Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
File:                     Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft (raw, json)
Hash identifier:          XFHGrK54fPlOL5WB9tl/xipLPCKKqpMGwEgJtuS3q1M=
Subject key identifier:   9C:D3:D3:27:FD:AD:40:FB:65:C3:6B:6F:6E:3C:39:DC:1E:14:7E:F7
Authority key identifier: 46:7F:0D:67:62:FE:96:F0:49:E6:EC:33:2D:04:2E:8B:9D:5C:DE:E4
Certificate issuer:       /CN=467f0d6762fe96f049e6ec332d042e8b9d5cdee4
Certificate serial:       0196741DC7EF867B4274CDF136B8880964B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
Manifest number:          0468
Signing time:             Sat 26 Apr 2025 22:00:30 +0000
Manifest this update:     Sat 26 Apr 2025 22:00:30 +0000
Manifest next update:     Sun 27 Apr 2025 22:00:30 +0000
Files and hashes:         1: Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl (hash: xGj6rIp/pIVT55OVt9wGeVjd4eYpZRupKOmqGq6F1ZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1d:c7:ef:86:7b:42:74:cd:f1:36:b8:88:09:64:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467f0d6762fe96f049e6ec332d042e8b9d5cdee4
        Validity
            Not Before: Apr 26 22:00:30 2025 GMT
            Not After : Apr 27 22:00:30 2025 GMT
        Subject: CN=9cd3d327fdad40fb65c36b6f6e3c39dc1e147ef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:24:13:f3:97:af:4f:d6:95:2f:e6:f6:2f:e8:
                    12:8c:47:e8:17:fe:c2:7b:91:60:03:48:ea:66:16:
                    86:dc:3d:48:7f:c6:d8:f4:c7:b4:58:21:90:a9:da:
                    4d:00:9d:fc:de:44:06:a2:fa:b4:33:47:c7:c3:95:
                    c6:04:63:a4:5f:19:e3:11:20:0a:71:60:4a:af:db:
                    75:10:d7:8d:92:fb:2b:18:76:17:10:c1:2d:ac:52:
                    d3:dd:dd:8b:9e:9b:22:94:46:9f:99:fa:6d:f4:a2:
                    8c:38:d9:33:ee:42:b6:29:c9:0f:e5:bd:96:e7:d5:
                    be:ed:5e:4c:88:26:51:c5:31:01:af:8b:16:b1:7d:
                    d5:a1:df:47:b9:2a:2f:af:79:21:b8:ab:03:28:59:
                    85:b2:3b:3d:24:d5:02:c9:96:2f:49:e6:bb:86:dc:
                    d0:de:32:56:7e:8f:5e:05:77:3e:ed:66:9e:f3:92:
                    7a:57:a7:c9:53:b6:e4:85:ac:43:b6:ff:f9:22:e0:
                    9f:5d:0c:c4:40:74:18:71:76:f2:bd:10:54:96:f7:
                    d9:a9:a4:17:ef:9d:0a:c4:30:5f:dd:56:b0:65:5a:
                    4c:71:01:13:38:68:b0:0d:37:3a:66:04:a4:2b:2b:
                    eb:d5:bf:3d:08:84:13:e3:fa:43:4a:a0:7b:9f:bb:
                    90:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:D3:D3:27:FD:AD:40:FB:65:C3:6B:6F:6E:3C:39:DC:1E:14:7E:F7
            X509v3 Authority Key Identifier:
                keyid:46:7F:0D:67:62:FE:96:F0:49:E6:EC:33:2D:04:2E:8B:9D:5C:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2d1747-301d-4f72-84c8-65b99afb50d4/1/Rn8NZ2L-lvBJ5uwzLQQui51c3uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:55:98:f5:1b:03:d2:42:13:5a:1f:ff:b2:98:a3:ae:70:1a:
         f8:30:e6:a5:3d:37:c7:4f:2f:20:88:5e:35:1a:ef:ea:64:52:
         19:be:5e:5a:ae:79:ab:47:4a:4e:cf:37:96:97:c4:aa:9d:79:
         71:69:63:75:51:7a:8b:2f:11:ab:82:4d:29:e5:9a:47:f7:cf:
         d3:3c:97:84:c7:9d:07:11:5f:54:38:62:10:3a:64:7d:f7:b9:
         bc:cb:04:45:0b:be:e9:33:96:dc:86:6b:7b:28:b3:19:4f:cf:
         d8:ba:62:35:02:78:ca:7e:a9:24:04:23:2b:75:0b:c7:d2:b4:
         7f:56:94:bf:3e:d0:78:31:4b:6b:fa:80:53:60:7a:ee:9b:c0:
         f8:c5:b4:da:9d:5d:27:42:e4:fe:b3:75:52:5e:49:0f:8e:d2:
         a4:d6:38:47:af:2b:a5:38:c3:88:dd:94:a6:c6:b7:1c:23:5b:
         5d:95:f3:88:6f:39:08:0d:4c:0d:94:b1:52:27:8a:c8:ff:11:
         07:38:63:b3:02:ff:c8:87:a9:28:2f:fb:f2:b5:fd:2c:02:19:
         0f:f1:5e:b7:9c:1b:1e:fa:70:f6:ce:d8:3b:43:30:9e:96:1a:
         a3:ad:4d:49:e2:8d:b3:82:5a:92:f8:92:6d:7b:00:57:50:bb:
         1a:3a:5f:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HcfvhntCdM3xNriICWS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2YwZDY3NjJmZTk2ZjA0OWU2ZWMzMzJkMDQyZThiOWQ1
Y2RlZTQwHhcNMjUwNDI2MjIwMDMwWhcNMjUwNDI3MjIwMDMwWjAzMTEwLwYDVQQD
Eyg5Y2QzZDMyN2ZkYWQ0MGZiNjVjMzZiNmY2ZTNjMzlkYzFlMTQ3ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziQT85evT9aVL+b2L+gSjEfoF/7C
e5FgA0jqZhaG3D1If8bY9Me0WCGQqdpNAJ383kQGovq0M0fHw5XGBGOkXxnjESAK
cWBKr9t1ENeNkvsrGHYXEMEtrFLT3d2LnpsilEafmfpt9KKMONkz7kK2KckP5b2W
59W+7V5MiCZRxTEBr4sWsX3Vod9HuSovr3khuKsDKFmFsjs9JNUCyZYvSea7htzQ
3jJWfo9eBXc+7Wae85J6V6fJU7bkhaxDtv/5IuCfXQzEQHQYcXbyvRBUlvfZqaQX
750KxDBf3VawZVpMcQETOGiwDTc6ZgSkKyvr1b89CIQT4/pDSqB7n7uQOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzT0yf9rUD7ZcNrb248OdweFH73MB8GA1UdIwQY
MBaAFEZ/DWdi/pbwSebsMy0ELoudXN7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZDE3NDctMzAxZC00ZjcyLTg0Yzgt
NjViOTlhZmI1MGQ0LzEvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZDE3NDctMzAxZC00ZjcyLTg0YzgtNjViOTlhZmI1MGQ0
LzEvUm44TloyTC1sdkJKNXV3ekxRUXVpNTFjM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMFWY9RsD
0kITWh//spijrnAa+DDmpT03x08vIIheNRrv6mRSGb5eWq55q0dKTs83lpfEqp15
cWljdVF6iy8Rq4JNKeWaR/fP0zyXhMedBxFfVDhiEDpkffe5vMsERQu+6TOW3IZr
eyizGU/P2LpiNQJ4yn6pJAQjK3ULx9K0f1aUvz7QeDFLa/qAU2B67pvA+MW02p1d
J0Lk/rN1Ul5JD47SpNY4R68rpTjDiN2Upsa3HCNbXZXziG85CA1MDZSxUieKyP8R
BzhjswL/yIepKC/78rX9LAIZD/Fet5wbHvpw9s7YO0MwnpYao61NSeKNs4JakviS
bXsAV1C7GjpfiA==
-----END CERTIFICATE-----