Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          ihE6/I/YOf3TaXTX7tbZAjzpDasyRjrmJqI9JB0zZGQ=
Subject key identifier:   B1:4B:15:EF:89:01:D6:52:2A:C0:40:0A:19:4E:AB:F3:E9:E0:44:AD
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       01967530A675C6E1FDCEEABC0FD65B6913E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          01CD
Signing time:             Sun 27 Apr 2025 03:00:44 +0000
Manifest this update:     Sun 27 Apr 2025 03:00:44 +0000
Manifest next update:     Mon 28 Apr 2025 03:00:44 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: GkeGDUhlp7UoUsRG7106VS05+rGqwqsRGMqaVZfsDK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:30:a6:75:c6:e1:fd:ce:ea:bc:0f:d6:5b:69:13:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Apr 27 03:00:44 2025 GMT
            Not After : Apr 28 03:00:44 2025 GMT
        Subject: CN=b14b15ef8901d6522ac0400a194eabf3e9e044ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:51:0d:c8:6a:75:b8:e2:3e:63:0b:b3:db:36:
                    d4:88:30:ae:65:48:29:49:67:8e:1e:6f:fa:ed:87:
                    33:75:0e:61:d2:d9:61:ba:81:fb:99:7d:98:da:e0:
                    2c:0e:26:83:e6:ed:eb:4e:30:52:27:6c:be:f9:fe:
                    4c:9e:0d:34:07:dc:cd:63:01:19:bc:a6:d7:cc:14:
                    4f:b9:48:7c:59:5f:dd:87:30:7a:5d:a6:71:78:6d:
                    f5:61:06:51:ac:fd:d6:0b:19:f5:62:c8:d6:6b:36:
                    b5:ba:dd:d2:cc:a3:7e:0a:be:23:43:81:6d:f9:2d:
                    4f:4c:55:06:b3:3d:b8:66:b5:1d:aa:1a:a3:8d:36:
                    c9:9a:76:3b:fd:44:6b:cf:bc:0a:e9:3a:24:f5:77:
                    94:0d:4a:a6:cd:54:ba:e7:27:06:69:a7:50:cc:c1:
                    c1:27:e0:d2:c2:29:03:be:62:e1:1e:8b:d8:9e:d4:
                    eb:bb:15:15:ab:a5:85:c8:08:ea:7d:c6:21:47:29:
                    3f:43:b1:7e:47:1d:96:b4:cb:7e:6b:f5:a9:5f:2a:
                    46:a0:fa:dc:ee:d1:57:d3:1c:5c:96:c3:d1:93:b2:
                    b8:e5:a1:4d:be:15:0a:e4:d7:90:34:be:c7:4b:8b:
                    d7:db:b6:87:98:64:95:21:b4:bf:a9:d2:cc:62:4d:
                    cc:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4B:15:EF:89:01:D6:52:2A:C0:40:0A:19:4E:AB:F3:E9:E0:44:AD
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:09:6a:12:91:e5:72:93:d6:ca:78:94:f5:a6:e7:f5:36:9e:
         52:8a:96:dd:34:cb:17:8e:c1:24:ff:ae:24:f2:8a:ed:b7:aa:
         7e:4a:d9:22:94:4d:fe:4b:77:26:df:00:26:a0:17:6a:d0:92:
         32:f8:90:62:49:d2:ff:ad:be:9c:be:e5:62:b9:23:e3:31:05:
         aa:e8:a8:a1:14:2f:35:72:fe:bb:8f:af:8b:8e:5a:7c:e7:03:
         e5:cb:5f:96:69:b9:55:7a:c4:aa:af:c8:78:8f:63:4f:fd:fc:
         9a:91:2b:b2:67:ca:a8:13:22:36:af:3a:96:99:d4:98:3f:44:
         33:94:66:0f:97:e7:39:53:b9:c3:e6:f9:6b:96:f1:c4:ba:f4:
         1d:f5:6c:91:4a:02:14:f2:3b:23:e1:9c:44:bd:8d:47:c6:50:
         04:be:9a:9e:8a:50:dd:e9:85:1d:93:34:17:f1:e5:fd:5b:a9:
         09:2d:03:b3:ca:e0:c9:1d:1d:76:58:b3:42:b2:d7:e9:58:d6:
         94:c2:25:25:53:7f:b9:83:3e:45:6d:a5:d5:97:4d:cd:6a:60:
         a5:4b:31:5c:eb:d4:b1:01:86:14:3c:f1:8b:09:5e:7b:e3:97:
         68:a3:26:21:d6:7b:49:88:60:3f:14:99:36:9b:5c:65:f6:2a:
         a0:60:53:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1MKZ1xuH9zuq8D9ZbaRPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwNDI3MDMwMDQ0WhcNMjUwNDI4MDMwMDQ0WjAzMTEwLwYDVQQD
EyhiMTRiMTVlZjg5MDFkNjUyMmFjMDQwMGExOTRlYWJmM2U5ZTA0NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFENyGp1uOI+Ywuz2zbUiDCuZUgp
SWeOHm/67YczdQ5h0tlhuoH7mX2Y2uAsDiaD5u3rTjBSJ2y++f5Mng00B9zNYwEZ
vKbXzBRPuUh8WV/dhzB6XaZxeG31YQZRrP3WCxn1YsjWaza1ut3SzKN+Cr4jQ4Ft
+S1PTFUGsz24ZrUdqhqjjTbJmnY7/URrz7wK6Tok9XeUDUqmzVS65ycGaadQzMHB
J+DSwikDvmLhHovYntTruxUVq6WFyAjqfcYhRyk/Q7F+Rx2WtMt+a/WpXypGoPrc
7tFX0xxclsPRk7K45aFNvhUK5NeQNL7HS4vX27aHmGSVIbS/qdLMYk3MuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFLFe+JAdZSKsBAChlOq/Pp4EStMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATglqEpHl
cpPWyniU9abn9TaeUoqW3TTLF47BJP+uJPKK7beqfkrZIpRN/kt3Jt8AJqAXatCS
MviQYknS/62+nL7lYrkj4zEFquiooRQvNXL+u4+vi45afOcD5ctflmm5VXrEqq/I
eI9jT/38mpErsmfKqBMiNq86lpnUmD9EM5RmD5fnOVO5w+b5a5bxxLr0HfVskUoC
FPI7I+GcRL2NR8ZQBL6anopQ3emFHZM0F/Hl/VupCS0Ds8rgyR0ddlizQrLX6VjW
lMIlJVN/uYM+RW2l1ZdNzWpgpUsxXOvUsQGGFDzxiwlee+OXaKMmIdZ7SYhgPxSZ
NptcZfYqoGBTjQ==
-----END CERTIFICATE-----