Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          eg2WFCKFPHccztSmEuYx3D5FeaOJ/jloVVC71pzCG+8=
Subject key identifier:   C9:D7:78:DF:47:9E:BC:64:05:2C:3F:7D:5B:0E:3F:2A:09:F2:E3:BB
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       019679E9B4B0F6D091DB2DE2C357BAD4098C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          11A1
Signing time:             Mon 28 Apr 2025 01:01:21 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:21 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:21 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: ZCaXdLiFn1qKxyMiA/8Fwpr+kQKGwHAaElhh/2ruEHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:b4:b0:f6:d0:91:db:2d:e2:c3:57:ba:d4:09:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Apr 28 01:01:21 2025 GMT
            Not After : Apr 29 01:01:21 2025 GMT
        Subject: CN=c9d778df479ebc64052c3f7d5b0e3f2a09f2e3bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f5:e4:ea:1e:a9:68:8c:04:a6:9e:05:fa:2a:
                    28:06:0e:49:27:72:15:41:df:04:17:39:e5:fd:6a:
                    9d:2e:9e:d5:84:ce:73:56:05:90:24:c2:ee:f1:32:
                    38:1f:7f:27:16:e3:fe:50:e2:7d:3b:f8:4b:c1:10:
                    92:34:a9:8c:27:bd:d4:e6:8f:22:25:51:2e:e5:bd:
                    13:85:0a:a7:f4:73:5b:1c:bb:bc:fd:3e:60:96:dc:
                    7a:ca:be:c4:a1:f1:48:72:3d:c5:b1:3b:30:38:9c:
                    03:d8:eb:ce:38:be:6f:5e:87:e3:4a:e2:40:f6:f1:
                    f2:02:ba:82:dc:fc:68:9b:81:6a:e6:33:79:69:6b:
                    17:67:3a:3d:b0:30:cb:13:30:3f:f3:25:d0:13:4b:
                    dd:80:e7:45:c2:ef:ae:4d:37:84:34:5e:d5:bf:85:
                    3d:14:51:0b:58:49:30:87:c2:94:1b:90:fd:32:11:
                    e6:2b:5c:10:d8:bb:bc:d2:aa:b0:75:b8:c9:a7:12:
                    2f:32:b8:60:3b:45:4d:1d:ad:b1:a4:7d:95:f6:76:
                    68:d4:69:48:af:44:87:d5:39:77:b6:df:92:32:35:
                    5f:7d:9a:e0:ed:1d:9e:70:0d:d4:61:f9:69:31:cf:
                    d3:8f:d0:5c:4e:a7:79:dc:84:5c:23:42:c9:82:bd:
                    5b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D7:78:DF:47:9E:BC:64:05:2C:3F:7D:5B:0E:3F:2A:09:F2:E3:BB
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:49:97:7b:49:eb:f1:05:d8:ca:fd:8b:bb:9a:9b:ec:28:de:
         e1:1e:e4:70:d3:b8:65:e6:f3:42:89:c2:c3:02:56:06:af:fe:
         2d:38:31:7e:5d:2a:4e:b7:08:1e:b1:15:92:68:cc:27:d8:22:
         e4:0f:b8:2b:b4:27:53:0b:a2:6b:a3:da:24:b4:3c:bf:04:4f:
         db:a7:50:f1:d3:f9:ca:56:a9:fd:a4:93:e6:ed:4b:da:46:1b:
         ec:bd:e3:4f:b8:23:98:a8:20:25:5c:af:b4:d6:c6:49:8d:ec:
         74:7f:57:a4:bf:4f:72:e0:9e:dd:ed:38:ec:f4:38:ac:c6:22:
         be:52:00:d6:66:df:32:42:48:f1:15:5b:cb:57:c2:6c:2b:81:
         6d:3a:a8:1a:64:38:5b:d8:fe:6e:80:e3:f6:c6:d5:59:82:7c:
         b1:19:6c:d2:ef:5f:39:7a:c4:db:8e:31:9f:a4:84:10:c6:b0:
         01:bc:db:e5:3e:a8:a4:8e:6a:83:49:c7:12:24:02:48:de:40:
         75:c5:99:62:11:d2:bd:4f:c8:6e:bb:4f:da:0e:a1:38:76:81:
         61:cb:d9:3a:ff:78:d6:6f:9a:6e:c3:0a:c4:61:f3:95:3e:ea:
         b4:bf:e6:f5:59:6f:13:9e:f1:b4:f5:91:72:33:e4:1c:35:1e:
         26:66:35:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56bSw9tCR2y3iw1e61AmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjUwNDI4MDEwMTIxWhcNMjUwNDI5MDEwMTIxWjAzMTEwLwYDVQQD
EyhjOWQ3NzhkZjQ3OWViYzY0MDUyYzNmN2Q1YjBlM2YyYTA5ZjJlM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfXk6h6paIwEpp4F+iooBg5JJ3IV
Qd8EFznl/WqdLp7VhM5zVgWQJMLu8TI4H38nFuP+UOJ9O/hLwRCSNKmMJ73U5o8i
JVEu5b0ThQqn9HNbHLu8/T5gltx6yr7EofFIcj3FsTswOJwD2OvOOL5vXofjSuJA
9vHyArqC3Pxom4Fq5jN5aWsXZzo9sDDLEzA/8yXQE0vdgOdFwu+uTTeENF7Vv4U9
FFELWEkwh8KUG5D9MhHmK1wQ2Lu80qqwdbjJpxIvMrhgO0VNHa2xpH2V9nZo1GlI
r0SH1Tl3tt+SMjVffZrg7R2ecA3UYflpMc/Tj9BcTqd53IRcI0LJgr1bzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnXeN9HnrxkBSw/fVsOPyoJ8uO7MB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUmXe0nr
8QXYyv2Lu5qb7Cje4R7kcNO4ZebzQonCwwJWBq/+LTgxfl0qTrcIHrEVkmjMJ9gi
5A+4K7QnUwuia6PaJLQ8vwRP26dQ8dP5ylap/aST5u1L2kYb7L3jT7gjmKggJVyv
tNbGSY3sdH9XpL9PcuCe3e047PQ4rMYivlIA1mbfMkJI8RVby1fCbCuBbTqoGmQ4
W9j+boDj9sbVWYJ8sRls0u9fOXrE244xn6SEEMawAbzb5T6opI5qg0nHEiQCSN5A
dcWZYhHSvU/IbrtP2g6hOHaBYcvZOv941m+absMKxGHzlT7qtL/m9VlvE57xtPWR
cjPkHDUeJmY1uw==
-----END CERTIFICATE-----