Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          OJUby3aABan98ynPbPkZl5QaaO8yGHJ9zDwmD2cgoow=
Subject key identifier:   FC:EA:75:10:A2:F0:49:0D:CE:19:74:4C:95:C8:42:8F:CC:45:AF:40
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       0196808FEF2AFAD086B49E2A42894D4D03AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0DED
Signing time:             Tue 29 Apr 2025 08:00:38 +0000
Manifest this update:     Tue 29 Apr 2025 08:00:38 +0000
Manifest next update:     Wed 30 Apr 2025 08:00:38 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: hRffk7ZMdUlUMzIBi3yZvLpBJCNYYWm8iv3JYs0e7z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 08:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:8f:ef:2a:fa:d0:86:b4:9e:2a:42:89:4d:4d:03:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Apr 29 08:00:38 2025 GMT
            Not After : Apr 30 08:00:38 2025 GMT
        Subject: CN=fcea7510a2f0490dce19744c95c8428fcc45af40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:9d:c5:f5:40:66:3f:f0:8b:f1:9a:01:2d:3e:
                    56:6b:95:11:0b:8a:f3:67:57:a9:eb:1f:b2:d6:96:
                    94:59:15:c2:a0:e4:46:4e:32:80:db:c3:97:bc:19:
                    28:04:23:09:f7:2a:18:2d:28:63:1e:7d:5a:fc:b4:
                    de:38:d9:f2:89:b1:4c:d8:1b:a4:b2:8b:cf:01:fd:
                    f4:33:02:0c:25:aa:91:e6:ba:f5:0a:67:d5:d6:86:
                    40:77:02:6f:98:18:b5:d8:e0:6b:0a:27:6e:83:b2:
                    50:98:17:58:f3:3e:53:e8:65:78:92:51:d3:ab:e1:
                    47:1a:8e:54:13:52:fb:12:d0:94:ad:49:ba:f1:5a:
                    3c:2b:f4:0d:ec:b2:19:65:35:14:09:d4:d3:d2:5a:
                    cc:dd:fa:44:6a:ed:28:2e:01:48:11:90:f0:d4:20:
                    3f:c0:b1:d2:66:31:98:3c:bc:59:3c:78:0b:3c:8c:
                    97:e1:bd:2f:49:14:c4:71:1d:fd:b0:e2:29:36:61:
                    72:d3:39:b2:95:a6:32:aa:21:88:f6:44:4d:dd:6e:
                    c5:a7:45:b5:fa:80:98:90:46:30:ba:a3:c8:12:89:
                    63:13:c8:6f:16:25:63:8c:1d:60:3e:a7:fa:be:bb:
                    da:ea:4a:33:ae:a6:9d:7c:4c:90:0d:34:93:0f:a2:
                    6a:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:EA:75:10:A2:F0:49:0D:CE:19:74:4C:95:C8:42:8F:CC:45:AF:40
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ce:23:c0:7f:4b:5c:93:9b:e3:cb:33:e4:af:ac:07:61:b6:
         1b:4b:e4:5f:00:c6:49:5c:b2:42:9a:59:3f:24:ad:05:86:0d:
         c6:e3:db:32:30:c0:41:ff:19:0e:6f:59:e1:60:48:0b:57:c3:
         e3:d2:24:86:37:de:dd:a5:30:3e:5d:95:13:1e:7b:cb:69:9c:
         75:4e:8e:93:49:59:bb:bf:4d:9c:6f:6c:72:53:b7:57:8f:b8:
         c3:98:33:7a:23:48:0c:a4:a2:52:2d:5c:d3:4f:b5:14:47:bd:
         31:aa:1f:60:1c:48:e0:e9:42:c2:bd:1a:92:2f:2c:a5:2c:d3:
         71:3a:37:6f:9f:e7:34:4c:62:aa:c3:a0:f2:02:b6:3f:f9:14:
         7c:bd:1a:e3:e3:46:38:05:76:56:4e:ff:57:15:5f:d6:b7:6b:
         68:d9:62:93:a8:02:61:0c:f6:6c:36:9a:89:92:e8:c5:ae:4a:
         dc:2b:d6:08:e6:55:bd:8b:86:e1:4f:fa:b6:b6:97:30:e9:9e:
         69:b3:89:70:a1:6a:61:3c:01:48:54:ef:dd:5e:54:1c:12:ab:
         21:69:5c:37:db:94:e5:7b:46:37:5a:fc:bd:aa:4c:75:54:91:
         ad:d3:ef:b5:98:20:61:55:05:18:c6:7e:37:e5:68:4b:11:23:
         14:49:8c:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAj+8q+tCGtJ4qQolNTQOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjUwNDI5MDgwMDM4WhcNMjUwNDMwMDgwMDM4WjAzMTEwLwYDVQQD
EyhmY2VhNzUxMGEyZjA0OTBkY2UxOTc0NGM5NWM4NDI4ZmNjNDVhZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy53F9UBmP/CL8ZoBLT5Wa5URC4rz
Z1ep6x+y1paUWRXCoORGTjKA28OXvBkoBCMJ9yoYLShjHn1a/LTeONnyibFM2Buk
sovPAf30MwIMJaqR5rr1CmfV1oZAdwJvmBi12OBrCidug7JQmBdY8z5T6GV4klHT
q+FHGo5UE1L7EtCUrUm68Vo8K/QN7LIZZTUUCdTT0lrM3fpEau0oLgFIEZDw1CA/
wLHSZjGYPLxZPHgLPIyX4b0vSRTEcR39sOIpNmFy0zmylaYyqiGI9kRN3W7Fp0W1
+oCYkEYwuqPIEoljE8hvFiVjjB1gPqf6vrva6kozrqadfEyQDTSTD6JqgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzqdRCi8EkNzhl0TJXIQo/MRa9AMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG84jwH9L
XJOb48sz5K+sB2G2G0vkXwDGSVyyQppZPyStBYYNxuPbMjDAQf8ZDm9Z4WBIC1fD
49Ikhjfe3aUwPl2VEx57y2mcdU6Ok0lZu79NnG9sclO3V4+4w5gzeiNIDKSiUi1c
00+1FEe9MaofYBxI4OlCwr0aki8spSzTcTo3b5/nNExiqsOg8gK2P/kUfL0a4+NG
OAV2Vk7/VxVf1rdraNlik6gCYQz2bDaaiZLoxa5K3CvWCOZVvYuG4U/6traXMOme
abOJcKFqYTwBSFTv3V5UHBKrIWlcN9uU5XtGN1r8vapMdVSRrdPvtZggYVUFGMZ+
N+VoSxEjFEmM7g==
-----END CERTIFICATE-----