Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          botmrv2RK/+yEWJpdldnBghZRVuieMKRvcgnnbBb7SU=
Subject key identifier:   3D:88:D3:A3:44:3F:E9:A1:74:CD:B8:AE:5F:84:77:69:C0:11:80:DB
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       01967567C7EE20DA032CFCE1931B49630526
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          046F
Signing time:             Sun 27 Apr 2025 04:00:57 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:57 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:57 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: 3nbGORKWYMdHeSFU2dBXzBcedKMfR20gk6LsWvbWs9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:c7:ee:20:da:03:2c:fc:e1:93:1b:49:63:05:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Apr 27 04:00:57 2025 GMT
            Not After : Apr 28 04:00:57 2025 GMT
        Subject: CN=3d88d3a3443fe9a174cdb8ae5f847769c01180db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c5:55:e1:b7:a9:47:38:e9:b1:04:4a:02:fc:
                    c3:54:90:23:3d:8e:bd:a0:a9:75:be:78:f1:b6:13:
                    03:0f:f1:bf:c9:4c:ea:f5:99:f8:93:5c:a9:cf:0a:
                    1f:9b:8d:36:cd:b5:05:fc:e4:89:3a:38:a7:0e:12:
                    73:b4:1b:7a:f3:a1:a8:0e:f0:bb:01:79:a2:17:80:
                    a6:2d:56:2d:73:77:4e:30:e8:42:b4:91:ee:89:84:
                    61:57:e8:26:2b:1e:8e:d7:71:d1:51:7b:b4:42:8a:
                    d7:c9:8f:b3:e7:48:6b:2a:6f:16:41:c3:1c:d1:1f:
                    43:4d:59:64:48:63:6e:67:e4:a3:f8:04:2d:3a:07:
                    a1:17:f3:b8:71:d9:bb:bc:8c:54:77:28:b3:09:36:
                    1d:12:ed:de:8c:da:66:04:58:44:24:83:2b:ce:0c:
                    7c:05:e5:2b:11:c2:93:71:8d:aa:37:dc:bc:ea:f7:
                    72:1b:a7:e0:10:7b:d9:1f:11:26:2a:89:c3:e4:a2:
                    1a:ba:bd:ff:b3:49:4e:b1:45:2c:49:73:4f:a5:0f:
                    64:21:6f:b4:7b:b2:e4:96:b8:c5:4b:80:6a:58:c8:
                    7d:87:e5:54:9b:70:6b:06:63:da:09:40:9c:50:8e:
                    d9:c2:f5:32:03:3b:86:94:28:41:5e:cd:cd:a9:fe:
                    cb:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:88:D3:A3:44:3F:E9:A1:74:CD:B8:AE:5F:84:77:69:C0:11:80:DB
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:53:a2:5f:67:46:8c:eb:23:b6:40:ac:d3:9f:fa:ce:75:9c:
         81:f6:1d:c6:9a:2f:c2:b1:c6:c3:ae:74:21:1d:e6:a8:d1:52:
         75:41:cb:cf:b0:68:ab:e5:24:0c:45:37:6e:d8:19:09:c9:9e:
         b8:cc:4f:ab:69:33:ec:c2:45:55:fb:a0:b3:a6:3a:1b:2b:19:
         a8:00:75:9d:14:e2:0f:c3:8c:0c:1e:05:d7:3b:40:03:f0:93:
         86:93:cd:78:78:23:26:9d:2b:6c:43:5b:3a:02:63:09:3b:8b:
         e4:2a:9b:41:8a:eb:46:3f:e9:f8:bb:a0:f0:ba:ce:0a:75:cf:
         06:e8:de:fe:d5:2f:16:9a:1a:e0:7b:ca:9e:1f:d3:92:8f:ac:
         f7:82:f7:e4:2a:3d:0f:d3:1b:b1:01:fb:18:f0:86:27:3d:16:
         e1:64:e7:98:b7:fb:36:73:fb:cf:8e:65:49:48:e0:c7:ec:ae:
         e9:6d:83:8d:6a:22:d1:43:82:98:07:ba:c2:b1:62:04:ab:01:
         d3:04:7f:e1:04:6a:c7:b6:6d:61:d4:80:74:86:4e:e2:bd:cf:
         a2:91:cd:a4:fa:bc:8f:1b:0c:fc:02:31:37:79:f4:4b:f6:69:
         10:f3:e0:fe:4d:51:50:73:de:bf:46:92:16:86:a0:52:61:35:
         12:12:62:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z8fuINoDLPzhkxtJYwUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwNDI3MDQwMDU3WhcNMjUwNDI4MDQwMDU3WjAzMTEwLwYDVQQD
EygzZDg4ZDNhMzQ0M2ZlOWExNzRjZGI4YWU1Zjg0Nzc2OWMwMTE4MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8VV4bepRzjpsQRKAvzDVJAjPY69
oKl1vnjxthMDD/G/yUzq9Zn4k1ypzwofm402zbUF/OSJOjinDhJztBt686GoDvC7
AXmiF4CmLVYtc3dOMOhCtJHuiYRhV+gmKx6O13HRUXu0QorXyY+z50hrKm8WQcMc
0R9DTVlkSGNuZ+Sj+AQtOgehF/O4cdm7vIxUdyizCTYdEu3ejNpmBFhEJIMrzgx8
BeUrEcKTcY2qN9y86vdyG6fgEHvZHxEmKonD5KIaur3/s0lOsUUsSXNPpQ9kIW+0
e7LklrjFS4BqWMh9h+VUm3BrBmPaCUCcUI7ZwvUyAzuGlChBXs3Nqf7LvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2I06NEP+mhdM24rl+Ed2nAEYDbMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1OiX2dG
jOsjtkCs05/6znWcgfYdxpovwrHGw650IR3mqNFSdUHLz7Boq+UkDEU3btgZCcme
uMxPq2kz7MJFVfugs6Y6GysZqAB1nRTiD8OMDB4F1ztAA/CThpPNeHgjJp0rbENb
OgJjCTuL5CqbQYrrRj/p+Lug8LrOCnXPBuje/tUvFpoa4HvKnh/Tko+s94L35Co9
D9MbsQH7GPCGJz0W4WTnmLf7NnP7z45lSUjgx+yu6W2DjWoi0UOCmAe6wrFiBKsB
0wR/4QRqx7ZtYdSAdIZO4r3PopHNpPq8jxsM/AIxN3n0S/ZpEPPg/k1RUHPev0aS
FoagUmE1EhJicA==
-----END CERTIFICATE-----