Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          uJD815AwCYHNdfTl6IaDOALYJE2g9lKuCMlk0YHZ6XA=
Subject key identifier:   28:6D:CA:DC:83:6F:00:0A:2D:81:EE:DD:21:8E:D7:2C:54:6D:7D:2A
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       019679EA25D2EEA418C2D9F8769A96A1413B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0E4E
Signing time:             Mon 28 Apr 2025 01:01:50 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:50 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:50 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: J4NYIHH0zYJluiyPF3E3FztleTmqnXe095oLFeoNdB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:ea:25:d2:ee:a4:18:c2:d9:f8:76:9a:96:a1:41:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Apr 28 01:01:50 2025 GMT
            Not After : Apr 29 01:01:50 2025 GMT
        Subject: CN=286dcadc836f000a2d81eedd218ed72c546d7d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:45:17:3c:89:17:e9:90:41:e2:7d:18:57:26:
                    86:3b:b0:87:aa:94:e3:68:36:6f:a7:56:a9:17:f4:
                    7b:59:9e:b9:66:39:32:6e:3a:a6:34:bf:ef:c5:8a:
                    31:7b:f7:c0:fc:24:be:75:74:f9:25:79:bd:7d:9e:
                    b5:64:9b:4d:d3:54:40:c5:18:09:1b:3c:79:c7:02:
                    82:b7:c4:54:21:03:0f:94:e9:07:5d:37:0f:e4:53:
                    88:be:f0:be:36:c2:00:b6:0c:f3:a7:d3:20:78:9d:
                    56:be:fc:bf:bc:9f:52:9f:c5:f1:5c:4e:08:84:8e:
                    91:76:a2:86:69:d0:9c:2c:1e:6d:49:86:a0:65:1e:
                    73:96:f7:9f:75:38:fc:82:32:d9:86:38:bd:7a:9d:
                    3b:b2:76:e7:3f:2e:1d:f9:f4:cc:00:d8:04:e2:2a:
                    b0:c3:d4:9c:a1:d3:85:4b:f8:6f:3e:55:96:bd:f0:
                    1e:0a:2a:59:c8:46:d9:55:f6:b9:91:bb:48:62:af:
                    a4:dd:2d:07:50:64:50:88:d3:e1:ff:f3:e5:05:96:
                    26:57:05:0a:de:04:49:08:b6:a8:6f:df:8a:e3:31:
                    a4:56:9c:19:b5:a2:c9:89:e0:ac:bb:c1:bf:76:8f:
                    6c:cd:47:5c:41:d5:cd:38:66:87:68:18:d2:eb:3f:
                    2d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:6D:CA:DC:83:6F:00:0A:2D:81:EE:DD:21:8E:D7:2C:54:6D:7D:2A
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:8e:62:ae:1a:4f:76:22:8c:4a:81:0e:f5:bf:30:8d:f8:23:
         14:3c:85:fe:9c:9e:c7:df:87:f2:4b:00:80:b0:c0:8e:a6:ba:
         12:25:b1:88:8e:32:0d:df:04:5e:3f:b9:b4:86:0a:f0:64:2a:
         1d:22:46:45:ce:0e:3c:24:68:29:3c:4a:ca:ac:11:ce:8c:3e:
         ad:89:e6:d5:da:55:75:ba:6d:aa:38:b8:7e:46:16:6b:96:5c:
         62:71:de:a8:6f:ec:d6:7a:f8:e1:2a:22:6a:42:36:35:0a:a8:
         1b:a3:d8:81:a8:b3:d3:ff:fe:11:fa:bf:5c:0d:69:be:65:ca:
         69:a2:93:b8:62:dc:19:d7:14:5a:53:70:ee:ac:e8:4b:8d:3f:
         7e:2d:08:34:73:8e:61:8b:70:d9:9a:f3:38:dd:14:bd:1d:9e:
         84:97:42:af:4e:a7:d1:97:12:76:3a:8f:fb:c8:37:27:0a:57:
         4b:5f:a6:56:43:80:d3:4f:af:b9:e8:c3:80:23:ed:18:e7:41:
         88:9d:ab:73:8d:a9:28:07:1a:f9:e5:3f:7a:98:00:83:45:ba:
         b4:9e:a0:f8:26:05:af:3a:d5:ed:2c:b9:8d:f4:b1:ce:3d:45:
         64:44:d2:d5:56:7d:e0:d2:4e:fa:2a:a7:10:ed:22:05:8b:59:
         9d:08:02:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56iXS7qQYwtn4dpqWoUE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwNDI4MDEwMTUwWhcNMjUwNDI5MDEwMTUwWjAzMTEwLwYDVQQD
EygyODZkY2FkYzgzNmYwMDBhMmQ4MWVlZGQyMThlZDcyYzU0NmQ3ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EUXPIkX6ZBB4n0YVyaGO7CHqpTj
aDZvp1apF/R7WZ65ZjkybjqmNL/vxYoxe/fA/CS+dXT5JXm9fZ61ZJtN01RAxRgJ
Gzx5xwKCt8RUIQMPlOkHXTcP5FOIvvC+NsIAtgzzp9MgeJ1Wvvy/vJ9Sn8XxXE4I
hI6RdqKGadCcLB5tSYagZR5zlvefdTj8gjLZhji9ep07snbnPy4d+fTMANgE4iqw
w9ScodOFS/hvPlWWvfAeCipZyEbZVfa5kbtIYq+k3S0HUGRQiNPh//PlBZYmVwUK
3gRJCLaob9+K4zGkVpwZtaLJieCsu8G/do9szUdcQdXNOGaHaBjS6z8t3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChtytyDbwAKLYHu3SGO1yxUbX0qMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI45irhpP
diKMSoEO9b8wjfgjFDyF/pyex9+H8ksAgLDAjqa6EiWxiI4yDd8EXj+5tIYK8GQq
HSJGRc4OPCRoKTxKyqwRzow+rYnm1dpVdbptqji4fkYWa5ZcYnHeqG/s1nr44Soi
akI2NQqoG6PYgaiz0//+Efq/XA1pvmXKaaKTuGLcGdcUWlNw7qzoS40/fi0INHOO
YYtw2ZrzON0UvR2ehJdCr06n0ZcSdjqP+8g3JwpXS1+mVkOA00+vuejDgCPtGOdB
iJ2rc42pKAca+eU/epgAg0W6tJ6g+CYFrzrV7Sy5jfSxzj1FZETS1VZ94NJO+iqn
EO0iBYtZnQgCvw==
-----END CERTIFICATE-----