Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          ZaDjsJ7+iR0Itva21yx+UabWujfBfU+QXtLdtCRYaAk=
Subject key identifier:   7B:9F:EC:7D:54:A1:C6:C9:53:37:8C:FA:D7:95:54:28:E9:61:EE:0F
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       01968210E2E040A0E39899832E5FB39C8F37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          13A2
Signing time:             Tue 29 Apr 2025 15:01:06 +0000
Manifest this update:     Tue 29 Apr 2025 15:01:06 +0000
Manifest next update:     Wed 30 Apr 2025 15:01:06 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: cL0e0tb+Q/kAP4SB4+czXiosgMDIpbkthgU+MCatcHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:e2:e0:40:a0:e3:98:99:83:2e:5f:b3:9c:8f:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Apr 29 15:01:06 2025 GMT
            Not After : Apr 30 15:01:06 2025 GMT
        Subject: CN=7b9fec7d54a1c6c953378cfad7955428e961ee0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fb:a3:0d:0a:a9:66:82:ad:70:30:57:5c:60:
                    6e:65:e0:93:67:36:e4:2c:9c:bc:ad:b2:2c:8d:c8:
                    16:66:8a:9d:a1:8c:39:ad:8b:6a:4d:e0:8d:ae:38:
                    d7:c4:6b:23:08:43:ac:cf:13:1d:72:f3:ef:70:c9:
                    60:6a:69:18:51:60:5e:9b:c5:46:98:91:57:f4:ec:
                    89:a3:7f:cf:c6:3a:47:f8:7e:6a:aa:bb:e8:85:b7:
                    a9:ce:f1:e9:ae:82:f9:c6:c3:73:28:8e:d3:74:20:
                    5c:54:11:2e:64:10:82:45:b4:a6:3a:0c:d5:00:f5:
                    51:82:3b:d9:7c:2e:77:fa:4b:1b:90:27:fc:a1:5a:
                    3f:7f:30:b0:53:c6:ed:67:b6:cd:96:d6:20:f2:30:
                    d9:da:8b:01:9b:e6:b4:18:0a:f6:58:aa:94:0e:51:
                    2a:33:64:4d:26:4e:e2:65:5f:6c:e8:98:11:17:62:
                    10:5c:2a:f3:83:aa:22:1b:fc:26:d3:c4:c5:40:c0:
                    a9:4f:9f:a4:c2:44:98:8a:7b:8a:f9:57:89:32:07:
                    e5:0d:c6:a0:f4:06:ec:08:8f:88:fb:48:8d:47:bb:
                    5d:77:9d:5a:62:c2:64:ef:88:e2:a5:84:ec:ab:ec:
                    9a:15:a3:af:14:cf:ed:4b:12:05:d0:17:33:71:ba:
                    0b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:9F:EC:7D:54:A1:C6:C9:53:37:8C:FA:D7:95:54:28:E9:61:EE:0F
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:a6:ec:5a:71:3b:1f:74:8b:2c:4a:e5:fe:58:7c:49:0d:f3:
         03:66:a1:5a:52:06:89:49:28:9d:e0:e8:aa:85:5d:32:d8:fd:
         aa:7d:10:5a:ec:94:65:0b:af:28:d5:de:90:f2:73:5e:8c:9d:
         7d:25:b7:6d:fe:4c:a1:2b:76:8e:86:2a:dc:46:83:67:e3:26:
         b4:c8:36:53:78:ca:45:84:d4:a1:8d:c6:56:23:39:f9:e0:0a:
         0a:8a:48:62:ed:d3:8b:38:92:02:8f:33:f8:24:52:45:a5:ab:
         dd:09:c9:5a:bc:61:08:03:a9:c1:2a:44:90:c8:63:82:a9:62:
         ed:83:8f:f3:39:3e:d8:83:a1:ce:2b:ae:68:b2:d8:3e:b0:e9:
         60:00:29:f9:ea:96:17:a6:a9:e6:4a:6c:86:d4:58:b3:59:37:
         49:a5:9a:17:16:7c:d9:7d:15:a1:96:5d:30:3d:73:d9:29:50:
         0a:49:dc:11:d6:aa:7f:c5:d3:17:c4:18:10:91:62:d4:00:ad:
         4f:bb:4c:66:75:da:45:54:59:af:28:7f:16:81:bf:54:d2:c9:
         38:b5:37:72:79:b2:8d:60:b2:27:7e:9a:9a:4a:d3:8d:57:8e:
         5d:99:63:94:f2:09:1f:f3:54:4b:77:7f:f6:fc:40:ee:5e:f4:
         4b:64:d7:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEOLgQKDjmJmDLl+znI83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUwNDI5MTUwMTA2WhcNMjUwNDMwMTUwMTA2WjAzMTEwLwYDVQQD
Eyg3YjlmZWM3ZDU0YTFjNmM5NTMzNzhjZmFkNzk1NTQyOGU5NjFlZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/ujDQqpZoKtcDBXXGBuZeCTZzbk
LJy8rbIsjcgWZoqdoYw5rYtqTeCNrjjXxGsjCEOszxMdcvPvcMlgamkYUWBem8VG
mJFX9OyJo3/PxjpH+H5qqrvohbepzvHproL5xsNzKI7TdCBcVBEuZBCCRbSmOgzV
APVRgjvZfC53+ksbkCf8oVo/fzCwU8btZ7bNltYg8jDZ2osBm+a0GAr2WKqUDlEq
M2RNJk7iZV9s6JgRF2IQXCrzg6oiG/wm08TFQMCpT5+kwkSYinuK+VeJMgflDcag
9AbsCI+I+0iNR7tdd51aYsJk74jipYTsq+yaFaOvFM/tSxIF0BczcboLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuf7H1UocbJUzeM+teVVCjpYe4PMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKbsWnE7
H3SLLErl/lh8SQ3zA2ahWlIGiUkoneDoqoVdMtj9qn0QWuyUZQuvKNXekPJzXoyd
fSW3bf5MoSt2joYq3EaDZ+MmtMg2U3jKRYTUoY3GViM5+eAKCopIYu3TiziSAo8z
+CRSRaWr3QnJWrxhCAOpwSpEkMhjgqli7YOP8zk+2IOhziuuaLLYPrDpYAAp+eqW
F6ap5kpshtRYs1k3SaWaFxZ82X0VoZZdMD1z2SlQCkncEdaqf8XTF8QYEJFi1ACt
T7tMZnXaRVRZryh/FoG/VNLJOLU3cnmyjWCyJ36amkrTjVeOXZljlPIJH/NUS3d/
9vxA7l70S2TXTQ==
-----END CERTIFICATE-----