Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
File:                     Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json)
Hash identifier:          jJmaTqdouG52YIc5wFlhsumfqAmTdzXUM+2FaVOzobE=
Subject key identifier:   62:B0:CF:5B:89:A2:1A:BD:5F:99:6C:4A:1A:7E:40:17:B8:BE:72:1B
Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E
Certificate issuer:       /CN=31afb771a4b9110b114aa807afb7086b1a65379e
Certificate serial:       01968391A198FF3AADB798231410005E1E2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
Manifest number:          02D2
Signing time:             Tue 29 Apr 2025 22:01:21 +0000
Manifest this update:     Tue 29 Apr 2025 22:01:21 +0000
Manifest next update:     Wed 30 Apr 2025 22:01:21 +0000
Files and hashes:         1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: eWN96XuZen61Ny380JcQDl1r5cNNyymucRMxnps3B8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 22:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:a1:98:ff:3a:ad:b7:98:23:14:10:00:5e:1e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e
        Validity
            Not Before: Apr 29 22:01:21 2025 GMT
            Not After : Apr 30 22:01:21 2025 GMT
        Subject: CN=62b0cf5b89a21abd5f996c4a1a7e4017b8be721b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ab:70:c0:c4:8f:25:2b:7a:f7:74:96:13:13:
                    72:93:b2:8a:ee:b3:70:7b:2a:4a:53:a4:b7:c9:72:
                    47:00:d3:19:4a:3a:67:9b:4e:56:90:58:ec:b7:2f:
                    54:ac:3b:66:07:0b:c1:fe:4e:1d:5e:19:c6:9c:8f:
                    2c:12:2b:b2:4e:f5:58:f5:c0:35:d2:55:ff:3c:1f:
                    1e:c0:43:9d:e8:38:9d:5b:d5:08:1f:9e:54:0e:50:
                    44:98:50:75:65:f3:80:fc:ec:fb:cf:23:b0:55:25:
                    15:82:a9:4d:22:70:d8:ee:32:97:59:13:4e:28:75:
                    aa:ff:d3:37:d7:a7:f4:53:b1:c2:61:9d:ca:6e:16:
                    15:0f:28:05:1b:06:51:66:10:28:b8:4d:6e:1a:16:
                    2f:40:ac:92:0a:cb:70:09:97:6a:d6:37:82:06:0f:
                    77:52:e3:13:a9:48:18:38:00:eb:d5:1e:f3:49:c8:
                    f4:8f:d2:28:ce:4d:27:a4:a4:26:1e:45:28:03:d7:
                    26:6d:47:14:9d:c5:45:c0:93:40:c5:b0:1b:cb:ff:
                    f0:e6:7e:82:2d:26:4f:d5:cd:65:dc:6b:de:ec:09:
                    c5:4c:0a:0c:65:16:f3:bb:09:df:db:72:68:ae:a1:
                    f7:2e:bc:15:fb:6f:6c:d5:61:88:ba:73:7f:92:24:
                    06:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B0:CF:5B:89:A2:1A:BD:5F:99:6C:4A:1A:7E:40:17:B8:BE:72:1B
            X509v3 Authority Key Identifier:
                keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:a3:b0:8e:fc:29:cf:a0:48:81:23:f8:b8:7f:99:91:75:04:
         7c:7d:64:8a:b4:24:c0:95:55:27:20:e8:77:10:be:b3:d5:77:
         ca:6a:bd:3d:ce:40:1d:9f:93:9d:4a:23:07:fe:44:62:68:ef:
         b1:21:45:8b:74:80:ce:a2:f7:a8:7c:1c:2c:78:df:b9:86:92:
         54:24:e8:cd:6b:51:70:d2:5e:8f:15:ec:8d:a6:f5:38:6b:eb:
         5f:3e:c8:ae:ce:b5:ce:10:d7:dc:30:a8:6e:64:8b:eb:50:e9:
         d1:bd:33:2f:84:33:f7:53:de:e6:c3:73:d6:9a:c7:bc:47:27:
         75:81:ef:87:b1:0b:6e:31:74:8f:46:3d:b5:56:c5:ca:e4:7a:
         0d:b3:45:95:c5:79:f0:af:a1:b6:ba:ba:dd:3d:11:ed:c8:e3:
         1d:9e:20:9f:e8:cc:44:39:10:1a:1f:6d:41:bd:ec:b6:ca:c6:
         5e:2c:98:2a:ec:a6:07:fe:53:ac:2d:33:97:78:cb:3f:7c:ae:
         9f:50:2e:bd:0b:3a:09:1b:2b:ab:ff:bb:87:6b:6d:1c:87:16:
         9d:b4:b4:35:6a:7b:ce:b3:06:36:26:4c:d0:7f:93:dc:ce:7e:
         fc:b6:b1:79:9e:24:fb:83:f4:02:b6:c3:4a:b8:76:0f:14:9d:
         6e:9c:24:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkaGY/zqtt5gjFBAAXh4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2
NTM3OWUwHhcNMjUwNDI5MjIwMTIxWhcNMjUwNDMwMjIwMTIxWjAzMTEwLwYDVQQD
Eyg2MmIwY2Y1Yjg5YTIxYWJkNWY5OTZjNGExYTdlNDAxN2I4YmU3MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqtwwMSPJSt693SWExNyk7KK7rNw
eypKU6S3yXJHANMZSjpnm05WkFjsty9UrDtmBwvB/k4dXhnGnI8sEiuyTvVY9cA1
0lX/PB8ewEOd6DidW9UIH55UDlBEmFB1ZfOA/Oz7zyOwVSUVgqlNInDY7jKXWRNO
KHWq/9M316f0U7HCYZ3KbhYVDygFGwZRZhAouE1uGhYvQKySCstwCZdq1jeCBg93
UuMTqUgYOADr1R7zScj0j9Iozk0npKQmHkUoA9cmbUcUncVFwJNAxbAby//w5n6C
LSZP1c1l3Gve7AnFTAoMZRbzuwnf23JorqH3LrwV+29s1WGIunN/kiQG4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKwz1uJohq9X5lsShp+QBe4vnIbMB8GA1UdIwQY
MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It
YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3
LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKOwjvwp
z6BIgSP4uH+ZkXUEfH1kirQkwJVVJyDodxC+s9V3ymq9Pc5AHZ+TnUojB/5EYmjv
sSFFi3SAzqL3qHwcLHjfuYaSVCTozWtRcNJejxXsjab1OGvrXz7Irs61zhDX3DCo
bmSL61Dp0b0zL4Qz91Pe5sNz1prHvEcndYHvh7ELbjF0j0Y9tVbFyuR6DbNFlcV5
8K+htrq63T0R7cjjHZ4gn+jMRDkQGh9tQb3stsrGXiyYKuymB/5TrC0zl3jLP3yu
n1AuvQs6CRsrq/+7h2ttHIcWnbS0NWp7zrMGNiZM0H+T3M5+/LaxeZ4k+4P0ArbD
Srh2DxSdbpwkJA==
-----END CERTIFICATE-----