Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
File:                     2JkZ-1GnBREdaZbuww_8RC3pei8.mft (raw, json)
Hash identifier:          XSuzPi6a7CayYt2uI7YYkXSKpdIEFz6m5y7oRtk0hu8=
Subject key identifier:   D5:BB:9C:85:2B:62:8C:5A:8E:38:87:92:D3:50:9D:26:43:1D:60:EF
Authority key identifier: D8:99:19:FB:51:A7:05:11:1D:69:96:EE:C3:0F:FC:44:2D:E9:7A:2F
Certificate issuer:       /CN=d89919fb51a705111d6996eec30ffc442de97a2f
Certificate serial:       019677559CD082AAFB00E29CC1EACCF43963
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 13:00:21 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:21 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:21 +0000
Files and hashes:         1: 2JkZ-1GnBREdaZbuww_8RC3pei8.crl (hash: EMmpYgrsBEc7nDFQoxukwnmHIMddKNzZhE8mfpQ1OmQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:55:9c:d0:82:aa:fb:00:e2:9c:c1:ea:cc:f4:39:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d89919fb51a705111d6996eec30ffc442de97a2f
        Validity
            Not Before: Apr 27 13:00:21 2025 GMT
            Not After : Apr 28 13:00:21 2025 GMT
        Subject: CN=d5bb9c852b628c5a8e388792d3509d26431d60ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d4:5f:6c:3c:23:46:5d:01:d9:c4:30:ec:d9:
                    f4:07:aa:58:9d:55:6a:10:26:1c:1f:88:aa:c1:25:
                    aa:d2:cf:ca:15:0d:c8:37:fa:80:4a:19:94:df:e4:
                    14:db:99:09:98:82:15:37:f0:a9:4e:5f:83:a1:5b:
                    cf:a7:15:b9:93:8e:b3:05:1c:b1:fc:39:04:bb:d5:
                    b2:a1:80:56:bc:18:74:79:b3:23:fa:f9:86:df:66:
                    a8:ec:af:7e:33:e4:5d:4b:a2:72:05:56:ca:38:ac:
                    20:2b:09:5f:b8:c4:90:1b:a7:ed:90:1e:e7:c4:f8:
                    bb:c0:2e:af:df:d1:92:fa:ce:85:f1:9e:54:9f:47:
                    23:04:38:24:fb:b6:f4:21:eb:39:49:55:c6:94:65:
                    ec:79:ba:1d:8e:12:bd:99:61:dc:33:14:2f:a5:22:
                    61:19:cb:a6:e2:96:71:11:96:d6:14:aa:1e:b7:fb:
                    78:5f:cd:d4:8f:23:e4:0f:9c:06:ba:da:88:2d:a4:
                    bd:db:68:78:b4:e2:c6:97:b0:1e:54:17:75:c7:45:
                    7e:b7:39:82:6e:37:a2:f9:f5:f6:1c:74:1f:ff:b0:
                    e1:0b:2a:87:4f:dc:83:3c:07:93:4b:2c:87:a3:40:
                    a3:79:7a:0a:b9:73:72:25:4c:fd:e0:76:c1:84:b4:
                    d8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:BB:9C:85:2B:62:8C:5A:8E:38:87:92:D3:50:9D:26:43:1D:60:EF
            X509v3 Authority Key Identifier:
                keyid:D8:99:19:FB:51:A7:05:11:1D:69:96:EE:C3:0F:FC:44:2D:E9:7A:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JkZ-1GnBREdaZbuww_8RC3pei8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01e232-4551-4ce8-8cd8-7d8b1c91ec7b/1/2JkZ-1GnBREdaZbuww_8RC3pei8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:ca:e4:3f:d4:85:4d:be:85:30:6a:74:81:b6:3f:22:ef:62:
         c9:e3:eb:4d:92:79:8a:47:1a:8e:50:a7:ff:b4:8b:a7:70:25:
         bf:f3:9e:e2:82:5d:10:ac:eb:2a:c1:c2:1b:a3:a9:56:3f:71:
         ca:19:0c:db:6f:c8:0c:b6:2d:8a:f6:7b:b8:33:45:56:5c:b6:
         30:d8:6b:c7:ca:e4:56:00:af:09:0a:4c:5a:29:ac:10:ea:48:
         f1:74:05:9e:41:e1:24:6b:04:94:36:1d:bd:c9:77:22:7c:64:
         67:7b:f0:37:52:71:60:b3:d6:2f:eb:a5:b9:95:31:d4:e7:8c:
         42:a7:fe:9d:4e:7c:39:6a:11:3f:a2:2e:bd:8f:53:7b:12:0d:
         79:d5:f4:7f:0e:6a:4d:bb:08:35:3d:80:de:e4:06:5b:1f:11:
         d9:c5:92:7c:0d:82:b6:a5:6f:9d:b5:95:7f:b9:fa:dc:fa:a8:
         3b:6c:4d:ff:d4:4e:6f:dd:2f:a8:a0:0d:a5:69:8d:95:91:af:
         d0:0b:f5:e1:c9:e7:f0:58:82:d3:87:07:39:dc:07:b9:d2:1b:
         48:a9:76:4d:8f:91:72:2b:26:29:1c:76:85:93:b0:ab:22:6c:
         d3:3a:87:61:e2:35:44:28:b1:88:d6:79:6f:4d:b8:bb:5a:43:
         98:9e:8d:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VZzQgqr7AOKcwerM9DljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTkxOWZiNTFhNzA1MTExZDY5OTZlZWMzMGZmYzQ0MmRl
OTdhMmYwHhcNMjUwNDI3MTMwMDIxWhcNMjUwNDI4MTMwMDIxWjAzMTEwLwYDVQQD
EyhkNWJiOWM4NTJiNjI4YzVhOGUzODg3OTJkMzUwOWQyNjQzMWQ2MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNRfbDwjRl0B2cQw7Nn0B6pYnVVq
ECYcH4iqwSWq0s/KFQ3IN/qAShmU3+QU25kJmIIVN/CpTl+DoVvPpxW5k46zBRyx
/DkEu9WyoYBWvBh0ebMj+vmG32ao7K9+M+RdS6JyBVbKOKwgKwlfuMSQG6ftkB7n
xPi7wC6v39GS+s6F8Z5Un0cjBDgk+7b0Ies5SVXGlGXsebodjhK9mWHcMxQvpSJh
Gcum4pZxEZbWFKoet/t4X83UjyPkD5wGutqILaS922h4tOLGl7AeVBd1x0V+tzmC
bjei+fX2HHQf/7DhCyqHT9yDPAeTSyyHo0CjeXoKuXNyJUz94HbBhLTYPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNW7nIUrYoxajjiHktNQnSZDHWDvMB8GA1UdIwQY
MBaAFNiZGftRpwURHWmW7sMP/EQt6XovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMWUyMzItNDU1MS00Y2U4LThjZDgt
N2Q4YjFjOTFlYzdiLzEvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMWUyMzItNDU1MS00Y2U4LThjZDgtN2Q4YjFjOTFlYzdi
LzEvMkprWi0xR25CUkVkYVpidXd3XzhSQzNwZWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxsrkP9SF
Tb6FMGp0gbY/Iu9iyePrTZJ5ikcajlCn/7SLp3Alv/Oe4oJdEKzrKsHCG6OpVj9x
yhkM22/IDLYtivZ7uDNFVly2MNhrx8rkVgCvCQpMWimsEOpI8XQFnkHhJGsElDYd
vcl3InxkZ3vwN1JxYLPWL+uluZUx1OeMQqf+nU58OWoRP6IuvY9TexINedX0fw5q
TbsINT2A3uQGWx8R2cWSfA2CtqVvnbWVf7n63PqoO2xN/9ROb90vqKANpWmNlZGv
0Av14cnn8FiC04cHOdwHudIbSKl2TY+RcismKRx2hZOwqyJs0zqHYeI1RCixiNZ5
b024u1pDmJ6NqQ==
-----END CERTIFICATE-----