Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
File:                     H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft (raw, json)
Hash identifier:          5fI907prsb928JHDsdE2l+LRCATYOyVR/0rNi8gJIqw=
Subject key identifier:   7D:B3:46:F3:54:44:99:9B:03:6F:16:F9:B3:76:F1:E8:85:8C:5E:8E
Authority key identifier: 1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F
Certificate issuer:       /CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
Certificate serial:       019683FF6E653772C9225388E68E8DA5508C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
Manifest number:          13E5
Signing time:             Wed 30 Apr 2025 00:01:17 +0000
Manifest this update:     Wed 30 Apr 2025 00:01:17 +0000
Manifest next update:     Thu 01 May 2025 00:01:17 +0000
Files and hashes:         1: H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl (hash: d+N78WHGyzylw+9i4x7hYp/HQGOGL+jW2CeWf3+bE0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:6e:65:37:72:c9:22:53:88:e6:8e:8d:a5:50:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
        Validity
            Not Before: Apr 30 00:01:17 2025 GMT
            Not After : May  1 00:01:17 2025 GMT
        Subject: CN=7db346f35444999b036f16f9b376f1e8858c5e8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f5:8f:bc:c5:46:01:f4:82:c8:fe:fc:e0:f9:
                    dc:5e:33:df:2b:ca:c1:90:9c:2d:d0:9c:53:c4:78:
                    09:fb:5b:81:91:9e:44:62:37:0a:6f:dd:15:ec:94:
                    33:f0:c0:bc:97:9f:06:18:a6:3e:a8:d8:39:08:51:
                    ed:87:43:86:b6:57:2a:1d:65:e0:df:18:e5:49:02:
                    4f:98:85:69:12:e5:0a:5b:23:39:62:b2:40:b4:d5:
                    51:40:fe:70:ba:86:5d:2a:11:68:7f:65:16:b8:f7:
                    6c:b9:fa:34:55:9e:a4:81:63:10:4e:ab:a3:53:b8:
                    2b:f7:cb:39:44:09:84:a8:f5:fb:b0:1e:65:d7:ea:
                    38:a1:4e:ed:a8:f4:f8:c9:67:da:39:7e:df:50:21:
                    1f:ef:d9:ee:3d:ff:6d:68:57:ce:94:6c:4a:2a:5c:
                    c2:69:62:eb:de:ea:16:b3:79:95:6b:ee:cb:9e:94:
                    aa:4e:43:90:ff:fe:f1:2d:06:db:05:54:a8:78:ab:
                    d1:fd:49:06:aa:f3:91:b0:2c:4c:95:45:f3:99:5b:
                    0d:a3:a7:89:8c:ea:94:d7:e2:d8:a1:ee:13:aa:b6:
                    c2:7b:bd:27:55:48:9d:2d:69:10:c9:cd:a0:3b:78:
                    57:65:0a:2e:bf:d7:16:65:49:21:8f:3e:0e:f8:14:
                    79:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:B3:46:F3:54:44:99:9B:03:6F:16:F9:B3:76:F1:E8:85:8C:5E:8E
            X509v3 Authority Key Identifier:
                keyid:1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:89:b6:be:99:4c:5c:fe:18:fc:1e:ab:8f:0a:fe:ac:ff:ab:
         46:0b:15:a2:11:bf:7c:06:f9:5a:c1:b1:0a:e1:90:f3:7e:04:
         67:40:d8:f0:a5:72:96:39:d3:05:51:85:22:43:8c:95:88:fd:
         2a:12:9e:21:24:15:90:14:5f:cf:81:43:d6:ee:fd:1c:c3:c4:
         f5:3c:8b:26:d4:66:f9:06:cd:70:79:2a:ee:a5:a4:63:6c:35:
         36:d4:58:c4:8d:b2:52:29:29:69:83:5f:6e:32:ce:7f:eb:20:
         03:d1:6c:69:52:1a:ed:51:55:e4:ae:47:80:14:ac:e3:37:19:
         aa:4d:94:fa:5d:6a:0a:18:9e:d4:ce:14:15:2a:2b:4a:c0:f1:
         6c:78:53:26:14:e4:45:91:7a:87:91:9f:ec:42:85:b5:42:ab:
         cb:e1:fb:0b:3f:e2:06:2c:cb:16:cc:e5:d7:d6:86:15:66:65:
         1c:63:b2:14:19:01:42:98:5f:de:08:03:5b:dc:e9:9a:0a:37:
         9d:9d:46:1a:0c:27:ba:5e:16:a1:05:bc:ef:d2:14:99:39:15:
         60:a8:5c:07:fc:84:8e:85:41:d7:73:e7:32:70:08:29:db:c1:
         49:38:87:5f:2e:82:2e:d1:b1:69:86:f0:61:44:38:fe:cb:f7:
         f6:cf:1a:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/25lN3LJIlOI5o6NpVCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOGNkNWJkYTM0NjEwYWRhZmVkMWZlZDQzYTIyMzQ1ZjA3
NjdlN2YwHhcNMjUwNDMwMDAwMTE3WhcNMjUwNTAxMDAwMTE3WjAzMTEwLwYDVQQD
Eyg3ZGIzNDZmMzU0NDQ5OTliMDM2ZjE2ZjliMzc2ZjFlODg1OGM1ZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfWPvMVGAfSCyP784PncXjPfK8rB
kJwt0JxTxHgJ+1uBkZ5EYjcKb90V7JQz8MC8l58GGKY+qNg5CFHth0OGtlcqHWXg
3xjlSQJPmIVpEuUKWyM5YrJAtNVRQP5wuoZdKhFof2UWuPdsufo0VZ6kgWMQTquj
U7gr98s5RAmEqPX7sB5l1+o4oU7tqPT4yWfaOX7fUCEf79nuPf9taFfOlGxKKlzC
aWLr3uoWs3mVa+7LnpSqTkOQ//7xLQbbBVSoeKvR/UkGqvORsCxMlUXzmVsNo6eJ
jOqU1+LYoe4TqrbCe70nVUidLWkQyc2gO3hXZQouv9cWZUkhjz4O+BR52QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2zRvNURJmbA28W+bN28eiFjF6OMB8GA1UdIwQY
MBaAFB+M1b2jRhCtr+0f7UOiI0Xwdn5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUt
ZWU2ZGJmYTk4ZDJlLzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUtZWU2ZGJmYTk4ZDJl
LzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYm2vplM
XP4Y/B6rjwr+rP+rRgsVohG/fAb5WsGxCuGQ834EZ0DY8KVyljnTBVGFIkOMlYj9
KhKeISQVkBRfz4FD1u79HMPE9TyLJtRm+QbNcHkq7qWkY2w1NtRYxI2yUikpaYNf
bjLOf+sgA9FsaVIa7VFV5K5HgBSs4zcZqk2U+l1qChie1M4UFSorSsDxbHhTJhTk
RZF6h5Gf7EKFtUKry+H7Cz/iBizLFszl19aGFWZlHGOyFBkBQphf3ggDW9zpmgo3
nZ1GGgwnul4WoQW879IUmTkVYKhcB/yEjoVB13PnMnAIKdvBSTiHXy6CLtGxaYbw
YUQ4/sv39s8ahg==
-----END CERTIFICATE-----