Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.mft
File:                     SqL6b2dw9y2AhLxsGDBYuA6DjXM.mft (raw, json)
Hash identifier:          glIDVjZjSZWHhdjvneqNbv7axHySEgk+sLEoiPs+4sg=
Subject key identifier:   CA:80:B5:32:B3:01:90:86:02:02:9E:94:80:20:F1:5A:1B:77:F9:F4
Authority key identifier: 4A:A2:FA:6F:67:70:F7:2D:80:84:BC:6C:18:30:58:B8:0E:83:8D:73
Certificate issuer:       /CN=4aa2fa6f6770f72d8084bc6c183058b80e838d73
Certificate serial:       01967ED855F264373C9EA31C772505F3459F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SqL6b2dw9y2AhLxsGDBYuA6DjXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.mft
Manifest number:          F2
Signing time:             Tue 29 Apr 2025 00:00:29 +0000
Manifest this update:     Tue 29 Apr 2025 00:00:29 +0000
Manifest next update:     Wed 30 Apr 2025 00:00:29 +0000
Files and hashes:         1: SqL6b2dw9y2AhLxsGDBYuA6DjXM.crl (hash: cHNf4jJ3QbpngyTRAxeEtjO1n7KaYphaRve1YyjF16I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SqL6b2dw9y2AhLxsGDBYuA6DjXM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7e:d8:55:f2:64:37:3c:9e:a3:1c:77:25:05:f3:45:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aa2fa6f6770f72d8084bc6c183058b80e838d73
        Validity
            Not Before: Apr 29 00:00:29 2025 GMT
            Not After : Apr 30 00:00:29 2025 GMT
        Subject: CN=ca80b532b301908602029e948020f15a1b77f9f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:bc:59:82:2f:84:83:ac:5a:34:14:fb:ee:60:
                    db:88:9e:0f:d3:0f:c9:de:a3:8a:7a:50:e4:b6:9a:
                    c8:85:0b:56:e4:03:f6:d4:8e:16:15:7a:76:3f:97:
                    b3:f3:b9:cd:5a:34:31:cb:dd:56:87:5c:b9:47:be:
                    9d:0a:97:9e:59:7d:af:56:4b:b6:bf:4a:45:33:df:
                    46:5b:16:05:2a:c5:a3:88:75:2b:c0:60:32:8f:42:
                    e1:ba:05:8f:8e:71:54:df:5d:b5:4a:29:c3:c2:7e:
                    34:50:b4:82:68:ba:3f:fd:48:46:f6:43:bc:82:0a:
                    e0:cd:24:41:10:ac:7a:2d:fa:88:33:5f:79:a8:07:
                    50:07:69:94:5d:dd:b1:41:21:da:22:a4:08:2b:7c:
                    10:5e:32:bd:cd:c5:d2:14:49:af:a1:20:62:c2:5d:
                    88:67:bd:0f:ac:0f:63:68:3d:cf:38:25:b9:52:ae:
                    5b:56:70:15:b7:1e:8c:87:b0:85:c8:e9:89:9c:23:
                    b1:ba:a2:6d:48:0e:1d:ef:8c:96:45:c7:02:c9:0a:
                    59:79:fd:84:41:d8:df:cf:86:a3:ca:cb:e4:f4:30:
                    3c:58:40:80:37:42:94:03:d2:02:b0:51:59:fa:a4:
                    27:45:0e:70:ba:e8:8b:64:fe:25:f5:09:e1:e4:58:
                    b4:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:80:B5:32:B3:01:90:86:02:02:9E:94:80:20:F1:5A:1B:77:F9:F4
            X509v3 Authority Key Identifier:
                keyid:4A:A2:FA:6F:67:70:F7:2D:80:84:BC:6C:18:30:58:B8:0E:83:8D:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqL6b2dw9y2AhLxsGDBYuA6DjXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/297bd8-beaf-4609-9c60-7474f916db47/1/SqL6b2dw9y2AhLxsGDBYuA6DjXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:73:0a:05:c0:06:bb:4d:15:47:ae:ec:1d:76:f8:7a:22:c5:
         a2:6e:14:e4:bf:b4:9f:d3:f8:c0:97:61:de:53:1b:d5:2d:e7:
         70:80:97:3c:b7:54:c8:65:e4:a6:2f:cb:4d:eb:b4:ba:3c:0a:
         42:35:ac:02:a4:21:35:45:c2:8e:dd:bf:a6:ea:32:49:64:fe:
         20:1a:d2:48:ad:a7:30:a0:d1:05:eb:68:f6:88:95:17:75:dc:
         16:63:76:36:2f:cb:95:9f:e3:a1:cb:b7:5e:cf:9a:32:84:ec:
         09:a1:ca:49:71:03:6a:ff:aa:b4:4f:ba:ed:06:48:6e:28:d9:
         ff:79:aa:29:c1:fa:8d:76:cd:d1:14:84:03:f4:48:14:a5:dc:
         0c:55:90:b1:15:f8:22:4f:3e:1a:85:83:1f:04:50:56:34:9c:
         1f:a5:36:82:f9:8f:e9:bc:d5:5d:d8:03:b3:d6:81:79:25:6f:
         ae:5c:61:3f:de:9a:da:7c:c1:b4:a1:be:99:db:ea:30:a2:e7:
         71:9b:fe:8e:52:b8:67:ed:2a:18:7c:d5:6e:42:17:bb:5d:97:
         8a:1b:9c:04:b7:d0:3c:0e:b4:13:86:dd:f4:13:40:1a:bf:1a:
         f5:72:36:48:68:76:39:03:5a:49:16:93:52:af:3c:35:de:90:
         85:1a:9b:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ+2FXyZDc8nqMcdyUF80WfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYTJmYTZmNjc3MGY3MmQ4MDg0YmM2YzE4MzA1OGI4MGU4
MzhkNzMwHhcNMjUwNDI5MDAwMDI5WhcNMjUwNDMwMDAwMDI5WjAzMTEwLwYDVQQD
EyhjYTgwYjUzMmIzMDE5MDg2MDIwMjllOTQ4MDIwZjE1YTFiNzdmOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrxZgi+Eg6xaNBT77mDbiJ4P0w/J
3qOKelDktprIhQtW5AP21I4WFXp2P5ez87nNWjQxy91Wh1y5R76dCpeeWX2vVku2
v0pFM99GWxYFKsWjiHUrwGAyj0LhugWPjnFU3121SinDwn40ULSCaLo//UhG9kO8
ggrgzSRBEKx6LfqIM195qAdQB2mUXd2xQSHaIqQIK3wQXjK9zcXSFEmvoSBiwl2I
Z70PrA9jaD3POCW5Uq5bVnAVtx6Mh7CFyOmJnCOxuqJtSA4d74yWRccCyQpZef2E
Qdjfz4ajysvk9DA8WECAN0KUA9ICsFFZ+qQnRQ5wuuiLZP4l9Qnh5Fi0NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqAtTKzAZCGAgKelIAg8Vobd/n0MB8GA1UdIwQY
MBaAFEqi+m9ncPctgIS8bBgwWLgOg41zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3FMNmIyZHc5eTJBaEx4c0dEQll1QTZEalhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yOTdiZDgtYmVhZi00NjA5LTljNjAt
NzQ3NGY5MTZkYjQ3LzEvU3FMNmIyZHc5eTJBaEx4c0dEQll1QTZEalhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yOTdiZDgtYmVhZi00NjA5LTljNjAtNzQ3NGY5MTZkYjQ3
LzEvU3FMNmIyZHc5eTJBaEx4c0dEQll1QTZEalhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHMKBcAG
u00VR67sHXb4eiLFom4U5L+0n9P4wJdh3lMb1S3ncICXPLdUyGXkpi/LTeu0ujwK
QjWsAqQhNUXCjt2/puoySWT+IBrSSK2nMKDRBeto9oiVF3XcFmN2Ni/LlZ/jocu3
Xs+aMoTsCaHKSXEDav+qtE+67QZIbijZ/3mqKcH6jXbN0RSEA/RIFKXcDFWQsRX4
Ik8+GoWDHwRQVjScH6U2gvmP6bzVXdgDs9aBeSVvrlxhP96a2nzBtKG+mdvqMKLn
cZv+jlK4Z+0qGHzVbkIXu12XihucBLfQPA60E4bd9BNAGr8a9XI2SGh2OQNaSRaT
Uq88Nd6QhRqbTQ==
-----END CERTIFICATE-----