Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          1E9hURQ0iraF5AHTZdcfAX7/LU2y5mv6JHms27PPw+8=
Subject key identifier:   D2:99:69:FF:06:F2:7A:46:0E:F1:47:E3:18:B1:69:8B:6F:30:5D:94
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       0196760BEA5660291B2C8932063C2B64D241
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0908
Signing time:             Sun 27 Apr 2025 07:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:14 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: 58wpjm8ZVks668iK8r6W7NnMliOpsdBWloKxypUfvs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0b:ea:56:60:29:1b:2c:89:32:06:3c:2b:64:d2:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Apr 27 07:00:14 2025 GMT
            Not After : Apr 28 07:00:14 2025 GMT
        Subject: CN=d29969ff06f27a460ef147e318b1698b6f305d94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:12:fd:d7:d5:b6:70:c8:52:0f:96:dc:8d:24:
                    4b:01:9f:d8:bd:0e:18:3e:83:ce:67:94:bc:c8:5b:
                    2f:ef:ca:e3:31:72:27:b9:23:f5:a6:f5:e4:62:06:
                    e7:a1:7f:63:66:1e:0b:ca:8c:56:39:70:a8:68:4a:
                    1f:18:37:60:17:75:72:3a:b2:da:a6:84:9b:6a:fe:
                    47:73:54:ab:ed:ef:8c:d1:62:26:f5:b4:79:fd:e5:
                    80:53:5b:e3:4e:a3:84:21:9c:8e:aa:11:26:36:51:
                    70:0b:9e:32:14:6b:13:46:a5:04:7c:27:0d:22:a6:
                    39:97:a4:95:f1:10:c2:58:b9:ed:a8:0b:ea:19:10:
                    7b:8e:95:67:1e:cc:53:25:5f:26:9e:ec:70:1e:68:
                    45:9a:14:d9:fe:01:0c:da:61:85:81:43:11:92:1b:
                    b5:62:41:65:27:0c:39:a8:1b:99:d5:2e:b3:63:31:
                    4d:3d:69:7c:d9:ce:dd:26:ee:bd:41:a7:57:7b:f5:
                    31:69:f3:38:af:98:d3:17:22:a8:b8:9b:d9:bb:d1:
                    39:b6:07:c5:82:88:84:b4:39:48:7c:1a:a5:a0:7d:
                    2a:29:0b:09:a2:a5:92:6b:3c:2f:f8:e8:72:80:4a:
                    5f:08:46:94:f9:aa:38:31:e5:29:87:54:3e:0f:74:
                    8b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:99:69:FF:06:F2:7A:46:0E:F1:47:E3:18:B1:69:8B:6F:30:5D:94
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:cd:76:44:8d:8c:24:95:72:71:31:0a:5c:a7:47:3c:2d:72:
         84:0a:66:9f:a8:48:52:e6:bc:84:e7:97:53:cd:5c:fa:d3:4d:
         80:0e:2f:cf:a5:f2:ac:38:dd:16:dc:ef:b9:c6:df:db:3a:c7:
         f4:ad:d3:6b:ca:07:82:fb:5e:6f:6e:37:2d:54:da:f1:c5:68:
         95:d1:b9:19:f3:96:d2:65:f1:8e:3a:1c:ca:8d:da:fc:13:5c:
         46:64:7b:97:0a:2f:37:82:89:01:73:db:9f:de:ae:c6:0a:00:
         99:f5:ca:69:55:96:eb:f3:7d:76:81:84:f9:0f:87:2b:98:8c:
         e5:72:79:50:3f:78:35:d1:17:90:04:00:c6:2c:1c:a5:80:d7:
         15:2d:06:98:8c:0c:4a:0f:be:a8:04:db:e6:b4:c4:cd:a4:a5:
         79:53:4f:80:77:dc:d4:d0:1a:f7:ec:d5:a0:51:40:70:b2:67:
         69:d2:99:17:fb:79:ba:84:18:5f:49:a6:a1:c9:23:aa:bb:f7:
         31:50:22:02:e6:ff:30:ec:6c:79:83:fb:36:68:6d:61:fc:f5:
         1e:5a:fb:b2:f9:11:c6:d9:c4:4f:12:45:66:dd:78:b2:db:20:
         1f:96:14:6b:81:94:6a:8b:20:38:21:e1:77:30:e5:bc:aa:43:
         76:2a:72:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2C+pWYCkbLIkyBjwrZNJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjUwNDI3MDcwMDE0WhcNMjUwNDI4MDcwMDE0WjAzMTEwLwYDVQQD
EyhkMjk5NjlmZjA2ZjI3YTQ2MGVmMTQ3ZTMxOGIxNjk4YjZmMzA1ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBL919W2cMhSD5bcjSRLAZ/YvQ4Y
PoPOZ5S8yFsv78rjMXInuSP1pvXkYgbnoX9jZh4LyoxWOXCoaEofGDdgF3VyOrLa
poSbav5Hc1Sr7e+M0WIm9bR5/eWAU1vjTqOEIZyOqhEmNlFwC54yFGsTRqUEfCcN
IqY5l6SV8RDCWLntqAvqGRB7jpVnHsxTJV8mnuxwHmhFmhTZ/gEM2mGFgUMRkhu1
YkFlJww5qBuZ1S6zYzFNPWl82c7dJu69QadXe/UxafM4r5jTFyKouJvZu9E5tgfF
goiEtDlIfBqloH0qKQsJoqWSazwv+OhygEpfCEaU+ao4MeUph1Q+D3SLTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKZaf8G8npGDvFH4xixaYtvMF2UMB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPM12RI2M
JJVycTEKXKdHPC1yhApmn6hIUua8hOeXU81c+tNNgA4vz6XyrDjdFtzvucbf2zrH
9K3Ta8oHgvteb243LVTa8cVoldG5GfOW0mXxjjocyo3a/BNcRmR7lwovN4KJAXPb
n96uxgoAmfXKaVWW6/N9doGE+Q+HK5iM5XJ5UD94NdEXkAQAxiwcpYDXFS0GmIwM
Sg++qATb5rTEzaSleVNPgHfc1NAa9+zVoFFAcLJnadKZF/t5uoQYX0mmockjqrv3
MVAiAub/MOxseYP7NmhtYfz1Hlr7svkRxtnETxJFZt14stsgH5YUa4GUaosgOCHh
dzDlvKpDdipyeQ==
-----END CERTIFICATE-----