Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          3BgejkLKtuf9cKgQNMy4yeUIjgFlMXSwuVLXncjv8Rg=
Subject key identifier:   31:51:06:5E:DC:5A:58:F9:A9:82:B8:70:B6:9B:16:B2:18:53:2B:2C
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       01968849BE3D56D8DFB1F83D48B0D0C31DA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          1517
Signing time:             Wed 30 Apr 2025 20:00:56 +0000
Manifest this update:     Wed 30 Apr 2025 20:00:56 +0000
Manifest next update:     Thu 01 May 2025 20:00:56 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: 098QcOWlFIp7LEoz0Ll4VcEyncVXrIto7n78SGLVTwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:88:49:be:3d:56:d8:df:b1:f8:3d:48:b0:d0:c3:1d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Apr 30 20:00:56 2025 GMT
            Not After : May  1 20:00:56 2025 GMT
        Subject: CN=3151065edc5a58f9a982b870b69b16b218532b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f0:65:43:66:3a:68:17:87:0a:d8:99:02:5f:
                    57:e2:d3:8c:13:5e:30:14:24:74:03:60:2f:ea:b3:
                    71:c3:b9:29:0b:e4:0a:c0:b9:77:49:87:d8:9f:01:
                    76:57:65:43:f1:c1:76:ba:b8:8e:7e:65:02:d5:ff:
                    9c:13:58:c9:73:96:d4:ac:d5:48:63:28:53:42:b3:
                    cf:58:51:15:e2:c5:6a:c1:b8:9b:7f:3e:5b:13:fb:
                    a6:73:8c:fd:36:0c:91:1f:78:9c:4b:78:b1:7a:a7:
                    c8:25:ed:b6:0b:08:8f:da:af:7c:fe:18:5c:a1:89:
                    c9:4f:77:12:75:96:8c:9c:dc:57:f8:45:76:0f:23:
                    79:48:45:d6:f7:20:31:60:c1:0b:f4:1e:c2:2c:45:
                    4d:48:65:8b:70:33:1a:41:7d:47:04:33:b7:53:2d:
                    0d:89:83:38:2c:36:e7:df:98:8d:f4:72:34:03:cb:
                    e6:f2:9b:24:a5:56:bc:37:ca:ef:3f:e3:85:c9:c4:
                    5a:cc:44:28:27:e2:a8:07:d7:d2:ec:81:7e:51:14:
                    06:a6:44:7d:6e:7d:c9:c9:04:86:ca:f5:79:05:7c:
                    b2:1b:6f:73:84:16:3c:bd:ff:e2:e2:6b:10:51:dc:
                    dc:94:a7:66:06:d3:d7:26:95:77:8b:e4:7c:a9:42:
                    e0:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:51:06:5E:DC:5A:58:F9:A9:82:B8:70:B6:9B:16:B2:18:53:2B:2C
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:f3:de:d3:d4:3f:67:b0:eb:c4:6a:d1:3f:4c:fd:6e:af:20:
         7c:3b:9f:23:21:85:dd:16:c4:34:07:f6:09:b7:2c:f5:38:5c:
         b3:7f:8a:e6:ed:82:10:22:67:b8:a9:25:6b:45:b4:6d:85:e3:
         55:f4:c2:99:45:01:da:d5:08:42:73:04:df:4a:05:e6:a6:4d:
         4f:78:cd:42:47:af:54:7e:22:8f:fb:85:3f:f1:70:dc:23:5a:
         11:38:9f:c3:9b:75:9c:02:6b:14:5c:9f:82:6f:d1:b2:bc:2e:
         36:10:ee:e0:af:18:54:20:6f:2d:d0:a5:01:cd:72:62:34:47:
         12:9c:07:61:b1:77:3f:06:ae:94:78:39:32:b5:f9:ba:b7:9d:
         a5:9a:4c:9e:f7:f4:83:15:21:75:f9:97:30:64:f2:12:9f:5b:
         13:5c:07:ed:26:3c:14:93:99:23:06:c8:42:57:a5:f6:8f:9f:
         4d:b7:37:21:fe:85:a2:3c:09:0a:7a:d0:d6:0d:54:11:35:45:
         89:cf:90:24:55:67:06:cd:80:14:81:c3:1a:7b:45:22:bb:b7:
         36:e4:48:6c:2b:fa:48:d3:f8:5d:1e:46:b3:8f:d7:3b:7f:23:
         e0:f0:81:60:d4:9d:70:74:e5:f8:e5:f3:4a:54:d1:7a:68:3f:
         64:18:ab:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaISb49Vtjfsfg9SLDQwx2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjUwNDMwMjAwMDU2WhcNMjUwNTAxMjAwMDU2WjAzMTEwLwYDVQQD
EygzMTUxMDY1ZWRjNWE1OGY5YTk4MmI4NzBiNjliMTZiMjE4NTMyYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPBlQ2Y6aBeHCtiZAl9X4tOME14w
FCR0A2Av6rNxw7kpC+QKwLl3SYfYnwF2V2VD8cF2uriOfmUC1f+cE1jJc5bUrNVI
YyhTQrPPWFEV4sVqwbibfz5bE/umc4z9NgyRH3icS3ixeqfIJe22CwiP2q98/hhc
oYnJT3cSdZaMnNxX+EV2DyN5SEXW9yAxYMEL9B7CLEVNSGWLcDMaQX1HBDO3Uy0N
iYM4LDbn35iN9HI0A8vm8pskpVa8N8rvP+OFycRazEQoJ+KoB9fS7IF+URQGpkR9
bn3JyQSGyvV5BXyyG29zhBY8vf/i4msQUdzclKdmBtPXJpV3i+R8qULgswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFRBl7cWlj5qYK4cLabFrIYUyssMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHvPe09Q/
Z7DrxGrRP0z9bq8gfDufIyGF3RbENAf2Cbcs9Thcs3+K5u2CECJnuKkla0W0bYXj
VfTCmUUB2tUIQnME30oF5qZNT3jNQkevVH4ij/uFP/Fw3CNaETifw5t1nAJrFFyf
gm/RsrwuNhDu4K8YVCBvLdClAc1yYjRHEpwHYbF3PwaulHg5MrX5uredpZpMnvf0
gxUhdfmXMGTyEp9bE1wH7SY8FJOZIwbIQlel9o+fTbc3If6FojwJCnrQ1g1UETVF
ic+QJFVnBs2AFIHDGntFIru3NuRIbCv6SNP4XR5Gs4/XO38j4PCBYNSdcHTl+OXz
SlTRemg/ZBirQg==
-----END CERTIFICATE-----