Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          BTEHSf1B0mq5/io/IZLv2ZxoIqh0qx1XUAOSH0DNwTE=
Subject key identifier:   A8:22:94:74:D4:A6:24:1B:70:53:BF:05:22:22:22:D9:0D:EA:BD:CC
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       0196876DB87B930F93358DE062C35DEEFEB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          059C
Signing time:             Wed 30 Apr 2025 16:00:36 +0000
Manifest this update:     Wed 30 Apr 2025 16:00:36 +0000
Manifest next update:     Thu 01 May 2025 16:00:36 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: q9eo87jO6KwJdvrFDIAFyjG5ilHQvYc2Q/gMWZmzEVU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6d:b8:7b:93:0f:93:35:8d:e0:62:c3:5d:ee:fe:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Apr 30 16:00:36 2025 GMT
            Not After : May  1 16:00:36 2025 GMT
        Subject: CN=a8229474d4a6241b7053bf05222222d90deabdcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:10:f1:91:08:93:68:c3:43:c7:56:73:4e:b6:
                    b1:35:ab:a0:1f:b3:36:9f:0c:64:a0:10:31:50:69:
                    94:17:a6:b1:41:bf:82:78:48:cb:d6:c1:bd:52:6e:
                    52:ee:3e:60:b6:6f:7c:0e:ed:88:7c:65:92:77:67:
                    40:15:78:29:51:4e:dd:fb:05:53:0b:ca:74:16:ac:
                    e7:c7:f8:20:70:c6:78:2d:8a:68:96:51:db:ff:7e:
                    f1:6d:0d:2a:aa:38:78:fe:23:d9:2d:ff:48:b5:3e:
                    f5:ac:ff:fb:f4:75:67:79:4d:62:bb:ca:88:fb:b0:
                    23:1c:2b:e5:3f:a2:4d:92:f0:1b:51:d6:bf:8d:2f:
                    a0:98:f9:9c:95:8a:04:a4:0e:53:69:32:fb:1c:35:
                    6f:34:8b:3a:86:7a:55:51:1b:c0:52:2a:c1:02:4b:
                    38:d9:16:5a:40:fe:a4:87:c6:c3:80:a5:5d:bc:b8:
                    ef:5b:dd:2b:0b:b2:8f:04:8c:06:fd:cf:75:ac:e8:
                    f5:85:cd:76:5f:64:5e:ed:33:ad:0a:d3:c3:89:91:
                    f8:49:24:e7:3d:bd:95:ff:71:2e:be:a6:48:08:45:
                    2c:12:15:9e:0a:d3:b4:f5:c1:68:28:3c:39:c3:3d:
                    18:1d:b5:b9:6d:4e:d8:bc:b5:66:dc:54:21:1a:8a:
                    ee:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:22:94:74:D4:A6:24:1B:70:53:BF:05:22:22:22:D9:0D:EA:BD:CC
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:5d:1e:06:61:96:99:75:43:f9:d8:cd:fc:24:c3:b4:d0:25:
         ed:2a:79:7d:88:17:2b:35:37:76:e1:71:97:52:2c:56:44:12:
         a1:f2:07:85:f0:5f:6d:96:81:79:70:c1:e5:ee:90:44:3d:e9:
         6e:ef:ac:fd:74:8a:32:3f:cb:34:9a:6b:9a:ab:a5:3b:82:a7:
         68:47:fe:69:fe:19:18:d4:37:a0:f5:1d:90:a2:a9:ce:3a:0e:
         7d:68:7e:da:b0:cc:3d:0b:7a:6b:b3:1e:7b:f4:e2:ee:38:ec:
         80:d6:bc:50:fd:9f:9d:c5:7b:06:ed:48:38:ef:17:c9:74:54:
         fa:9a:b4:2d:4d:c6:ad:ba:b5:43:fa:1c:c2:15:d4:cc:d1:98:
         14:4a:03:92:4d:d4:bc:40:b8:8d:ce:69:f4:48:9b:b2:8a:06:
         7f:03:21:cf:a0:0b:d8:d8:43:41:2c:54:de:f9:e4:50:84:ff:
         a3:b1:f9:9c:ec:87:cd:37:11:e6:c9:f6:2d:09:df:49:64:27:
         3c:f4:73:50:5b:bf:34:85:c7:7e:6d:62:6d:6f:dd:c8:06:f3:
         09:d0:3d:fe:4e:6b:32:1b:6a:95:96:f8:27:5a:44:2f:39:ee:
         38:c1:b7:82:25:00:65:58:b8:df:1c:b6:40:65:e8:50:90:59:
         c2:8a:df:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbbh7kw+TNY3gYsNd7v6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUwNDMwMTYwMDM2WhcNMjUwNTAxMTYwMDM2WjAzMTEwLwYDVQQD
EyhhODIyOTQ3NGQ0YTYyNDFiNzA1M2JmMDUyMjIyMjJkOTBkZWFiZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRDxkQiTaMNDx1ZzTraxNaugH7M2
nwxkoBAxUGmUF6axQb+CeEjL1sG9Um5S7j5gtm98Du2IfGWSd2dAFXgpUU7d+wVT
C8p0Fqznx/ggcMZ4LYpollHb/37xbQ0qqjh4/iPZLf9ItT71rP/79HVneU1iu8qI
+7AjHCvlP6JNkvAbUda/jS+gmPmclYoEpA5TaTL7HDVvNIs6hnpVURvAUirBAks4
2RZaQP6kh8bDgKVdvLjvW90rC7KPBIwG/c91rOj1hc12X2Re7TOtCtPDiZH4SSTn
Pb2V/3EuvqZICEUsEhWeCtO09cFoKDw5wz0YHbW5bU7YvLVm3FQhGoruOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgilHTUpiQbcFO/BSIiItkN6r3MMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYl0eBmGW
mXVD+djN/CTDtNAl7Sp5fYgXKzU3duFxl1IsVkQSofIHhfBfbZaBeXDB5e6QRD3p
bu+s/XSKMj/LNJprmqulO4KnaEf+af4ZGNQ3oPUdkKKpzjoOfWh+2rDMPQt6a7Me
e/Ti7jjsgNa8UP2fncV7Bu1IOO8XyXRU+pq0LU3Grbq1Q/ocwhXUzNGYFEoDkk3U
vEC4jc5p9EibsooGfwMhz6AL2NhDQSxU3vnkUIT/o7H5nOyHzTcR5sn2LQnfSWQn
PPRzUFu/NIXHfm1ibW/dyAbzCdA9/k5rMhtqlZb4J1pELznuOMG3giUAZVi43xy2
QGXoUJBZworfMQ==
-----END CERTIFICATE-----