Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          n8Bqn3vjR1C+QFXZIyIVStcnsqZtHyFTpTiInZ+hXQA=
Subject key identifier:   6B:36:C0:2F:C2:AA:24:11:BF:3B:08:0C:CB:7A:6B:8D:8A:98:80:BE
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019687DB8C1761D616D3D3A43FD7864FB861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0E41
Signing time:             Wed 30 Apr 2025 18:00:34 +0000
Manifest this update:     Wed 30 Apr 2025 18:00:34 +0000
Manifest next update:     Thu 01 May 2025 18:00:34 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: bBxY1Kz6BC9nJ0nHzBvU8l2whMI8AgMeBzQshZ0SHfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 18:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:db:8c:17:61:d6:16:d3:d3:a4:3f:d7:86:4f:b8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Apr 30 18:00:34 2025 GMT
            Not After : May  1 18:00:34 2025 GMT
        Subject: CN=6b36c02fc2aa2411bf3b080ccb7a6b8d8a9880be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6b:70:7b:2b:28:70:34:09:77:f9:78:36:29:
                    44:73:09:66:27:25:28:5f:62:09:10:30:b6:f8:32:
                    74:55:33:c5:65:79:a7:58:ca:3c:02:9d:0c:5d:cf:
                    84:bb:82:86:d8:9b:dd:84:ad:d0:f3:8a:76:13:35:
                    21:7f:3b:22:94:7d:11:a6:d1:c5:90:26:7f:d2:22:
                    bb:87:0d:a1:b1:c5:a0:9e:9e:5b:20:18:ca:b5:17:
                    e1:e8:88:79:3d:de:46:de:c7:56:e4:65:17:39:c6:
                    e1:0f:6e:37:ee:fb:fc:44:2b:4f:66:88:28:c8:6b:
                    13:03:ea:f1:0d:02:49:3e:12:fa:98:e7:74:31:a0:
                    95:c8:44:31:8d:e2:36:ba:51:41:cd:84:ff:83:30:
                    ce:af:09:5d:88:3e:26:55:98:01:3a:79:00:7b:f7:
                    6e:d0:9d:0d:71:9e:81:52:7a:17:f2:8b:d1:03:b6:
                    60:1d:ba:18:2c:1d:d3:62:4b:c8:67:88:3a:4d:4a:
                    79:cc:3e:38:93:1a:e5:90:ab:39:9e:a4:06:2a:4a:
                    8e:92:e3:45:07:3b:0a:c7:9d:95:51:21:cd:77:a5:
                    ff:90:c2:17:81:77:97:97:20:dc:bf:e2:68:84:9b:
                    ee:70:da:10:d8:cc:20:0f:55:12:df:d8:2a:0a:36:
                    d5:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:36:C0:2F:C2:AA:24:11:BF:3B:08:0C:CB:7A:6B:8D:8A:98:80:BE
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:d6:66:85:56:10:b2:68:2f:7c:ea:94:b0:76:7c:84:88:29:
         5e:b6:23:f2:2a:23:b9:4d:2a:c7:bd:1a:cc:61:a8:8f:5c:6a:
         4c:d5:fb:c4:e7:8d:dd:f1:1f:37:b5:08:1e:6f:64:0c:62:94:
         54:be:6f:64:31:0a:e1:66:2d:fb:ff:d3:a6:c9:ed:bf:94:43:
         43:ac:d7:b1:fd:70:49:33:8f:91:43:ba:67:a0:c9:33:d2:92:
         68:09:76:d5:e5:5b:6b:24:c9:e6:f6:e9:c8:a3:b5:3c:41:0f:
         6b:a9:6d:7e:14:7d:11:0b:3e:7a:69:bf:43:85:91:d3:fa:80:
         db:d4:35:0c:3f:96:7a:e8:fd:83:c4:ef:7c:cb:01:12:af:fd:
         fa:e6:e1:e2:a1:51:94:dd:ac:a1:d6:05:42:af:85:20:87:51:
         89:1a:28:53:6f:ca:13:30:b7:fe:2c:c0:a4:ca:e7:1c:b6:0f:
         24:24:7c:46:9f:f2:ec:9c:d9:2f:1d:26:61:96:2e:e5:1b:aa:
         e1:a2:95:b3:c1:57:33:80:28:4c:1c:5e:76:ac:62:94:34:b9:
         f1:ce:42:c7:a5:e9:df:e1:0e:70:3f:4d:ba:c4:b1:ab:bb:90:
         14:16:52:4a:45:64:cf:db:34:f4:80:9b:91:00:53:40:38:3c:
         9e:19:f1:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaH24wXYdYW09OkP9eGT7hhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwNDMwMTgwMDM0WhcNMjUwNTAxMTgwMDM0WjAzMTEwLwYDVQQD
Eyg2YjM2YzAyZmMyYWEyNDExYmYzYjA4MGNjYjdhNmI4ZDhhOTg4MGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGtweysocDQJd/l4NilEcwlmJyUo
X2IJEDC2+DJ0VTPFZXmnWMo8Ap0MXc+Eu4KG2JvdhK3Q84p2EzUhfzsilH0RptHF
kCZ/0iK7hw2hscWgnp5bIBjKtRfh6Ih5Pd5G3sdW5GUXOcbhD2437vv8RCtPZogo
yGsTA+rxDQJJPhL6mOd0MaCVyEQxjeI2ulFBzYT/gzDOrwldiD4mVZgBOnkAe/du
0J0NcZ6BUnoX8ovRA7ZgHboYLB3TYkvIZ4g6TUp5zD44kxrlkKs5nqQGKkqOkuNF
BzsKx52VUSHNd6X/kMIXgXeXlyDcv+JohJvucNoQ2MwgD1US39gqCjbVAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGs2wC/CqiQRvzsIDMt6a42KmIC+MB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtZmhVYQ
smgvfOqUsHZ8hIgpXrYj8iojuU0qx70azGGoj1xqTNX7xOeN3fEfN7UIHm9kDGKU
VL5vZDEK4WYt+//Tpsntv5RDQ6zXsf1wSTOPkUO6Z6DJM9KSaAl21eVbayTJ5vbp
yKO1PEEPa6ltfhR9EQs+emm/Q4WR0/qA29Q1DD+Weuj9g8TvfMsBEq/9+ubh4qFR
lN2sodYFQq+FIIdRiRooU2/KEzC3/izApMrnHLYPJCR8Rp/y7JzZLx0mYZYu5Ruq
4aKVs8FXM4AoTBxedqxilDS58c5Cx6Xp3+EOcD9NusSxq7uQFBZSSkVkz9s09ICb
kQBTQDg8nhnxVA==
-----END CERTIFICATE-----