Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
File:                     1PhqmjxCnBvCbsBqOuTkF8p0394.mft (raw, json)
Hash identifier:          DvOfqgeSIU5TD/h1tdF10sQy720T6uUZmAjIfX5PFaQ=
Subject key identifier:   4F:53:C1:FD:3C:22:83:4F:90:94:74:34:87:42:E8:99:50:DF:FE:E6
Authority key identifier: D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
Certificate issuer:       /CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Certificate serial:       019691F1C3E81D6A9327C9BFC88712D715D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
Manifest number:          07A5
Signing time:             Fri 02 May 2025 17:01:02 +0000
Manifest this update:     Fri 02 May 2025 17:01:02 +0000
Manifest next update:     Sat 03 May 2025 17:01:02 +0000
Files and hashes:         1: 1PhqmjxCnBvCbsBqOuTkF8p0394.crl (hash: 9CdQDQnqWnNURzLDVf+Ijn+3pq+I8tLvHsI+ZOzZCzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 14:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:f1:c3:e8:1d:6a:93:27:c9:bf:c8:87:12:d7:15:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
        Validity
            Not Before: May  2 17:01:02 2025 GMT
            Not After : May  3 17:01:02 2025 GMT
        Subject: CN=4f53c1fd3c22834f909474348742e89950dffee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7e:ee:78:3d:8e:98:ad:52:8f:91:30:7f:f5:
                    61:0c:74:fd:93:e5:77:53:c8:84:d9:c1:b8:a8:9f:
                    79:c3:23:72:73:a8:8a:90:29:08:15:d5:f6:fe:b6:
                    b3:ef:d4:4b:ac:76:07:0b:f9:aa:c3:83:be:b9:e3:
                    b3:3b:db:84:a2:15:7d:6e:31:a3:d4:a2:d7:5b:d7:
                    6e:9f:b2:62:d8:5a:46:5c:13:2c:52:e8:bf:ef:34:
                    5c:3a:64:88:71:8f:b6:3d:9c:35:d2:07:ae:75:c4:
                    93:81:fb:6c:ce:56:b8:e5:5a:39:b1:e2:c0:1b:f1:
                    b5:69:3f:28:e8:ae:a2:97:6c:5e:80:f4:00:9b:70:
                    3d:4f:07:d9:62:2a:f9:d9:a9:39:ac:14:92:f4:30:
                    41:d2:91:16:46:91:88:f2:be:cc:9a:78:34:23:28:
                    20:cd:86:5d:9f:89:e2:0e:06:92:a4:69:96:b2:24:
                    39:47:be:7e:a1:af:78:ea:dd:ee:97:fd:22:07:24:
                    81:43:17:28:f4:5b:93:3f:35:d9:c0:3d:5e:e2:b4:
                    d0:ad:f3:cc:ac:b3:c1:88:20:dd:f1:69:68:7f:be:
                    40:a8:bf:86:60:b6:1e:e4:34:4b:ed:28:29:99:01:
                    a0:24:ef:9b:a9:2e:90:7b:03:98:36:8b:22:a7:63:
                    aa:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:53:C1:FD:3C:22:83:4F:90:94:74:34:87:42:E8:99:50:DF:FE:E6
            X509v3 Authority Key Identifier:
                keyid:D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:10:7b:bf:ba:76:30:15:4c:d3:06:82:60:38:f1:10:84:08:
         4a:fc:25:cb:eb:d4:e1:20:77:70:67:d9:bf:3e:e1:00:ec:bf:
         83:aa:e2:64:81:71:80:6e:60:0c:65:4f:52:a1:95:76:1f:b2:
         4d:f0:52:b0:66:20:0b:8e:51:f7:d5:40:10:74:39:2f:20:85:
         2b:d6:e4:26:7e:09:13:51:60:ae:4e:ee:de:50:d7:d6:a2:f2:
         7b:82:f1:b6:8d:21:22:44:45:aa:5f:8a:8e:f9:62:0a:63:dd:
         77:ba:a8:72:fa:de:de:a5:12:3d:d1:60:17:3d:32:27:7d:f1:
         7d:78:0c:f9:d9:3e:57:38:fc:2b:ef:25:06:3c:21:b4:d1:96:
         e6:2a:80:d8:d0:e1:3b:8f:83:e3:e4:98:d3:82:15:df:6b:c3:
         9c:03:35:61:40:f0:38:02:a4:c0:e5:5f:c2:c0:5c:7c:d2:01:
         48:fa:b2:9a:04:03:5d:5d:f0:88:bc:b6:80:2b:da:c0:c5:3c:
         4a:ce:c5:c3:93:23:57:13:ef:96:5e:b1:72:3a:d0:55:c7:29:
         83:1f:1a:86:b1:06:34:a0:e5:3c:f3:b2:f0:66:a3:fa:35:91:
         bd:a5:60:84:f9:d2:54:4b:bf:94:26:f4:06:45:a9:0e:a7:f8:
         59:eb:64:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaR8cPoHWqTJ8m/yIcS1xXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Zjg2YTlhM2M0MjljMWJjMjZlYzA2YTNhZTRlNDE3Y2E3
NGRmZGUwHhcNMjUwNTAyMTcwMTAyWhcNMjUwNTAzMTcwMTAyWjAzMTEwLwYDVQQD
Eyg0ZjUzYzFmZDNjMjI4MzRmOTA5NDc0MzQ4NzQyZTg5OTUwZGZmZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq37ueD2OmK1Sj5Ewf/VhDHT9k+V3
U8iE2cG4qJ95wyNyc6iKkCkIFdX2/raz79RLrHYHC/mqw4O+ueOzO9uEohV9bjGj
1KLXW9dun7Ji2FpGXBMsUui/7zRcOmSIcY+2PZw10geudcSTgftszla45Vo5seLA
G/G1aT8o6K6il2xegPQAm3A9TwfZYir52ak5rBSS9DBB0pEWRpGI8r7Mmng0Iygg
zYZdn4niDgaSpGmWsiQ5R75+oa946t3ul/0iBySBQxco9FuTPzXZwD1e4rTQrfPM
rLPBiCDd8Wlof75AqL+GYLYe5DRL7SgpmQGgJO+bqS6QewOYNosip2OqTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9Twf08IoNPkJR0NIdC6JlQ3/7mMB8GA1UdIwQY
MBaAFNT4apo8Qpwbwm7Aajrk5BfKdN/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgt
NDgzMjY1OTk5NGNiLzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgtNDgzMjY1OTk5NGNi
LzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBB7v7p2
MBVM0waCYDjxEIQISvwly+vU4SB3cGfZvz7hAOy/g6riZIFxgG5gDGVPUqGVdh+y
TfBSsGYgC45R99VAEHQ5LyCFK9bkJn4JE1Fgrk7u3lDX1qLye4Lxto0hIkRFql+K
jvliCmPdd7qocvre3qUSPdFgFz0yJ33xfXgM+dk+Vzj8K+8lBjwhtNGW5iqA2NDh
O4+D4+SY04IV32vDnAM1YUDwOAKkwOVfwsBcfNIBSPqymgQDXV3wiLy2gCvawMU8
Ss7Fw5MjVxPvll6xcjrQVccpgx8ahrEGNKDlPPOy8Gaj+jWRvaVghPnSVEu/lCb0
BkWpDqf4Wetkww==
-----END CERTIFICATE-----