLxzF0GzPgOyiXgFcROBXe3WRxVm/oARxTwUr3BGEHDZn919BkoZG
CD15qY5Gg8F8NNuvL45WI7wQbvyWH+B+Vopmshqg5LyCbx0pWmXe03dQWdwIrYh3
+pN9r/d96MPE1DiIThry74xsQ3RpW0Bua9jmCCxC+oTVM73JvH0WHIp9gKHUAVEc
2Vl4iFd8Y+3byw==
-----END CERTIFICATE-----