Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
File:                     2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft (raw, json)
Hash identifier:          PS42SaesNMprJamdhrqUqLWu9LW9OjSFxSw+AuMdpeA=
Subject key identifier:   F3:F5:C5:BF:09:A4:32:56:32:78:69:AF:AF:98:EB:7E:FA:7E:2E:BD
Authority key identifier: DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F
Certificate issuer:       /CN=dae57631f60adb13f0ae368671ce0f8742f5977f
Certificate serial:       019678316767F1C55E3F1CDAE48FB0504157
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 17:00:25 +0000
Manifest this update:     Sun 27 Apr 2025 17:00:25 +0000
Manifest next update:     Mon 28 Apr 2025 17:00:25 +0000
Files and hashes:         1: 2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl (hash: 7K0ZJKG2Vf+C4a1sXI34vOVFdvepoVHtYWXLh+YGuU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:31:67:67:f1:c5:5e:3f:1c:da:e4:8f:b0:50:41:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dae57631f60adb13f0ae368671ce0f8742f5977f
        Validity
            Not Before: Apr 27 17:00:25 2025 GMT
            Not After : Apr 28 17:00:25 2025 GMT
        Subject: CN=f3f5c5bf09a43256327869afaf98eb7efa7e2ebd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:16:2d:0b:33:bf:7b:f8:69:b6:96:6f:60:69:
                    d0:84:5b:42:b8:9d:2c:66:ad:b3:f8:09:27:1f:ce:
                    ed:18:ae:47:43:a9:66:5d:44:59:30:bb:e9:7e:1b:
                    e3:7e:c6:cb:8d:52:c3:79:5f:30:ae:e4:c0:89:81:
                    7e:97:c0:19:b7:d4:8f:10:0d:ab:3a:34:cf:9f:65:
                    a4:7f:72:34:dd:28:29:1e:28:1c:33:e8:bf:4d:4e:
                    59:e2:ef:18:23:09:94:b2:83:9c:bb:25:9f:a2:89:
                    bb:d7:b4:53:de:a1:c3:8e:07:f4:99:6e:bf:f6:86:
                    9d:6b:97:f5:3d:39:75:9d:2c:65:af:5c:1a:44:34:
                    60:04:26:af:fe:cc:a0:8b:df:31:d7:32:4e:33:ef:
                    50:35:87:57:a1:e5:ce:10:fd:e8:5c:60:2e:5c:c6:
                    fe:26:c0:18:ae:bd:a7:d9:38:e4:b1:9e:6f:57:1c:
                    06:e7:5a:10:64:7e:e7:04:dc:a4:8d:59:7f:94:88:
                    b2:e1:ea:0b:2c:9a:4a:6f:fd:66:41:6c:d4:3c:e9:
                    bf:24:3a:27:ce:b0:a1:89:dd:35:d3:81:5d:ff:72:
                    06:ac:45:6f:c3:13:56:a6:15:f8:b1:56:8e:56:6b:
                    fc:3b:6b:6c:cf:cd:20:30:18:ae:5d:0b:f3:8a:69:
                    d2:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:F5:C5:BF:09:A4:32:56:32:78:69:AF:AF:98:EB:7E:FA:7E:2E:BD
            X509v3 Authority Key Identifier:
                keyid:DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:f7:a9:5d:4e:3b:38:ba:cc:f5:79:f2:4d:c6:b8:f8:9a:49:
         58:c9:65:46:e6:a4:02:4f:57:7a:c2:e5:06:ed:3d:81:6c:67:
         93:48:95:55:78:3e:48:63:e7:5e:ba:9a:d2:98:d6:39:33:f7:
         04:f7:44:83:ad:a9:1a:9c:c4:98:96:f7:5d:b3:34:6b:1c:0b:
         b2:37:bd:9a:c5:f1:8b:17:ea:2d:b5:c7:d1:4c:88:0d:c9:06:
         32:14:92:78:e2:9c:5c:ad:b3:51:6c:72:83:e1:d0:23:5c:ae:
         12:e7:e1:49:b7:f7:60:e0:a3:72:e1:56:5d:e0:ba:d1:1a:14:
         93:e4:86:81:88:b6:bb:87:58:e0:64:62:af:7d:b1:ac:b7:fb:
         4c:6c:cf:f3:4d:f2:7b:a2:e0:60:5f:c7:12:15:de:6b:60:c8:
         8b:44:31:d8:1f:1a:8b:44:6a:52:fb:69:94:3e:8a:3a:cd:a4:
         e8:e3:dc:d5:a7:15:c5:50:bb:0b:38:ad:e8:64:4c:fd:85:79:
         d0:06:3e:c7:5d:c4:cf:91:10:1d:7b:d3:00:e2:f9:ec:c6:b4:
         5e:1f:8b:b0:7c:6e:d8:8e:54:81:74:d9:68:61:c9:d3:8b:d8:
         d6:06:f0:fe:8e:08:d7:e7:9e:f6:c5:3e:d2:a9:d9:9c:5c:d9:
         b8:8d:97:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4MWdn8cVePxza5I+wUEFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU3NjMxZjYwYWRiMTNmMGFlMzY4NjcxY2UwZjg3NDJm
NTk3N2YwHhcNMjUwNDI3MTcwMDI1WhcNMjUwNDI4MTcwMDI1WjAzMTEwLwYDVQQD
EyhmM2Y1YzViZjA5YTQzMjU2MzI3ODY5YWZhZjk4ZWI3ZWZhN2UyZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhYtCzO/e/hptpZvYGnQhFtCuJ0s
Zq2z+AknH87tGK5HQ6lmXURZMLvpfhvjfsbLjVLDeV8wruTAiYF+l8AZt9SPEA2r
OjTPn2Wkf3I03SgpHigcM+i/TU5Z4u8YIwmUsoOcuyWfoom717RT3qHDjgf0mW6/
9oada5f1PTl1nSxlr1waRDRgBCav/sygi98x1zJOM+9QNYdXoeXOEP3oXGAuXMb+
JsAYrr2n2TjksZ5vVxwG51oQZH7nBNykjVl/lIiy4eoLLJpKb/1mQWzUPOm/JDon
zrChid0104Fd/3IGrEVvwxNWphX4sVaOVmv8O2tsz80gMBiuXQvzimnSBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPP1xb8JpDJWMnhpr6+Y6376fi69MB8GA1UdIwQY
MBaAFNrldjH2CtsT8K42hnHOD4dC9Zd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEt
NDM5ZjM2ZTE2NTNhLzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEtNDM5ZjM2ZTE2NTNh
LzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfepXU47
OLrM9XnyTca4+JpJWMllRuakAk9XesLlBu09gWxnk0iVVXg+SGPnXrqa0pjWOTP3
BPdEg62pGpzEmJb3XbM0axwLsje9msXxixfqLbXH0UyIDckGMhSSeOKcXK2zUWxy
g+HQI1yuEufhSbf3YOCjcuFWXeC60RoUk+SGgYi2u4dY4GRir32xrLf7TGzP803y
e6LgYF/HEhXea2DIi0Qx2B8ai0RqUvtplD6KOs2k6OPc1acVxVC7Czit6GRM/YV5
0AY+x13Ez5EQHXvTAOL57Ma0Xh+LsHxu2I5UgXTZaGHJ04vY1gbw/o4I1+ee9sU+
0qnZnFzZuI2XxQ==
-----END CERTIFICATE-----