Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          89+SDE5jOYqGOUYR+lePQPIjGvMtej2BTvjeg9keTeo=
Subject key identifier:   2F:A9:1A:76:64:7A:FD:D8:24:BA:95:A7:52:CB:19:34:D1:3F:C3:6B
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       0196767A5FEA717FC132A7759C44A5B11295
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 09:00:53 +0000
Manifest this update:     Sun 27 Apr 2025 09:00:53 +0000
Manifest next update:     Mon 28 Apr 2025 09:00:53 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: f3zRJEPX6bHYzzZbGeX1JMVMEygCs4cIXs6B3+nY1QE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:5f:ea:71:7f:c1:32:a7:75:9c:44:a5:b1:12:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Apr 27 09:00:53 2025 GMT
            Not After : Apr 28 09:00:53 2025 GMT
        Subject: CN=2fa91a76647afdd824ba95a752cb1934d13fc36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ac:ac:bf:52:f1:13:c8:fc:21:f1:c9:cd:f8:
                    f5:8a:5b:b2:f5:7d:6b:cf:c7:2f:fc:1a:de:c0:e5:
                    13:d4:ea:f2:20:85:d7:2a:5d:34:eb:96:ef:b8:3d:
                    e0:fc:4f:08:2a:c8:11:ef:23:1b:d7:70:39:4e:17:
                    7f:c6:4e:c4:0f:ac:dc:48:8f:13:2a:b0:3a:e3:7b:
                    65:45:56:a4:fb:2d:86:0e:9d:74:47:36:73:c1:43:
                    81:49:5b:d8:27:ff:1b:5b:f8:11:1e:65:46:88:e7:
                    1e:9d:a1:27:52:78:f2:62:d3:0b:6a:fe:2d:7f:01:
                    c2:04:c0:a0:b9:2b:2c:05:a2:88:be:a5:1f:f0:b8:
                    b2:0d:92:2f:52:58:77:38:de:fd:05:5b:76:dd:12:
                    76:86:52:d3:77:68:54:19:eb:84:d3:8f:6d:2d:8e:
                    fe:68:e3:68:76:06:23:02:24:c8:c4:4b:0c:ac:d8:
                    fb:ab:10:3a:dc:4e:fb:95:89:5b:7e:97:f6:37:94:
                    b3:6a:63:af:9b:d1:fe:9d:4a:39:f7:ba:73:2f:d8:
                    5a:d3:7f:57:30:78:4b:bb:dd:8b:6d:2a:07:d8:2c:
                    53:6f:e4:64:75:a1:a0:8e:3e:24:ea:b2:e8:f8:8c:
                    fa:5a:a2:50:8d:05:e2:4f:07:9b:d7:4a:b8:e1:5f:
                    eb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A9:1A:76:64:7A:FD:D8:24:BA:95:A7:52:CB:19:34:D1:3F:C3:6B
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:fb:82:ac:be:ce:22:26:82:b0:c5:c3:1e:75:bd:65:62:4e:
         c7:94:9b:d3:ea:be:96:c8:bb:fa:7d:0e:d9:22:71:da:fd:65:
         e8:70:89:7d:48:6d:c8:e0:95:05:29:5d:a3:75:ec:87:37:d5:
         ae:96:66:c0:c0:83:8e:2a:f4:de:83:38:cd:e7:9e:91:a4:ac:
         ec:fa:37:b7:4c:cb:6e:29:ce:6d:be:3f:c6:24:12:d0:34:b3:
         b7:cf:13:ed:03:61:e5:f3:f4:96:00:04:d4:22:9d:6d:9b:65:
         f1:32:fc:75:5d:4f:de:48:a3:bc:58:51:51:76:bd:3a:a3:9d:
         74:6b:e5:99:bf:2d:89:65:37:a1:ed:02:4a:5f:7c:ff:43:13:
         69:15:de:77:4b:24:56:88:5d:70:f5:3b:c9:e4:4d:88:40:9d:
         ed:10:ab:bf:46:1b:40:1b:1a:31:89:02:47:d0:1c:a8:f7:1f:
         b0:7b:fc:69:41:06:cf:fd:54:f9:da:49:11:04:38:b5:66:03:
         06:85:65:c4:d8:0b:29:ba:21:b5:de:4e:7e:de:3e:83:fd:d4:
         8a:60:c6:a1:0a:27:7c:af:ba:0c:3e:eb:67:52:a5:d5:8a:63:
         bc:7c:04:a1:4b:8e:91:90:73:5b:98:49:2f:ef:fd:51:f7:4c:
         a0:76:d4:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2el/qcX/BMqd1nESlsRKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjUwNDI3MDkwMDUzWhcNMjUwNDI4MDkwMDUzWjAzMTEwLwYDVQQD
EygyZmE5MWE3NjY0N2FmZGQ4MjRiYTk1YTc1MmNiMTkzNGQxM2ZjMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6ysv1LxE8j8IfHJzfj1iluy9X1r
z8cv/BrewOUT1OryIIXXKl0065bvuD3g/E8IKsgR7yMb13A5Thd/xk7ED6zcSI8T
KrA643tlRVak+y2GDp10RzZzwUOBSVvYJ/8bW/gRHmVGiOcenaEnUnjyYtMLav4t
fwHCBMCguSssBaKIvqUf8LiyDZIvUlh3ON79BVt23RJ2hlLTd2hUGeuE049tLY7+
aONodgYjAiTIxEsMrNj7qxA63E77lYlbfpf2N5SzamOvm9H+nUo597pzL9ha039X
MHhLu92LbSoH2CxTb+RkdaGgjj4k6rLo+Iz6WqJQjQXiTweb10q44V/rZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+pGnZkev3YJLqVp1LLGTTRP8NrMB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAavuCrL7O
IiaCsMXDHnW9ZWJOx5Sb0+q+lsi7+n0O2SJx2v1l6HCJfUhtyOCVBSldo3XshzfV
rpZmwMCDjir03oM4zeeekaSs7Po3t0zLbinObb4/xiQS0DSzt88T7QNh5fP0lgAE
1CKdbZtl8TL8dV1P3kijvFhRUXa9OqOddGvlmb8tiWU3oe0CSl98/0MTaRXed0sk
VohdcPU7yeRNiECd7RCrv0YbQBsaMYkCR9AcqPcfsHv8aUEGz/1U+dpJEQQ4tWYD
BoVlxNgLKbohtd5Oft4+g/3UimDGoQonfK+6DD7rZ1Kl1YpjvHwEoUuOkZBzW5hJ
L+/9UfdMoHbUkg==
-----END CERTIFICATE-----