Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
File:                     4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft (raw, json)
Hash identifier:          DqnklrDiseIf1Lu4Kx40kJymvP84OzSLGW17LBNjXsk=
Subject key identifier:   3E:D5:C4:83:79:D1:25:B3:76:78:B8:AC:1F:95:98:E0:97:A0:87:C1
Authority key identifier: E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08
Certificate issuer:       /CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
Certificate serial:       01967E6A4F56CB596CD8CAE3BE61D9E0B50F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
Manifest number:          03CD
Signing time:             Mon 28 Apr 2025 22:00:18 +0000
Manifest this update:     Mon 28 Apr 2025 22:00:18 +0000
Manifest next update:     Tue 29 Apr 2025 22:00:18 +0000
Files and hashes:         1: 4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl (hash: y/gqBpxDB6vtfqYwdXJaVr4tTD+MUMo2VrQX8f+tDa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 22:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:6a:4f:56:cb:59:6c:d8:ca:e3:be:61:d9:e0:b5:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
        Validity
            Not Before: Apr 28 22:00:18 2025 GMT
            Not After : Apr 29 22:00:18 2025 GMT
        Subject: CN=3ed5c48379d125b37678b8ac1f9598e097a087c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ff:0a:5a:1f:39:f3:f1:26:56:31:8a:9e:d6:
                    73:29:b0:67:14:95:99:8f:27:38:6c:d9:20:c8:53:
                    53:ad:69:1d:53:16:ce:0c:b8:51:c2:7d:47:30:ef:
                    7f:54:b0:ea:80:e7:43:21:a2:36:b1:de:ca:c4:f0:
                    ae:0a:8d:3f:a1:6d:8d:5a:c7:bc:d7:cb:d4:be:fd:
                    8d:dc:5b:b5:ab:f8:6c:47:ad:36:72:60:9d:b5:80:
                    51:8d:f6:58:5d:66:bf:dc:f9:6f:73:fc:ad:76:e8:
                    4e:30:c0:55:e4:d1:46:af:e1:43:92:4f:c7:5a:61:
                    7f:a1:cd:24:e2:a1:59:67:c8:3a:80:37:07:d6:ec:
                    65:80:b5:3a:12:8d:53:11:7f:98:d4:e9:c6:74:6c:
                    1b:fb:95:f8:b9:40:41:52:e4:43:8b:32:68:6f:0f:
                    27:75:d8:70:3a:03:f7:8d:67:81:6b:a5:53:84:6a:
                    63:f1:82:c3:6b:6b:eb:67:71:dc:2b:34:bf:b7:d2:
                    ef:b4:ac:c9:d6:2d:e7:ae:ee:d4:b5:17:b8:19:4e:
                    4b:ce:03:44:02:4e:54:03:1f:40:f1:a9:c0:08:5a:
                    2f:c4:70:d0:5b:6a:f0:00:86:9e:e0:c6:0b:9e:86:
                    9c:46:12:a5:02:5c:b1:dc:71:18:b8:d7:7d:1b:e4:
                    f0:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D5:C4:83:79:D1:25:B3:76:78:B8:AC:1F:95:98:E0:97:A0:87:C1
            X509v3 Authority Key Identifier:
                keyid:E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:5b:d8:3c:4f:a1:c5:3f:d4:f9:3d:a8:d7:bd:00:41:a4:f6:
         f4:4a:8d:1b:46:84:a0:fa:77:86:93:d7:3c:84:94:05:5d:0f:
         6d:7f:63:11:cf:4c:8d:46:44:df:85:1f:52:fd:3f:1e:c5:ea:
         4a:3d:f3:98:21:eb:8e:28:05:ce:a5:4a:17:b0:19:9c:1a:43:
         5f:4f:c5:be:05:42:4d:16:80:d2:e1:f9:ca:4a:c5:1b:16:21:
         31:69:c3:47:2e:8d:30:75:fe:fc:3e:eb:31:3b:7e:98:a8:7e:
         f4:3f:72:94:84:9a:e0:c3:e3:ee:ea:ea:a9:8e:1c:a8:03:38:
         3d:5b:61:d5:27:85:e5:e3:27:b6:ac:8e:ab:15:11:09:11:ff:
         0f:74:fe:08:97:86:a2:d7:16:a6:e6:84:68:05:a6:75:a0:1f:
         b1:e3:9f:0f:3e:f8:49:32:b4:48:8f:9b:3a:b5:9e:91:53:f0:
         aa:85:7a:cd:87:83:06:92:c7:d2:01:45:47:a4:9e:4f:2a:bc:
         44:24:1c:8f:b5:19:68:00:49:f3:d3:ad:80:3b:02:88:e1:b2:
         ea:8b:e6:ef:24:3f:69:64:20:75:6c:53:05:0c:2d:79:46:ec:
         0c:d9:fd:65:ee:bc:b6:df:b1:bc:b0:db:1c:3f:c3:7d:74:7a:
         15:b5:7a:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+ak9Wy1ls2MrjvmHZ4LUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZjQzZjNlNjE5OTBmZDNlNTc2N2RlYmU5OGU1MWNjMTlj
YWM3MDgwHhcNMjUwNDI4MjIwMDE4WhcNMjUwNDI5MjIwMDE4WjAzMTEwLwYDVQQD
EygzZWQ1YzQ4Mzc5ZDEyNWIzNzY3OGI4YWMxZjk1OThlMDk3YTA4N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/8KWh858/EmVjGKntZzKbBnFJWZ
jyc4bNkgyFNTrWkdUxbODLhRwn1HMO9/VLDqgOdDIaI2sd7KxPCuCo0/oW2NWse8
18vUvv2N3Fu1q/hsR602cmCdtYBRjfZYXWa/3Plvc/ytduhOMMBV5NFGr+FDkk/H
WmF/oc0k4qFZZ8g6gDcH1uxlgLU6Eo1TEX+Y1OnGdGwb+5X4uUBBUuRDizJobw8n
ddhwOgP3jWeBa6VThGpj8YLDa2vrZ3HcKzS/t9LvtKzJ1i3nru7UtRe4GU5LzgNE
Ak5UAx9A8anACFovxHDQW2rwAIae4MYLnoacRhKlAlyx3HEYuNd9G+TwxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7VxIN50SWzdni4rB+VmOCXoIfBMB8GA1UdIwQY
MBaAFOH0Pz5hmQ/T5XZ96+mOUcwZyscIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAt
MzIzNDE2MGRiY2Q0LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAtMzIzNDE2MGRiY2Q0
LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1vYPE+h
xT/U+T2o170AQaT29EqNG0aEoPp3hpPXPISUBV0PbX9jEc9MjUZE34UfUv0/HsXq
Sj3zmCHrjigFzqVKF7AZnBpDX0/FvgVCTRaA0uH5ykrFGxYhMWnDRy6NMHX+/D7r
MTt+mKh+9D9ylISa4MPj7urqqY4cqAM4PVth1SeF5eMntqyOqxURCRH/D3T+CJeG
otcWpuaEaAWmdaAfseOfDz74STK0SI+bOrWekVPwqoV6zYeDBpLH0gFFR6SeTyq8
RCQcj7UZaABJ89OtgDsCiOGy6ovm7yQ/aWQgdWxTBQwteUbsDNn9Ze68tt+xvLDb
HD/DfXR6FbV6/g==
-----END CERTIFICATE-----