Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
File:                     2nVBcltyi1qJ87-vIPh2VWPC8_s.mft (raw, json)
Hash identifier:          uPXa07lWKxxjIiPzklrYPNvJtCGQhypcMQBiM8EaG9Y=
Subject key identifier:   E3:5C:CD:1E:42:E2:2C:EA:F0:31:79:70:CF:EC:99:0F:EB:C6:A9:3A
Authority key identifier: DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB
Certificate issuer:       /CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
Certificate serial:       0196741EA7589BED61C599C3BEED431EFF57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
Manifest number:          150A
Signing time:             Sat 26 Apr 2025 22:01:28 +0000
Manifest this update:     Sat 26 Apr 2025 22:01:28 +0000
Manifest next update:     Sun 27 Apr 2025 22:01:28 +0000
Files and hashes:         1: 2nVBcltyi1qJ87-vIPh2VWPC8_s.crl (hash: L5YmjB/gdMkwdm6K0t5Mq0cQ7pmdZHYFsQQtEjjctmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 22:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:1e:a7:58:9b:ed:61:c5:99:c3:be:ed:43:1e:ff:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
        Validity
            Not Before: Apr 26 22:01:28 2025 GMT
            Not After : Apr 27 22:01:28 2025 GMT
        Subject: CN=e35ccd1e42e22ceaf0317970cfec990febc6a93a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:1e:d8:8d:3b:14:4b:21:24:3b:31:7b:7f:c0:
                    cd:ab:ad:99:9d:f0:7e:08:16:71:5a:58:bb:b9:e0:
                    03:ad:08:9e:0c:a4:7c:39:d8:8d:77:c7:db:d6:11:
                    d5:79:cf:f3:7b:ca:f7:37:6b:70:0b:8d:4c:64:a1:
                    65:7d:40:1c:89:e4:92:18:ab:d5:eb:52:f0:f4:6e:
                    26:eb:0f:90:e8:91:51:8f:be:b5:7d:0d:bb:92:cb:
                    7c:92:28:70:eb:e2:e9:d1:bb:a2:e0:35:eb:81:e7:
                    db:3e:7c:e1:e9:57:67:6f:ed:3f:46:91:22:78:3a:
                    dc:f1:45:66:0b:5f:10:f7:f9:2d:ef:94:d0:3b:fd:
                    e8:f8:7d:77:d4:ee:c9:9a:f2:6b:a9:47:a0:55:cb:
                    6a:04:c7:7c:79:98:9c:76:c3:42:9a:15:4e:8e:1c:
                    60:a5:e5:d5:d4:50:3c:c3:74:41:f5:d5:f0:7c:35:
                    56:89:56:d6:63:bb:e8:40:7d:a7:ab:65:d6:6d:29:
                    2b:64:2a:24:79:ef:42:15:0a:75:76:00:7c:f2:75:
                    c2:99:d4:cd:8b:c3:70:f6:3d:b6:08:58:28:e4:bf:
                    f8:15:1a:16:e7:85:ca:2a:ad:d2:83:03:41:a1:8c:
                    c5:3f:b2:20:6a:c6:31:84:eb:04:0d:77:3f:68:4c:
                    68:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:5C:CD:1E:42:E2:2C:EA:F0:31:79:70:CF:EC:99:0F:EB:C6:A9:3A
            X509v3 Authority Key Identifier:
                keyid:DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:70:13:b5:bf:d9:4c:cb:ba:74:fe:ee:35:1b:f6:d4:37:e1:
         31:70:5c:dd:e1:01:4d:30:70:eb:e2:8d:c7:8c:9f:d3:8b:ac:
         9c:98:da:e6:3d:6d:2b:48:72:44:d4:05:38:46:c7:16:8a:a9:
         70:c6:01:e5:da:7e:1b:47:a8:ff:09:fa:7c:46:9e:cb:4f:c9:
         bf:7d:27:c2:d5:39:40:87:87:e7:ca:78:28:17:a5:03:eb:35:
         38:05:c6:40:1f:31:85:2b:bb:1f:05:b2:fe:2d:fd:26:1e:07:
         46:16:7e:2f:33:5b:2e:ae:98:90:e7:e8:04:e7:38:6f:a0:5b:
         f7:86:f9:04:bb:92:1c:dc:84:67:3c:57:40:e6:62:3e:8f:6a:
         8f:ce:cb:fd:34:2c:81:31:2d:ad:d1:2b:f1:f1:2b:d9:ee:9d:
         b2:ec:36:0a:1e:28:3f:ce:52:da:22:ee:5b:f5:0a:ff:09:9a:
         9f:d1:1c:dc:b1:2a:0a:07:21:7f:35:7d:74:d9:4e:b9:2c:cb:
         1e:0d:68:a9:03:97:6d:30:c2:b5:08:16:3c:ba:35:ea:81:0c:
         36:b9:82:d4:15:d6:0e:52:75:aa:71:cf:3c:c5:05:7b:1c:eb:
         6e:3d:80:33:90:17:ac:b1:82:27:68:5d:b5:4a:2b:c5:1c:01:
         83:ad:5a:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0HqdYm+1hxZnDvu1DHv9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzU0MTcyNWI3MjhiNWE4OWYzYmZhZjIwZjg3NjU1NjNj
MmYzZmIwHhcNMjUwNDI2MjIwMTI4WhcNMjUwNDI3MjIwMTI4WjAzMTEwLwYDVQQD
EyhlMzVjY2QxZTQyZTIyY2VhZjAzMTc5NzBjZmVjOTkwZmViYzZhOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB7YjTsUSyEkOzF7f8DNq62ZnfB+
CBZxWli7ueADrQieDKR8OdiNd8fb1hHVec/ze8r3N2twC41MZKFlfUAcieSSGKvV
61Lw9G4m6w+Q6JFRj761fQ27kst8kihw6+Lp0bui4DXrgefbPnzh6Vdnb+0/RpEi
eDrc8UVmC18Q9/kt75TQO/3o+H131O7JmvJrqUegVctqBMd8eZicdsNCmhVOjhxg
peXV1FA8w3RB9dXwfDVWiVbWY7voQH2nq2XWbSkrZCokee9CFQp1dgB88nXCmdTN
i8Nw9j22CFgo5L/4FRoW54XKKq3SgwNBoYzFP7IgasYxhOsEDXc/aExoBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONczR5C4izq8DF5cM/smQ/rxqk6MB8GA1UdIwQY
MBaAFNp1QXJbcotaifO/ryD4dlVjwvP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMt
ZGI4ZmQ1MDdkMWI2LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMtZGI4ZmQ1MDdkMWI2
LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADHATtb/Z
TMu6dP7uNRv21DfhMXBc3eEBTTBw6+KNx4yf04usnJja5j1tK0hyRNQFOEbHFoqp
cMYB5dp+G0eo/wn6fEaey0/Jv30nwtU5QIeH58p4KBelA+s1OAXGQB8xhSu7HwWy
/i39Jh4HRhZ+LzNbLq6YkOfoBOc4b6Bb94b5BLuSHNyEZzxXQOZiPo9qj87L/TQs
gTEtrdEr8fEr2e6dsuw2Ch4oP85S2iLuW/UK/wman9Ec3LEqCgchfzV9dNlOuSzL
Hg1oqQOXbTDCtQgWPLo16oEMNrmC1BXWDlJ1qnHPPMUFexzrbj2AM5AXrLGCJ2hd
tUorxRwBg61aOg==
-----END CERTIFICATE-----