Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          +2AKCEszK0nqhE4KVARElNsViRMu9NQJa15R8iEo7A4=
Subject key identifier:   52:94:9F:61:CD:1B:7C:0D:3E:D1:0A:5B:51:C5:98:0F:83:52:91:E7
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       01976C98997ED663FE33491D5BACB2DFA35A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0EC0
Signing time:             Sat 14 Jun 2025 04:00:29 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:29 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:29 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: cNG2rAOQt+2F+AYha5zLmH0e/x+C7yFduECGUkommK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:99:7e:d6:63:fe:33:49:1d:5b:ac:b2:df:a3:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Jun 14 04:00:29 2025 GMT
            Not After : Jun 15 04:00:29 2025 GMT
        Subject: CN=52949f61cd1b7c0d3ed10a5b51c5980f835291e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:bb:af:94:98:0d:47:3e:be:a5:12:c8:bb:6c:
                    3b:73:14:55:47:2e:49:f2:f6:22:33:ce:3f:52:9e:
                    01:41:e4:ce:0e:7f:a5:05:42:89:5f:10:82:eb:74:
                    bd:9d:d7:91:e5:69:f6:11:e0:d3:e7:72:19:35:83:
                    d9:83:10:7b:dd:0a:f2:52:22:f8:75:e3:d3:99:74:
                    95:e7:ac:a2:4a:e7:ec:7c:ac:ba:f0:d2:ea:91:94:
                    fe:74:e3:fd:ca:94:73:ff:6f:25:e5:a1:3b:9f:28:
                    7c:ff:86:3a:c2:c8:31:72:af:4c:f4:2a:6e:ac:0e:
                    06:c0:af:f7:53:a8:2a:10:9c:79:23:50:e7:6e:30:
                    4d:ee:3e:8a:65:da:4b:fe:b5:84:19:2b:e1:76:a5:
                    9b:41:ad:a9:d3:37:3a:c5:f7:eb:65:ed:79:45:9a:
                    5c:95:59:e2:38:8e:bb:c3:46:e0:98:2f:ed:dc:97:
                    d2:4f:57:2a:f4:3f:e5:c8:36:cf:41:d2:b3:53:e8:
                    29:44:89:ee:9f:8f:15:56:88:4f:f3:e7:1c:7d:b4:
                    48:c4:c2:55:4f:9c:66:e7:f1:57:ec:ca:6f:0c:dc:
                    6b:34:30:63:34:ad:41:04:11:b8:87:1e:53:bd:35:
                    f0:3d:24:b1:f8:b0:9d:69:41:44:96:78:95:af:bd:
                    b3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:94:9F:61:CD:1B:7C:0D:3E:D1:0A:5B:51:C5:98:0F:83:52:91:E7
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:72:20:bb:d4:6f:45:80:2a:6d:51:a1:c0:f9:c0:4a:5d:39:
         11:d6:fa:a6:a2:b2:c4:80:f1:ad:5d:8f:27:80:5f:dc:4d:1e:
         db:b1:15:af:2b:c2:a1:de:36:71:2f:eb:d6:6f:51:6d:fe:96:
         eb:1b:1b:e3:cc:c9:0e:bf:02:eb:b3:f5:81:a4:e1:c9:c0:ba:
         99:ca:4b:8e:b7:bf:5d:93:01:77:39:45:c8:ae:ed:26:6d:54:
         cc:e4:cf:4f:60:0a:d9:45:2a:98:95:c0:6e:e2:2b:98:02:27:
         87:cc:fc:38:e6:35:69:3c:95:35:a8:b1:19:fa:f2:a7:d0:80:
         fd:69:12:b5:fe:34:ca:4b:2b:9d:65:ab:fc:68:04:de:57:7c:
         b9:19:26:94:9e:7f:ef:72:68:58:9a:c0:00:52:c9:98:33:6d:
         dc:fb:c8:2e:ee:b8:9b:3d:30:52:5a:88:97:87:2f:4c:9f:96:
         c3:e0:c6:31:0a:9a:a4:05:f8:4d:20:b2:27:a2:a3:9a:a2:e5:
         e6:be:35:89:70:07:18:67:5d:82:82:32:e1:b5:55:4c:ba:93:
         98:d7:1a:66:7e:41:4d:fd:f4:40:a7:d6:b6:19:14:95:18:e3:
         f5:d8:74:e8:ee:1a:0c:dc:8a:bc:a0:a6:6e:0f:33:97:0b:b4:
         66:a6:ea:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmJl+1mP+M0kdW6yy36NaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwNjE0MDQwMDI5WhcNMjUwNjE1MDQwMDI5WjAzMTEwLwYDVQQD
Eyg1Mjk0OWY2MWNkMWI3YzBkM2VkMTBhNWI1MWM1OTgwZjgzNTI5MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLuvlJgNRz6+pRLIu2w7cxRVRy5J
8vYiM84/Up4BQeTODn+lBUKJXxCC63S9ndeR5Wn2EeDT53IZNYPZgxB73QryUiL4
dePTmXSV56yiSufsfKy68NLqkZT+dOP9ypRz/28l5aE7nyh8/4Y6wsgxcq9M9Cpu
rA4GwK/3U6gqEJx5I1DnbjBN7j6KZdpL/rWEGSvhdqWbQa2p0zc6xffrZe15RZpc
lVniOI67w0bgmC/t3JfST1cq9D/lyDbPQdKzU+gpRInun48VVohP8+ccfbRIxMJV
T5xm5/FX7MpvDNxrNDBjNK1BBBG4hx5TvTXwPSSx+LCdaUFElniVr72zBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKUn2HNG3wNPtEKW1HFmA+DUpHnMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnIgu9Rv
RYAqbVGhwPnASl05Edb6pqKyxIDxrV2PJ4Bf3E0e27EVryvCod42cS/r1m9Rbf6W
6xsb48zJDr8C67P1gaThycC6mcpLjre/XZMBdzlFyK7tJm1UzOTPT2AK2UUqmJXA
buIrmAInh8z8OOY1aTyVNaixGfryp9CA/WkStf40yksrnWWr/GgE3ld8uRkmlJ5/
73JoWJrAAFLJmDNt3PvILu64mz0wUlqIl4cvTJ+Ww+DGMQqapAX4TSCyJ6KjmqLl
5r41iXAHGGddgoIy4bVVTLqTmNcaZn5BTf30QKfWthkUlRjj9dh06O4aDNyKvKCm
bg8zlwu0ZqbqMQ==
-----END CERTIFICATE-----