Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File:                     G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier:          nCnH/y/8+q0jYmXNZR771oOW/Zyu1fl3ooJzry1c+pg=
Subject key identifier:   65:1F:49:84:B4:E6:0B:F5:13:33:EC:7B:84:F4:81:FE:05:F6:EE:FC
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer:       /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial:       01968BB8A85C9D7A4121975E235C068F3989
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number:          0E13
Signing time:             Thu 01 May 2025 12:00:56 +0000
Manifest this update:     Thu 01 May 2025 12:00:56 +0000
Manifest next update:     Fri 02 May 2025 12:00:56 +0000
Files and hashes:         1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: K79Lo5sSF/YCg3ZzihXZgBLBwbgDRUTCKcAZETA65hg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:b8:a8:5c:9d:7a:41:21:97:5e:23:5c:06:8f:39:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
        Validity
            Not Before: May  1 12:00:56 2025 GMT
            Not After : May  2 12:00:56 2025 GMT
        Subject: CN=651f4984b4e60bf51333ec7b84f481fe05f6eefc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e0:74:8f:bb:3a:0d:0b:4b:d2:09:c3:f3:61:
                    bb:ee:16:7a:68:d7:3e:ba:dc:30:56:b2:ea:d7:2f:
                    10:b5:da:27:b8:d4:d7:e7:12:8d:14:91:5b:5a:08:
                    6d:5f:17:46:94:c8:1b:b8:d3:67:89:30:c8:ac:7f:
                    c2:4b:7f:bf:dd:00:3d:74:63:af:70:d5:62:62:c0:
                    e9:77:69:a5:3c:60:02:26:d3:f5:8e:ec:5d:c6:68:
                    b0:2a:5d:66:8e:3d:e2:95:0e:d9:e7:4c:db:ca:3c:
                    45:8c:68:16:5b:c4:72:6a:24:b4:4d:4d:56:e6:95:
                    8d:01:6a:8b:ea:d9:83:e1:86:dc:b2:5f:36:1f:ad:
                    32:94:e5:0a:66:17:43:8f:2b:4b:9b:4b:ec:e4:d6:
                    21:86:44:7b:31:06:bc:5a:64:b9:69:15:a2:45:4e:
                    a3:e6:58:20:5f:1b:34:91:b4:2f:4e:7b:9e:47:c0:
                    ec:ea:5a:17:12:17:77:bf:08:a7:c5:1d:9d:6d:f1:
                    a7:07:f6:79:ef:ac:30:22:83:c7:2f:a1:53:8f:66:
                    25:3b:b0:53:74:b4:2b:93:6f:eb:5b:af:aa:0b:4d:
                    51:02:4d:82:e2:8c:ed:26:0b:c4:3f:65:51:e7:2f:
                    7c:e9:bf:bc:4d:47:3a:1b:34:5e:1f:11:f7:de:10:
                    09:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:1F:49:84:B4:E6:0B:F5:13:33:EC:7B:84:F4:81:FE:05:F6:EE:FC
            X509v3 Authority Key Identifier:
                keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c0:8d:df:ad:44:8a:06:a1:6f:9a:cd:19:e4:1a:cc:ea:56:
         d8:2f:bc:00:17:a2:d7:d2:60:02:af:14:2d:73:e4:e3:06:95:
         f2:e5:c7:0c:ee:51:34:ad:65:4b:d2:8e:6f:f9:91:7c:d2:b2:
         bb:a5:11:e1:a4:e5:67:f7:6d:77:b4:2e:21:14:1c:d5:13:c1:
         09:b3:0c:a0:fb:ca:90:ee:87:fd:da:1c:d2:3a:77:06:54:fe:
         1c:f9:44:42:75:9d:d5:1a:c5:95:b3:16:0f:c4:5c:2c:34:00:
         ad:e4:3a:60:58:61:d3:d9:e4:08:f9:ed:70:74:be:fc:43:55:
         7c:7a:59:8f:1c:60:1e:dd:ef:79:5e:ef:f0:2a:7d:03:bf:26:
         55:32:24:28:a5:3b:7a:e8:38:3e:8e:db:99:5b:cb:24:e6:ee:
         a7:e0:e3:a1:0a:e5:85:03:68:c1:6b:b4:dd:46:87:87:dd:ec:
         85:67:e6:21:91:9d:a9:7f:0c:6a:9c:8e:8e:ed:81:f0:03:77:
         1b:85:21:11:08:4f:0e:cd:7b:db:58:2d:84:b5:11:82:66:d9:
         c9:31:be:25:29:26:23:f6:64:cd:99:a5:48:81:e7:43:e9:48:
         e3:7a:14:f1:04:37:29:8f:e5:9f:f8:12:5b:83:59:8f:e5:7e:
         02:f3:5b:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaLuKhcnXpBIZdeI1wGjzmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjUwNTAxMTIwMDU2WhcNMjUwNTAyMTIwMDU2WjAzMTEwLwYDVQQD
Eyg2NTFmNDk4NGI0ZTYwYmY1MTMzM2VjN2I4NGY0ODFmZTA1ZjZlZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuB0j7s6DQtL0gnD82G77hZ6aNc+
utwwVrLq1y8QtdonuNTX5xKNFJFbWghtXxdGlMgbuNNniTDIrH/CS3+/3QA9dGOv
cNViYsDpd2mlPGACJtP1juxdxmiwKl1mjj3ilQ7Z50zbyjxFjGgWW8RyaiS0TU1W
5pWNAWqL6tmD4Ybcsl82H60ylOUKZhdDjytLm0vs5NYhhkR7MQa8WmS5aRWiRU6j
5lggXxs0kbQvTnueR8Ds6loXEhd3vwinxR2dbfGnB/Z576wwIoPHL6FTj2YlO7BT
dLQrk2/rW6+qC01RAk2C4oztJgvEP2VR5y986b+8TUc6GzReHxH33hAJFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUfSYS05gv1EzPse4T0gf4F9u78MB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOsCN361E
igahb5rNGeQazOpW2C+8ABei19JgAq8ULXPk4waV8uXHDO5RNK1lS9KOb/mRfNKy
u6UR4aTlZ/dtd7QuIRQc1RPBCbMMoPvKkO6H/doc0jp3BlT+HPlEQnWd1RrFlbMW
D8RcLDQAreQ6YFhh09nkCPntcHS+/ENVfHpZjxxgHt3veV7v8Cp9A78mVTIkKKU7
eug4Po7bmVvLJObup+DjoQrlhQNowWu03UaHh93shWfmIZGdqX8MapyOju2B8AN3
G4UhEQhPDs1721gthLURgmbZyTG+JSkmI/ZkzZmlSIHnQ+lI43oU8QQ3KY/ln/gS
W4NZj+V+AvNbtw==
-----END CERTIFICATE-----