Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          9XkIPHHFO7PFhLirsZRDfrtTWfSDkiCqk5t7FFYxiGo=
Subject key identifier:   EF:A0:1D:42:6A:C0:7B:92:68:76:C3:57:3F:0B:3C:AD:35:9D:CD:93
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       01967F0F69BF0578CC9C1F2B2707A4243D78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0E45
Signing time:             Tue 29 Apr 2025 01:00:38 +0000
Manifest this update:     Tue 29 Apr 2025 01:00:38 +0000
Manifest next update:     Wed 30 Apr 2025 01:00:38 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: cLh2CF5ActDKxSjrA9ZrFG601g7tEJXA99jOET5fapk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:0f:69:bf:05:78:cc:9c:1f:2b:27:07:a4:24:3d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Apr 29 01:00:38 2025 GMT
            Not After : Apr 30 01:00:38 2025 GMT
        Subject: CN=efa01d426ac07b926876c3573f0b3cad359dcd93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e7:98:08:de:34:36:b1:d3:3c:63:e0:9d:32:
                    fd:6e:fb:58:c2:23:cb:cb:bc:d3:b0:a0:85:e5:8d:
                    e1:96:bb:72:4e:74:11:d7:e8:2a:48:74:9a:72:30:
                    29:5b:23:b4:87:66:be:44:85:eb:7d:93:9d:47:df:
                    d4:a4:11:a9:3d:31:2a:a7:bf:0c:11:8e:c5:40:2a:
                    04:99:f7:c7:9a:8e:c8:98:3f:c0:42:31:8b:5b:3e:
                    74:42:85:52:f8:73:05:07:2c:97:b5:3d:8a:71:35:
                    0d:08:72:28:97:e5:f5:02:b3:f6:b6:58:ef:dc:3c:
                    69:c5:71:9b:ed:b5:02:7f:7e:ab:f1:18:b3:cb:4b:
                    2c:9a:b0:ed:ae:ef:0d:01:f3:36:69:4d:b1:d8:df:
                    57:a5:95:b5:73:cb:e1:fa:5b:a0:7d:80:c2:b7:c3:
                    97:31:4b:80:a8:11:e6:7a:fa:50:f7:30:f1:ac:12:
                    0d:a5:5d:71:15:85:d0:12:4f:46:1e:be:34:11:03:
                    43:fb:44:d8:b5:16:cd:2b:a2:45:0b:31:95:d5:3f:
                    b5:91:ad:dd:0f:8a:65:3d:d1:dd:53:20:65:8e:12:
                    ff:2f:b1:f3:87:96:f6:18:7f:65:1f:0d:a5:9f:94:
                    62:b9:3b:1f:38:aa:cb:57:e8:9d:2a:13:6a:c2:d8:
                    bd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A0:1D:42:6A:C0:7B:92:68:76:C3:57:3F:0B:3C:AD:35:9D:CD:93
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:0a:b5:1b:23:25:c3:4c:4a:3b:6f:f8:e6:1e:1e:29:0e:04:
         bf:39:8b:50:ea:fd:d9:73:a8:d0:1d:23:6a:58:4b:27:2b:67:
         f6:60:a0:69:50:20:0c:97:7a:db:ea:c0:85:fb:8e:d7:e5:98:
         87:de:58:14:f9:f5:33:5e:c2:ee:cc:a7:2f:72:46:83:f3:22:
         57:47:5e:9f:32:91:4b:32:90:60:f5:97:71:1a:c6:df:30:1f:
         0f:51:2d:df:9f:16:ff:4c:a8:7d:3b:aa:57:e2:05:4d:11:8c:
         41:00:13:a6:97:e7:c3:55:89:a3:29:86:4c:f0:e5:8f:c7:10:
         62:f9:58:c5:c9:c5:1c:b6:7a:cc:83:de:28:00:a1:4d:80:d8:
         75:7e:93:5e:e8:c4:4b:95:0d:bb:34:d6:17:09:1a:c7:a8:ab:
         09:5d:3a:48:66:91:21:4b:5c:a6:14:88:5f:4f:5b:fe:ed:11:
         9e:4a:71:e9:bf:c1:ff:a6:7e:7c:e2:ec:b5:62:28:9d:11:e9:
         6e:36:e4:89:3a:86:9f:10:92:7c:2b:c1:fe:c8:d4:3e:d8:60:
         a8:e0:e0:57:0a:c6:0e:0d:80:82:28:33:01:55:89:dc:3a:4a:
         cb:b6:b3:f5:6a:29:a2:ac:64:f2:99:ba:5a:79:d8:7f:d4:3b:
         b5:73:de:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/D2m/BXjMnB8rJwekJD14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwNDI5MDEwMDM4WhcNMjUwNDMwMDEwMDM4WjAzMTEwLwYDVQQD
EyhlZmEwMWQ0MjZhYzA3YjkyNjg3NmMzNTczZjBiM2NhZDM1OWRjZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmueYCN40NrHTPGPgnTL9bvtYwiPL
y7zTsKCF5Y3hlrtyTnQR1+gqSHSacjApWyO0h2a+RIXrfZOdR9/UpBGpPTEqp78M
EY7FQCoEmffHmo7ImD/AQjGLWz50QoVS+HMFByyXtT2KcTUNCHIol+X1ArP2tljv
3DxpxXGb7bUCf36r8Rizy0ssmrDtru8NAfM2aU2x2N9XpZW1c8vh+lugfYDCt8OX
MUuAqBHmevpQ9zDxrBINpV1xFYXQEk9GHr40EQND+0TYtRbNK6JFCzGV1T+1ka3d
D4plPdHdUyBljhL/L7Hzh5b2GH9lHw2ln5RiuTsfOKrLV+idKhNqwti9oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+gHUJqwHuSaHbDVz8LPK01nc2TMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwq1GyMl
w0xKO2/45h4eKQ4EvzmLUOr92XOo0B0jalhLJytn9mCgaVAgDJd62+rAhfuO1+WY
h95YFPn1M17C7synL3JGg/MiV0denzKRSzKQYPWXcRrG3zAfD1Et358W/0yofTuq
V+IFTRGMQQATppfnw1WJoymGTPDlj8cQYvlYxcnFHLZ6zIPeKAChTYDYdX6TXujE
S5UNuzTWFwkax6irCV06SGaRIUtcphSIX09b/u0Rnkpx6b/B/6Z+fOLstWIonRHp
bjbkiTqGnxCSfCvB/sjUPthgqODgVwrGDg2AgigzAVWJ3DpKy7az9Wopoqxk8pm6
WnnYf9Q7tXPeOg==
-----END CERTIFICATE-----