Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          YnA/Yo9CqRwDiDBsZBisCkr2AaFsXk7H9cBpEECyIVs=
Subject key identifier:   0A:3C:21:65:67:6B:09:99:3E:1E:3A:BB:B6:34:23:59:45:A0:D3:9B
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       0196876DB621DB1973FFA80E88FA51B40821
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1413
Signing time:             Wed 30 Apr 2025 16:00:36 +0000
Manifest this update:     Wed 30 Apr 2025 16:00:36 +0000
Manifest next update:     Thu 01 May 2025 16:00:36 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: xwGlf2aOW0XvJ4Qe/aCjC+doqy/7XlQgFKb6gwxHoco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6d:b6:21:db:19:73:ff:a8:0e:88:fa:51:b4:08:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Apr 30 16:00:36 2025 GMT
            Not After : May  1 16:00:36 2025 GMT
        Subject: CN=0a3c2165676b09993e1e3abbb634235945a0d39b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:60:9c:a4:fe:b0:99:50:8d:4e:ec:42:5d:d6:
                    03:18:b4:ef:b0:28:96:19:d5:e3:4c:f4:d1:57:9c:
                    9a:20:54:92:8d:3a:67:42:f2:44:16:ca:fe:71:d1:
                    b0:d5:ca:3e:da:d4:19:e2:11:89:3d:91:6e:23:07:
                    e8:93:4c:a0:08:a3:af:7f:29:dd:1b:27:4c:df:d8:
                    46:86:bd:f2:f1:4c:7c:f3:99:04:79:a7:02:fc:e4:
                    69:d7:02:17:63:03:fb:44:71:03:db:bf:1c:48:c6:
                    a9:5b:38:2a:40:c3:0c:30:02:fb:51:e4:20:38:43:
                    68:90:78:a5:ae:aa:e7:c6:61:52:e7:90:3c:89:ab:
                    ba:69:b1:de:1a:72:ef:8a:46:fa:72:76:77:10:f1:
                    03:f5:d5:07:8a:1d:83:73:03:9a:ec:8d:81:ae:ac:
                    96:f6:6b:86:10:3c:f8:12:2f:a2:12:b4:c6:46:ae:
                    1d:e6:82:be:48:21:1a:f4:16:82:24:e8:eb:87:4c:
                    eb:0e:d4:35:6f:dc:87:41:73:05:56:3c:4b:66:3e:
                    0c:8c:cd:d2:ca:4b:e2:4f:75:06:79:3e:8a:dc:64:
                    26:a3:56:6c:62:7f:0d:09:8c:79:e0:17:a0:bb:b9:
                    7c:66:5a:92:28:8b:1d:e2:92:04:3d:b0:1f:4c:e9:
                    68:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:3C:21:65:67:6B:09:99:3E:1E:3A:BB:B6:34:23:59:45:A0:D3:9B
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:b1:bc:8d:cd:ff:67:8f:63:1f:07:27:65:0d:bc:5b:ae:31:
         ab:f3:15:a6:52:e0:78:d6:7c:f1:4a:1e:f8:6a:4d:ca:6b:16:
         ff:5a:0a:d0:79:e0:71:e7:54:22:41:b6:c1:43:4a:4c:55:d0:
         b5:81:12:b1:5e:af:1c:5c:5c:db:d5:e0:f8:85:8a:5c:1c:09:
         48:09:25:f0:9d:8d:e2:1d:45:92:90:f8:e6:93:34:6a:26:b1:
         9c:3f:5c:76:48:8c:bf:46:a4:66:6a:13:95:e5:f6:93:ff:e6:
         63:03:73:ad:67:ea:e6:8b:3a:73:46:cd:9c:fd:48:e7:32:3d:
         f0:f5:25:7a:be:ac:9d:b7:da:65:77:c5:da:d9:6b:2b:12:46:
         b1:c2:3a:37:4b:da:d9:b4:70:70:e2:2c:de:d0:c7:ae:27:c8:
         28:0e:d7:dd:89:b3:11:49:3b:41:74:d0:da:d1:7c:12:d6:43:
         a9:26:fe:a5:4b:aa:6e:e1:61:ff:a5:db:57:bb:f8:3a:2a:64:
         e6:6a:51:05:ad:3d:f7:98:86:5b:15:98:42:54:b8:3d:00:70:
         64:eb:92:96:41:1f:61:31:14:e7:36:b8:38:04:ee:10:dc:0d:
         2a:20:6e:0e:cd:b8:63:6a:39:fd:cb:44:ee:be:b7:9f:1c:fb:
         31:49:e8:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbbYh2xlz/6gOiPpRtAghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUwNDMwMTYwMDM2WhcNMjUwNTAxMTYwMDM2WjAzMTEwLwYDVQQD
EygwYTNjMjE2NTY3NmIwOTk5M2UxZTNhYmJiNjM0MjM1OTQ1YTBkMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomCcpP6wmVCNTuxCXdYDGLTvsCiW
GdXjTPTRV5yaIFSSjTpnQvJEFsr+cdGw1co+2tQZ4hGJPZFuIwfok0ygCKOvfynd
GydM39hGhr3y8Ux885kEeacC/ORp1wIXYwP7RHED278cSMapWzgqQMMMMAL7UeQg
OENokHilrqrnxmFS55A8iau6abHeGnLvikb6cnZ3EPED9dUHih2DcwOa7I2BrqyW
9muGEDz4Ei+iErTGRq4d5oK+SCEa9BaCJOjrh0zrDtQ1b9yHQXMFVjxLZj4MjM3S
ykviT3UGeT6K3GQmo1ZsYn8NCYx54Begu7l8ZlqSKIsd4pIEPbAfTOloeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo8IWVnawmZPh46u7Y0I1lFoNObMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASrG8jc3/
Z49jHwcnZQ28W64xq/MVplLgeNZ88Uoe+GpNymsW/1oK0HngcedUIkG2wUNKTFXQ
tYESsV6vHFxc29Xg+IWKXBwJSAkl8J2N4h1FkpD45pM0aiaxnD9cdkiMv0akZmoT
leX2k//mYwNzrWfq5os6c0bNnP1I5zI98PUler6snbfaZXfF2tlrKxJGscI6N0va
2bRwcOIs3tDHrifIKA7X3YmzEUk7QXTQ2tF8EtZDqSb+pUuqbuFh/6XbV7v4Oipk
5mpRBa0995iGWxWYQlS4PQBwZOuSlkEfYTEU5za4OATuENwNKiBuDs24Y2o5/ctE
7r63nxz7MUno8g==
-----END CERTIFICATE-----