Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
File:                     g2elJH2fTpT3vVcc8T01q0iwHSQ.mft (raw, json)
Hash identifier:          JXJJuHZ859xAVs212FkwKudi47cvwdT1pvmZ3WejB6Q=
Subject key identifier:   F9:72:6F:DF:AE:E6:60:13:52:32:B8:F4:C9:BE:CD:E0:DC:9D:D6:4F
Authority key identifier: 83:67:A5:24:7D:9F:4E:94:F7:BD:57:1C:F1:3D:35:AB:48:B0:1D:24
Certificate issuer:       /CN=8367a5247d9f4e94f7bd571cf13d35ab48b01d24
Certificate serial:       019676E844720D6B9F362A6FBBAF9EBD8958
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
Manifest number:          049E
Signing time:             Sun 27 Apr 2025 11:00:55 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:55 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:55 +0000
Files and hashes:         1: g2elJH2fTpT3vVcc8T01q0iwHSQ.crl (hash: GogiV5BVGWKENScYWqseiOciDFV3WcC1GhZkfAkgUgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:44:72:0d:6b:9f:36:2a:6f:bb:af:9e:bd:89:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8367a5247d9f4e94f7bd571cf13d35ab48b01d24
        Validity
            Not Before: Apr 27 11:00:55 2025 GMT
            Not After : Apr 28 11:00:55 2025 GMT
        Subject: CN=f9726fdfaee660135232b8f4c9becde0dc9dd64f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a1:f2:be:34:b8:21:5b:d7:07:7b:54:bc:19:
                    7b:37:69:30:b8:a4:66:82:10:be:1f:e6:b7:53:6f:
                    5d:1a:3e:2b:19:b5:dc:2e:6b:ea:bd:1d:e6:20:ae:
                    b7:aa:d1:4a:cb:4d:05:2f:c8:66:3c:ad:f4:7e:57:
                    c9:f1:37:2a:75:47:eb:4a:5c:fc:0c:c5:8c:bc:46:
                    cc:91:12:dd:b8:ac:c0:98:f5:8a:e3:af:94:cd:2a:
                    cc:32:0f:6d:d1:3e:3f:e2:2e:32:cf:d8:98:57:77:
                    ad:12:cc:38:4f:4d:ee:64:a9:3b:f9:36:35:35:f0:
                    a3:a9:30:bf:df:79:c3:49:8e:c0:5d:7d:a1:9b:f2:
                    2b:1c:31:aa:72:44:f9:a6:ee:8f:8f:ba:48:5b:59:
                    ed:a8:d3:e3:38:e0:a7:56:db:34:49:d6:22:50:4e:
                    81:bf:5c:26:1f:03:1a:b1:42:5e:b6:58:15:ec:19:
                    b8:cd:7e:c7:7b:2a:e6:e3:64:b6:17:da:69:98:78:
                    06:7b:e9:83:f9:77:84:f4:ae:8c:2c:c8:44:b4:7f:
                    bb:24:bf:c7:9d:16:c6:47:0b:8b:19:bd:c3:27:7b:
                    ec:ea:b5:21:2e:47:2a:8f:9b:24:74:91:da:bb:e7:
                    b2:27:a7:59:ec:43:d7:3a:e4:07:8c:87:79:23:a3:
                    40:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:72:6F:DF:AE:E6:60:13:52:32:B8:F4:C9:BE:CD:E0:DC:9D:D6:4F
            X509v3 Authority Key Identifier:
                keyid:83:67:A5:24:7D:9F:4E:94:F7:BD:57:1C:F1:3D:35:AB:48:B0:1D:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:30:b3:80:80:fe:76:cf:8d:e4:60:4c:f3:69:67:8c:9b:32:
         8e:f5:0b:c1:2e:4e:f7:bd:77:a0:a2:3e:c2:91:51:aa:65:f5:
         0b:01:4c:28:ce:59:b0:53:c3:66:5d:bb:87:cc:05:19:d4:00:
         0f:b0:98:70:7d:4a:ce:6e:b2:8e:00:49:82:6a:ef:ab:85:c7:
         84:a2:6b:41:57:65:43:4b:05:ba:5f:ab:c3:93:2e:7d:e3:f9:
         ef:55:fe:f0:4d:17:74:b2:13:14:4d:b0:4d:29:50:04:d3:bd:
         21:e3:78:ce:55:01:75:b5:6f:d1:7e:86:ce:c1:75:cb:a7:82:
         b3:02:c1:57:c0:0e:08:8b:f0:20:3a:04:68:fc:9f:bb:c1:e0:
         9e:e4:83:a6:06:24:43:9f:28:a9:53:52:d3:18:2c:fb:65:b0:
         37:51:48:dc:5e:6d:21:79:c5:b2:6e:c5:29:e3:ea:d4:53:f4:
         7a:ff:2b:e4:e0:2f:47:1f:b7:0f:74:66:50:91:f2:b8:d7:e6:
         7c:37:9f:a3:80:b6:8c:e8:f2:8a:7c:96:6b:b0:23:7a:ff:40:
         0c:ea:4d:ec:fe:0f:98:48:bc:2c:91:93:73:5e:e0:d4:ba:08:
         5f:43:34:35:ff:86:01:35:c1:f2:d8:68:ca:51:78:8a:99:4e:
         c3:46:b3:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26ERyDWufNipvu6+evYlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjdhNTI0N2Q5ZjRlOTRmN2JkNTcxY2YxM2QzNWFiNDhi
MDFkMjQwHhcNMjUwNDI3MTEwMDU1WhcNMjUwNDI4MTEwMDU1WjAzMTEwLwYDVQQD
EyhmOTcyNmZkZmFlZTY2MDEzNTIzMmI4ZjRjOWJlY2RlMGRjOWRkNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6HyvjS4IVvXB3tUvBl7N2kwuKRm
ghC+H+a3U29dGj4rGbXcLmvqvR3mIK63qtFKy00FL8hmPK30flfJ8TcqdUfrSlz8
DMWMvEbMkRLduKzAmPWK46+UzSrMMg9t0T4/4i4yz9iYV3etEsw4T03uZKk7+TY1
NfCjqTC/33nDSY7AXX2hm/IrHDGqckT5pu6Pj7pIW1ntqNPjOOCnVts0SdYiUE6B
v1wmHwMasUJetlgV7Bm4zX7Heyrm42S2F9ppmHgGe+mD+XeE9K6MLMhEtH+7JL/H
nRbGRwuLGb3DJ3vs6rUhLkcqj5skdJHau+eyJ6dZ7EPXOuQHjId5I6NAwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlyb9+u5mATUjK49Mm+zeDcndZPMB8GA1UdIwQY
MBaAFINnpSR9n06U971XHPE9NatIsB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mOGJlOWItNThmMC00NTQ0LWIyM2Yt
NjM1NGVmMDc3MWM5LzEvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mOGJlOWItNThmMC00NTQ0LWIyM2YtNjM1NGVmMDc3MWM5
LzEvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyTCzgID+
ds+N5GBM82lnjJsyjvULwS5O9713oKI+wpFRqmX1CwFMKM5ZsFPDZl27h8wFGdQA
D7CYcH1Kzm6yjgBJgmrvq4XHhKJrQVdlQ0sFul+rw5MufeP571X+8E0XdLITFE2w
TSlQBNO9IeN4zlUBdbVv0X6GzsF1y6eCswLBV8AOCIvwIDoEaPyfu8HgnuSDpgYk
Q58oqVNS0xgs+2WwN1FI3F5tIXnFsm7FKePq1FP0ev8r5OAvRx+3D3RmUJHyuNfm
fDefo4C2jOjyinyWa7Ajev9ADOpN7P4PmEi8LJGTc17g1LoIX0M0Nf+GATXB8tho
ylF4iplOw0azjA==
-----END CERTIFICATE-----