Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
File:                     EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft (raw, json)
Hash identifier:          aqrt3xrz3d9fbyfU1IIMkMH9Y4ZIsJlN1R2WT6oSlzI=
Subject key identifier:   59:DB:EF:6F:36:20:82:3C:36:EC:D7:A3:7D:8E:63:01:46:3F:F7:CE
Authority key identifier: 10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D
Certificate issuer:       /CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
Certificate serial:       01968812B1BBE54C6F05B7391A07310E883B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
Manifest number:          1514
Signing time:             Wed 30 Apr 2025 19:00:48 +0000
Manifest this update:     Wed 30 Apr 2025 19:00:48 +0000
Manifest next update:     Thu 01 May 2025 19:00:48 +0000
Files and hashes:         1: EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl (hash: OsVmTnJDlma0EdPLp51XbEkQbBsob3ALIEaWxl/KIzI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 19:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:12:b1:bb:e5:4c:6f:05:b7:39:1a:07:31:0e:88:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10930d0049ba87004ccc9e5be526c350cc83fa8d
        Validity
            Not Before: Apr 30 19:00:48 2025 GMT
            Not After : May  1 19:00:48 2025 GMT
        Subject: CN=59dbef6f3620823c36ecd7a37d8e6301463ff7ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2b:03:23:df:25:5e:18:7c:09:f1:fe:25:f0:
                    de:54:2f:29:41:db:b6:02:66:38:51:0f:57:7d:98:
                    6d:08:d7:fe:50:98:a3:12:fd:a3:af:78:ba:b2:42:
                    78:d8:e7:ec:da:d7:39:0d:39:f5:b6:0e:4a:67:01:
                    82:fa:98:fd:52:2a:19:46:c8:79:62:8f:41:30:9b:
                    c4:f6:24:de:c8:f7:38:55:f7:43:b1:85:8d:7a:51:
                    7d:af:82:c5:c3:46:b3:3b:07:01:66:ce:ee:30:b7:
                    d9:1b:fb:c7:b8:61:02:4a:2e:69:84:ba:66:3a:c3:
                    29:7d:51:3c:db:75:a8:ea:1a:0e:46:79:9c:20:35:
                    de:da:cc:f1:23:06:9e:97:cf:d7:c5:4c:96:6b:e0:
                    25:43:57:e8:0c:4b:63:05:a9:03:b6:04:98:76:70:
                    f4:e1:74:0b:97:01:c6:54:36:be:49:72:ed:9f:c9:
                    83:32:6d:9a:d7:b3:48:7e:f0:5a:9c:f0:c7:98:06:
                    7b:b6:72:90:2e:91:f0:1a:72:62:2b:0d:56:5f:6d:
                    03:7b:9c:91:37:81:88:d0:7e:ba:7a:0c:3d:7a:0b:
                    7d:21:15:a2:86:0c:1d:df:eb:46:94:48:f7:96:27:
                    d5:77:30:ea:77:88:51:55:6f:8d:fa:7f:ee:83:25:
                    ac:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:DB:EF:6F:36:20:82:3C:36:EC:D7:A3:7D:8E:63:01:46:3F:F7:CE
            X509v3 Authority Key Identifier:
                keyid:10:93:0D:00:49:BA:87:00:4C:CC:9E:5B:E5:26:C3:50:CC:83:FA:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2da290-4ebe-42ad-bc46-572edb570f7e/1/EJMNAEm6hwBMzJ5b5SbDUMyD-o0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:fd:84:f2:36:30:4f:d5:05:c6:bc:d5:c0:a4:b3:b7:ac:45:
         e5:b3:5f:42:6e:52:a2:23:da:ab:d4:27:0d:fd:c6:cd:a0:5f:
         fc:13:ec:9f:5a:48:0e:1d:37:6e:78:aa:7c:62:77:63:2d:ab:
         ce:87:93:41:e1:b1:9d:6f:95:22:f2:56:83:ad:70:84:cc:84:
         ab:f3:23:b8:b0:20:67:ab:07:a0:2e:e0:a2:a1:99:3f:9a:ac:
         ff:5c:e7:34:58:1b:ea:86:c6:27:06:9a:14:ad:bf:a5:fd:e0:
         95:9f:12:aa:f2:90:a5:bd:cd:39:a5:23:d7:12:e3:04:59:f3:
         d6:6e:46:72:ef:fd:e9:84:1d:97:43:3f:c4:61:09:46:71:51:
         d8:b7:4c:0e:3f:a1:5b:ef:b6:c9:cd:6f:55:8b:4a:40:e7:56:
         9e:9a:0a:67:32:84:b1:18:2a:ac:f6:b3:a1:fe:c6:c1:b5:c1:
         44:85:e3:97:55:cf:c1:04:e3:8a:ad:c2:67:eb:5d:96:40:27:
         90:b7:1b:67:ac:33:17:77:14:df:f6:14:8c:07:9f:11:c4:42:
         03:8b:61:30:97:01:94:58:d5:71:03:80:ee:af:c2:cd:84:60:
         ca:4b:89:de:77:2d:1b:f2:93:43:92:7a:87:0b:d2:f8:f3:c1:
         fc:ff:5f:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaIErG75UxvBbc5GgcxDog7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTMwZDAwNDliYTg3MDA0Y2NjOWU1YmU1MjZjMzUwY2M4
M2ZhOGQwHhcNMjUwNDMwMTkwMDQ4WhcNMjUwNTAxMTkwMDQ4WjAzMTEwLwYDVQQD
Eyg1OWRiZWY2ZjM2MjA4MjNjMzZlY2Q3YTM3ZDhlNjMwMTQ2M2ZmN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtisDI98lXhh8CfH+JfDeVC8pQdu2
AmY4UQ9XfZhtCNf+UJijEv2jr3i6skJ42Ofs2tc5DTn1tg5KZwGC+pj9UioZRsh5
Yo9BMJvE9iTeyPc4VfdDsYWNelF9r4LFw0azOwcBZs7uMLfZG/vHuGECSi5phLpm
OsMpfVE823Wo6hoORnmcIDXe2szxIwael8/XxUyWa+AlQ1foDEtjBakDtgSYdnD0
4XQLlwHGVDa+SXLtn8mDMm2a17NIfvBanPDHmAZ7tnKQLpHwGnJiKw1WX20De5yR
N4GI0H66egw9egt9IRWihgwd3+tGlEj3lifVdzDqd4hRVW+N+n/ugyWseQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnb7282III8NuzXo32OYwFGP/fOMB8GA1UdIwQY
MBaAFBCTDQBJuocATMyeW+Umw1DMg/qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYt
NTcyZWRiNTcwZjdlLzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yZGEyOTAtNGViZS00MmFkLWJjNDYtNTcyZWRiNTcwZjdl
LzEvRUpNTkFFbTZod0JNeko1YjVTYkRVTXlELW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM/2E8jYw
T9UFxrzVwKSzt6xF5bNfQm5SoiPaq9QnDf3GzaBf/BPsn1pIDh03bniqfGJ3Yy2r
zoeTQeGxnW+VIvJWg61whMyEq/MjuLAgZ6sHoC7goqGZP5qs/1znNFgb6obGJwaa
FK2/pf3glZ8SqvKQpb3NOaUj1xLjBFnz1m5Gcu/96YQdl0M/xGEJRnFR2LdMDj+h
W++2yc1vVYtKQOdWnpoKZzKEsRgqrPazof7GwbXBRIXjl1XPwQTjiq3CZ+tdlkAn
kLcbZ6wzF3cU3/YUjAefEcRCA4thMJcBlFjVcQOA7q/CzYRgykuJ3nctG/KTQ5J6
hwvS+PPB/P9fMA==
-----END CERTIFICATE-----