Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          TmvjUp4ecko1TedhZkrx6wWeQSv5m/frt549CX/2aS8=
Subject key identifier:   8C:2F:D9:AE:D0:EA:41:8F:1C:36:01:63:57:58:7C:C0:14:15:3F:2C
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       019683FF389F1EA8B019F08DD76D5CC43566
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          C0
Signing time:             Wed 30 Apr 2025 00:01:03 +0000
Manifest this update:     Wed 30 Apr 2025 00:01:03 +0000
Manifest next update:     Thu 01 May 2025 00:01:03 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: tJibZG4PIYYL0yusEfLcKSYN5/AlPn3Mth/5h4GfXh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:38:9f:1e:a8:b0:19:f0:8d:d7:6d:5c:c4:35:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Apr 30 00:01:03 2025 GMT
            Not After : May  1 00:01:03 2025 GMT
        Subject: CN=8c2fd9aed0ea418f1c36016357587cc014153f2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a3:6d:0c:9d:6d:8a:4e:0f:4f:fa:f2:a3:c1:
                    fa:23:56:b7:6f:17:ba:e7:0d:98:8c:31:74:d4:3c:
                    bc:95:da:b3:e1:03:65:67:cc:a5:87:a7:76:9a:8b:
                    97:bb:28:fa:ce:f2:6c:44:40:64:03:db:01:c9:c8:
                    fd:0a:12:ad:0d:59:bd:13:99:c0:5f:d9:9a:8e:3c:
                    4e:bb:f9:bc:8e:8e:cb:92:b0:09:c3:dc:4d:1c:07:
                    b5:f9:df:d8:b7:97:e3:ee:45:52:16:df:d5:a1:4c:
                    f6:b1:ea:9d:7d:c2:5c:9b:f6:d9:c1:b8:9a:08:9c:
                    a2:fd:c8:fb:68:52:80:e7:35:f9:96:57:ec:da:84:
                    6f:79:bb:7f:34:45:90:0d:cf:e9:c6:05:9b:8e:20:
                    6a:71:66:0a:0c:44:dd:36:ab:fc:bc:98:90:3a:73:
                    ef:94:bf:6d:25:28:bc:a3:09:ba:25:77:2a:5a:d7:
                    08:92:81:22:9e:10:90:42:c7:38:88:57:c9:dd:00:
                    87:9b:45:3a:86:8d:31:49:0c:13:31:7d:19:73:dc:
                    fa:9a:bc:fb:0a:28:a3:4b:18:df:c7:94:a4:ff:1c:
                    b2:fb:cf:8e:ac:73:63:70:85:b8:52:d1:e2:7b:32:
                    a0:8a:7d:b0:f1:fe:a5:fd:c6:4c:74:7a:bb:16:22:
                    58:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:2F:D9:AE:D0:EA:41:8F:1C:36:01:63:57:58:7C:C0:14:15:3F:2C
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:53:99:ca:9a:e1:e2:89:76:d5:28:7c:42:82:79:62:af:a7:
         4d:57:18:6a:94:2f:6f:08:1a:8c:d1:fe:07:d7:a6:9b:b5:2a:
         8a:c2:a1:1d:0e:4f:2f:2b:dc:9f:18:7a:2e:62:0e:de:5a:7a:
         1a:5d:3e:04:0a:a1:c9:c0:f4:69:a2:bb:01:fa:72:2d:e1:63:
         af:0e:a4:9c:57:c4:18:10:77:64:b7:bf:92:a0:98:35:99:17:
         a1:b5:b2:1d:f0:c0:82:35:65:93:0c:af:27:cf:9f:88:62:d6:
         ae:d1:1e:7d:2f:83:8e:4f:33:f3:c4:42:7f:51:d9:c1:6a:a0:
         3d:6f:8b:de:09:aa:f8:4c:e7:92:11:cb:91:62:ff:15:0d:ac:
         21:fe:06:55:ef:0a:59:af:2c:4f:ea:d2:ea:48:6e:56:46:ab:
         b2:73:a7:50:cf:6b:b6:cd:d9:4b:b1:c8:43:dd:78:ce:64:7b:
         0e:86:2a:c6:ab:6b:50:c5:63:f6:0a:d4:d1:a1:36:73:3c:40:
         00:55:0b:bd:a0:a3:57:70:79:fb:d6:a0:e5:0c:4f:8d:15:d1:
         d6:17:5e:ab:a6:ba:53:42:eb:ac:22:a7:2a:5d:6f:45:eb:83:
         82:dc:07:29:8b:15:21:3b:f2:93:4c:84:58:50:e9:17:35:5b:
         9a:b4:75:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/zifHqiwGfCN121cxDVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwNDMwMDAwMTAzWhcNMjUwNTAxMDAwMTAzWjAzMTEwLwYDVQQD
Eyg4YzJmZDlhZWQwZWE0MThmMWMzNjAxNjM1NzU4N2NjMDE0MTUzZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKNtDJ1tik4PT/ryo8H6I1a3bxe6
5w2YjDF01Dy8ldqz4QNlZ8ylh6d2mouXuyj6zvJsREBkA9sBycj9ChKtDVm9E5nA
X9majjxOu/m8jo7LkrAJw9xNHAe1+d/Yt5fj7kVSFt/VoUz2seqdfcJcm/bZwbia
CJyi/cj7aFKA5zX5llfs2oRvebt/NEWQDc/pxgWbjiBqcWYKDETdNqv8vJiQOnPv
lL9tJSi8owm6JXcqWtcIkoEinhCQQsc4iFfJ3QCHm0U6ho0xSQwTMX0Zc9z6mrz7
CiijSxjfx5Sk/xyy+8+OrHNjcIW4UtHiezKgin2w8f6l/cZMdHq7FiJYDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwv2a7Q6kGPHDYBY1dYfMAUFT8sMB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlOZyprh
4ol21Sh8QoJ5Yq+nTVcYapQvbwgajNH+B9emm7UqisKhHQ5PLyvcnxh6LmIO3lp6
Gl0+BAqhycD0aaK7AfpyLeFjrw6knFfEGBB3ZLe/kqCYNZkXobWyHfDAgjVlkwyv
J8+fiGLWrtEefS+Djk8z88RCf1HZwWqgPW+L3gmq+EznkhHLkWL/FQ2sIf4GVe8K
Wa8sT+rS6khuVkarsnOnUM9rts3ZS7HIQ914zmR7DoYqxqtrUMVj9grU0aE2czxA
AFULvaCjV3B5+9ag5QxPjRXR1hdeq6a6U0LrrCKnKl1vReuDgtwHKYsVITvyk0yE
WFDpFzVbmrR1VQ==
-----END CERTIFICATE-----