Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          5OMlL7c+DtxZ60Dac1e1NjB5jhvlMSIaLVs+ynLfNt0=
Subject key identifier:   8A:5B:E0:74:E0:D6:62:5A:80:AF:5D:06:48:09:57:92:E7:EA:B6:E1
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019677C35ECE14322A1EDC87AEDA67473B73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          091E
Signing time:             Sun 27 Apr 2025 15:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:14 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: kcgLptWp4gK/ZNlE5sgaIP521ahjGT0KZaqeDrbJXlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:5e:ce:14:32:2a:1e:dc:87:ae:da:67:47:3b:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Apr 27 15:00:14 2025 GMT
            Not After : Apr 28 15:00:14 2025 GMT
        Subject: CN=8a5be074e0d6625a80af5d0648095792e7eab6e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:87:97:bd:ff:9c:74:74:2f:25:cb:3f:47:52:
                    3d:f3:d0:fc:09:38:ac:20:6b:5c:7d:c4:d1:95:a2:
                    41:68:f7:e0:53:12:2c:f9:f8:2b:94:73:03:1c:54:
                    0f:ef:53:e3:51:40:08:e4:d1:e0:c8:71:07:cf:58:
                    8f:d1:42:19:79:7e:f6:86:ee:62:4f:21:85:c0:36:
                    07:b6:c2:af:31:70:96:e3:0f:a1:7d:88:9e:81:1c:
                    c5:e7:e1:90:12:bb:dc:34:55:06:50:40:ad:08:f4:
                    7a:81:d1:84:18:07:2a:c3:9d:49:da:06:9c:9a:7b:
                    e4:6e:4c:6e:dd:4f:5d:4b:21:db:67:78:c3:f7:14:
                    0e:e7:df:9a:14:81:36:0c:44:77:62:bb:ea:7b:9d:
                    7b:3c:af:6d:f7:68:19:63:bb:b2:f2:b2:f5:fe:a2:
                    39:c6:7e:27:5e:41:01:ef:cd:c1:b5:cf:99:d8:cc:
                    19:a8:5d:a7:39:7d:66:c5:f2:7f:51:d0:a4:af:8d:
                    81:4b:c7:e6:a0:0d:ff:8c:48:2d:47:54:c0:76:66:
                    f2:fe:bf:cc:35:10:ad:0f:47:44:8b:75:56:1c:4b:
                    68:38:20:00:8b:86:2a:3c:59:f4:5f:31:3b:d1:0a:
                    4f:eb:df:34:c0:59:11:ca:86:0a:db:5d:39:dd:32:
                    62:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:5B:E0:74:E0:D6:62:5A:80:AF:5D:06:48:09:57:92:E7:EA:B6:E1
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:8c:ab:93:a6:2e:c6:95:d9:0d:18:3a:93:e8:36:95:be:bc:
         ac:9f:ce:9f:d5:59:ba:4d:76:ef:2f:1e:21:8a:17:df:5d:50:
         c1:a9:86:32:9d:1c:7c:15:ad:d8:13:4c:42:13:d7:ad:e4:99:
         83:f0:aa:e6:ab:3d:ef:3e:e3:d9:60:77:43:9a:83:95:ad:0c:
         f8:84:2d:d0:74:d1:d6:5d:21:ab:2c:4c:5a:2a:a5:3e:fe:47:
         ba:1b:14:5c:0e:c5:21:dc:95:ad:1a:bb:e2:27:a5:24:fd:cf:
         84:77:96:e0:a9:74:fe:dd:22:a0:67:84:df:2a:5b:2f:df:34:
         4f:e9:21:91:13:2b:54:5f:8e:5f:bb:55:d1:9d:61:77:dd:f4:
         32:09:8d:ec:af:7e:e3:b1:94:3e:cf:16:db:f6:ab:b6:c4:42:
         30:5d:df:e0:1f:21:93:da:4a:1d:5f:02:c7:4f:1d:e1:89:69:
         d5:47:2c:9c:6f:38:4b:34:59:a7:8f:da:ed:69:75:42:a8:f4:
         ff:a1:d5:dd:ad:28:a1:c2:5b:30:b0:85:d8:00:5f:23:37:6a:
         c9:21:95:50:3e:fe:b0:fa:96:a7:69:b5:09:ba:fd:73:ba:b4:
         03:88:7b:5b:7d:e7:f5:c5:d8:05:fd:d7:1a:18:4f:c8:b7:ec:
         43:56:6f:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w17OFDIqHtyHrtpnRztzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwNDI3MTUwMDE0WhcNMjUwNDI4MTUwMDE0WjAzMTEwLwYDVQQD
Eyg4YTViZTA3NGUwZDY2MjVhODBhZjVkMDY0ODA5NTc5MmU3ZWFiNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIeXvf+cdHQvJcs/R1I989D8CTis
IGtcfcTRlaJBaPfgUxIs+fgrlHMDHFQP71PjUUAI5NHgyHEHz1iP0UIZeX72hu5i
TyGFwDYHtsKvMXCW4w+hfYiegRzF5+GQErvcNFUGUECtCPR6gdGEGAcqw51J2gac
mnvkbkxu3U9dSyHbZ3jD9xQO59+aFIE2DER3Yrvqe517PK9t92gZY7uy8rL1/qI5
xn4nXkEB783Btc+Z2MwZqF2nOX1mxfJ/UdCkr42BS8fmoA3/jEgtR1TAdmby/r/M
NRCtD0dEi3VWHEtoOCAAi4YqPFn0XzE70QpP6980wFkRyoYK21053TJiMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpb4HTg1mJagK9dBkgJV5Ln6rbhMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGYyrk6Yu
xpXZDRg6k+g2lb68rJ/On9VZuk127y8eIYoX311QwamGMp0cfBWt2BNMQhPXreSZ
g/Cq5qs97z7j2WB3Q5qDla0M+IQt0HTR1l0hqyxMWiqlPv5HuhsUXA7FIdyVrRq7
4ielJP3PhHeW4Kl0/t0ioGeE3ypbL980T+khkRMrVF+OX7tV0Z1hd930MgmN7K9+
47GUPs8W2/artsRCMF3f4B8hk9pKHV8Cx08d4Ylp1UcsnG84SzRZp4/a7Wl1Qqj0
/6HV3a0oocJbMLCF2ABfIzdqySGVUD7+sPqWp2m1Cbr9c7q0A4h7W33n9cXYBf3X
GhhPyLfsQ1ZvWA==
-----END CERTIFICATE-----