Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          hX6yL6tn/ya5FqU/vrQe87zO16hzdURFHWBYlQo75CE=
Subject key identifier:   01:A2:95:99:8D:E9:6F:4E:C4:B8:57:AB:C8:F7:62:EA:7E:A8:D2:87
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       01968F9598828DE64DB0A96C4F7AB037B3E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          1518
Signing time:             Fri 02 May 2025 06:01:07 +0000
Manifest this update:     Fri 02 May 2025 06:01:07 +0000
Manifest next update:     Sat 03 May 2025 06:01:07 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: T6HmgS3n02e+U4HrczA2RpBmZXJkz5NMHnS4pIn/K5s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 06:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:95:98:82:8d:e6:4d:b0:a9:6c:4f:7a:b0:37:b3:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: May  2 06:01:07 2025 GMT
            Not After : May  3 06:01:07 2025 GMT
        Subject: CN=01a295998de96f4ec4b857abc8f762ea7ea8d287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:19:56:a0:ea:1c:37:32:1d:ef:f3:a5:3e:0f:
                    f3:17:ec:05:38:eb:8f:7b:af:65:04:38:d7:b7:b2:
                    55:1c:3e:37:f7:43:2c:a6:ff:10:62:2c:17:70:1b:
                    76:33:b9:ba:71:ac:a3:56:7e:a1:22:50:25:e2:65:
                    a1:bc:83:e5:64:89:09:37:63:3f:3d:6c:22:7a:b2:
                    53:ea:fd:05:51:34:85:df:1e:79:d7:ba:4b:3d:4b:
                    88:fa:f1:3a:0e:31:39:24:d8:ff:a3:d9:c6:c1:01:
                    3b:53:2a:d2:b4:b7:91:5a:3b:df:43:df:bc:d8:d0:
                    65:40:63:bd:d3:2d:b6:30:cb:b1:ea:28:fd:6f:aa:
                    41:4a:e2:2c:93:fb:b3:23:67:17:0f:1b:5a:e6:e6:
                    fe:fc:6c:a6:3c:6e:37:d8:4f:05:29:b1:f9:3f:8b:
                    6a:74:06:bc:1a:ea:94:a0:2f:c8:ce:cc:74:d3:c1:
                    62:90:42:c3:0e:5d:cd:da:a6:b6:fb:03:4a:86:4d:
                    99:e2:89:32:6a:ef:a0:a6:0e:8b:c8:59:f0:f3:51:
                    24:d8:ea:68:8e:f0:97:4c:30:ab:3f:16:45:6c:2c:
                    bb:c9:97:96:e2:06:a0:84:d1:b4:b1:0e:85:de:48:
                    02:ca:48:4f:81:38:c4:35:18:ec:d1:69:ac:cb:ad:
                    95:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:A2:95:99:8D:E9:6F:4E:C4:B8:57:AB:C8:F7:62:EA:7E:A8:D2:87
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ae:11:07:64:2a:f7:ba:9b:e0:f6:9c:2c:be:54:ca:42:0f:
         28:10:40:2d:c4:06:36:24:99:c7:51:a1:d0:f2:01:0e:84:81:
         5c:df:dc:d3:72:7a:ae:70:44:a2:46:b1:96:c9:cd:bf:27:8b:
         83:e5:08:7d:1e:15:85:ab:2a:e9:41:1b:78:8e:05:d0:cd:de:
         e5:a3:6c:7f:30:5b:a2:2e:63:62:d1:3d:69:03:7d:29:0d:91:
         39:9b:80:46:4d:0d:51:c2:7b:a6:ff:04:72:13:3d:72:48:1a:
         cc:39:79:3e:de:3d:05:46:f4:a4:2b:8f:02:76:68:3d:f0:5f:
         71:5a:4c:97:12:91:cc:1b:3a:58:1d:50:6a:fb:a0:40:56:85:
         b7:3f:27:9c:0c:ef:cb:a0:a7:9e:80:69:c3:f4:6e:31:1f:03:
         57:95:f9:ec:db:3e:17:55:f2:0f:e2:e0:d6:83:c7:11:6c:30:
         d0:f8:df:23:9d:0b:c0:b6:70:d3:67:14:c8:ff:73:f6:d7:31:
         f4:2b:2e:9a:f6:06:ca:67:37:06:19:1f:50:42:1a:ab:1b:11:
         3f:22:7b:e5:08:b3:ab:78:f6:e7:59:47:e0:bc:9d:02:12:76:
         c7:82:5f:e1:64:f7:51:1f:a2:ad:92:b0:16:80:f0:b2:00:89:
         5c:c1:be:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPlZiCjeZNsKlsT3qwN7PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUwNTAyMDYwMTA3WhcNMjUwNTAzMDYwMTA3WjAzMTEwLwYDVQQD
EygwMWEyOTU5OThkZTk2ZjRlYzRiODU3YWJjOGY3NjJlYTdlYThkMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhlWoOocNzId7/OlPg/zF+wFOOuP
e69lBDjXt7JVHD4390Mspv8QYiwXcBt2M7m6cayjVn6hIlAl4mWhvIPlZIkJN2M/
PWwierJT6v0FUTSF3x5517pLPUuI+vE6DjE5JNj/o9nGwQE7UyrStLeRWjvfQ9+8
2NBlQGO90y22MMux6ij9b6pBSuIsk/uzI2cXDxta5ub+/GymPG432E8FKbH5P4tq
dAa8GuqUoC/Izsx008FikELDDl3N2qa2+wNKhk2Z4okyau+gpg6LyFnw81Ek2Opo
jvCXTDCrPxZFbCy7yZeW4gaghNG0sQ6F3kgCykhPgTjENRjs0Wmsy62VJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGilZmN6W9OxLhXq8j3Yup+qNKHMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhq4RB2Qq
97qb4PacLL5UykIPKBBALcQGNiSZx1Gh0PIBDoSBXN/c03J6rnBEokaxlsnNvyeL
g+UIfR4Vhasq6UEbeI4F0M3e5aNsfzBboi5jYtE9aQN9KQ2ROZuARk0NUcJ7pv8E
chM9ckgazDl5Pt49BUb0pCuPAnZoPfBfcVpMlxKRzBs6WB1QavugQFaFtz8nnAzv
y6CnnoBpw/RuMR8DV5X57Ns+F1XyD+Lg1oPHEWww0PjfI50LwLZw02cUyP9z9tcx
9CsumvYGymc3BhkfUEIaqxsRPyJ75Qizq3j251lH4LydAhJ2x4Jf4WT3UR+irZKw
FoDwsgCJXMG+kA==
-----END CERTIFICATE-----