Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          NdNOxbbup1HU6NKIwbU7mfYPb1hdbuAwxJHia7HIyXg=
Subject key identifier:   42:EF:66:46:C7:C3:F6:4B:1B:10:60:FA:BA:31:D1:94:18:84:E4:7E
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       01967E6A4675B69CF0B36A37380B6F7DE530
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          02BD
Signing time:             Mon 28 Apr 2025 22:00:16 +0000
Manifest this update:     Mon 28 Apr 2025 22:00:16 +0000
Manifest next update:     Tue 29 Apr 2025 22:00:16 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: vu5fN6bMU4FYnhFzhuM7r1rUPCFjs+bkGJP+TiIlJEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 22:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:6a:46:75:b6:9c:f0:b3:6a:37:38:0b:6f:7d:e5:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Apr 28 22:00:16 2025 GMT
            Not After : Apr 29 22:00:16 2025 GMT
        Subject: CN=42ef6646c7c3f64b1b1060faba31d1941884e47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:06:ca:08:2f:a3:1e:c9:cd:83:8f:ba:8e:a7:
                    ea:0d:f8:92:63:9e:7d:23:6e:36:51:41:eb:f9:02:
                    c1:7c:f1:c5:a3:3c:b5:f9:80:6b:74:97:0d:f3:67:
                    76:f9:09:52:20:3e:8a:b7:78:94:d9:30:28:b6:2b:
                    1b:f7:31:3b:61:f9:8e:2f:df:10:63:d1:0e:dc:3e:
                    4f:74:f3:91:42:ce:97:08:b3:59:5d:ff:7d:c0:4c:
                    b7:42:28:ea:e7:57:c7:30:64:95:a3:85:aa:e8:35:
                    2a:08:f0:22:09:7a:ad:92:70:87:76:05:1b:b9:b0:
                    bb:03:aa:8b:cb:01:73:90:b7:11:30:90:8d:60:9b:
                    d7:27:20:c3:da:5e:3f:1a:65:b1:50:93:70:4f:21:
                    e7:69:75:8f:7c:34:a6:c3:05:61:88:4c:4c:c4:f0:
                    b3:c2:0a:9f:c5:76:60:44:e5:09:6d:52:76:35:11:
                    23:0a:b3:ef:b2:09:70:42:2c:76:18:ec:03:57:20:
                    e5:75:31:5f:2a:96:5c:56:b9:a9:aa:d2:d1:42:82:
                    92:e9:7d:22:44:f0:62:72:ce:07:92:9a:6e:b7:ed:
                    6f:fe:1c:31:05:f1:12:83:2f:18:32:67:95:5f:e7:
                    c3:b1:09:77:59:6b:61:97:70:50:46:34:1d:6a:d0:
                    0a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:EF:66:46:C7:C3:F6:4B:1B:10:60:FA:BA:31:D1:94:18:84:E4:7E
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:58:c0:dc:fc:6c:7a:56:94:2c:c9:0d:14:d4:1f:7f:47:6b:
         eb:3e:63:5a:2e:fe:d0:b7:5e:e8:a2:b2:0e:02:38:c8:48:de:
         5f:a4:40:99:2f:0f:c5:ec:24:f1:6e:b0:3b:61:bd:64:f6:fb:
         6e:5c:9c:6f:05:29:aa:25:38:df:56:1e:a8:74:ae:e7:1b:c4:
         f2:b8:61:42:7d:94:41:d5:1d:a6:b7:f9:6f:44:7b:50:68:d2:
         90:33:79:ed:7d:cb:d5:54:6a:74:fd:cd:5a:7c:cc:94:d5:ed:
         2d:ce:9c:90:5c:30:fd:e2:0c:72:8a:38:2b:2a:7c:74:31:19:
         1b:a9:4b:e4:85:a9:be:a7:ef:9c:fd:61:b5:16:0f:40:45:f7:
         90:39:8b:75:c0:bd:1c:4c:64:bd:91:87:d7:4e:ea:fb:86:f0:
         eb:41:de:9d:59:4d:f9:f1:3f:77:c9:04:44:c1:0b:31:c6:0f:
         4a:58:92:96:df:79:f7:f8:eb:46:79:86:cc:a3:d3:f4:9a:43:
         3c:8e:79:75:40:45:b0:44:c8:96:f1:4d:db:42:e2:33:a1:51:
         95:e8:c8:4d:b2:69:b3:47:da:04:f4:4a:b2:f5:e8:f7:3a:20:
         28:c8:6a:69:c4:6a:f7:87:dc:9b:b7:26:e1:bc:af:04:b7:40:
         8e:5c:f6:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+akZ1tpzws2o3OAtvfeUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwNDI4MjIwMDE2WhcNMjUwNDI5MjIwMDE2WjAzMTEwLwYDVQQD
Eyg0MmVmNjY0NmM3YzNmNjRiMWIxMDYwZmFiYTMxZDE5NDE4ODRlNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgbKCC+jHsnNg4+6jqfqDfiSY559
I242UUHr+QLBfPHFozy1+YBrdJcN82d2+QlSID6Kt3iU2TAotisb9zE7YfmOL98Q
Y9EO3D5PdPORQs6XCLNZXf99wEy3Qijq51fHMGSVo4Wq6DUqCPAiCXqtknCHdgUb
ubC7A6qLywFzkLcRMJCNYJvXJyDD2l4/GmWxUJNwTyHnaXWPfDSmwwVhiExMxPCz
wgqfxXZgROUJbVJ2NREjCrPvsglwQix2GOwDVyDldTFfKpZcVrmpqtLRQoKS6X0i
RPBics4Hkpput+1v/hwxBfESgy8YMmeVX+fDsQl3WWthl3BQRjQdatAKbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELvZkbHw/ZLGxBg+rox0ZQYhOR+MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1jA3Pxs
elaULMkNFNQff0dr6z5jWi7+0Lde6KKyDgI4yEjeX6RAmS8Pxewk8W6wO2G9ZPb7
blycbwUpqiU431YeqHSu5xvE8rhhQn2UQdUdprf5b0R7UGjSkDN57X3L1VRqdP3N
WnzMlNXtLc6ckFww/eIMcoo4Kyp8dDEZG6lL5IWpvqfvnP1htRYPQEX3kDmLdcC9
HExkvZGH107q+4bw60HenVlN+fE/d8kERMELMcYPSliSlt959/jrRnmGzKPT9JpD
PI55dUBFsETIlvFN20LiM6FRlejITbJps0faBPRKsvXo9zogKMhqacRq94fcm7cm
4byvBLdAjlz2cg==
-----END CERTIFICATE-----