Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
File:                     tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json)
Hash identifier:          bs4A0LxgFoLmIsNzL9I8UHuXjsJXxKFWPZMhAeTAq2c=
Subject key identifier:   1B:11:DC:31:EF:55:25:7A:94:81:00:96:3B:AA:34:8F:F6:65:89:A4
Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F
Certificate issuer:       /CN=b56daa6f850414a13f650df094506628a46dc12f
Certificate serial:       019673795BB69607078F956233AD37770789
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
Manifest number:          1009
Signing time:             Sat 26 Apr 2025 19:00:55 +0000
Manifest this update:     Sat 26 Apr 2025 19:00:55 +0000
Manifest next update:     Sun 27 Apr 2025 19:00:55 +0000
Files and hashes:         1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: dQEXhMLnPvLkCFesjKjN5GBetRvvr0pt6AOssdRMF4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 19:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:73:79:5b:b6:96:07:07:8f:95:62:33:ad:37:77:07:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f
        Validity
            Not Before: Apr 26 19:00:55 2025 GMT
            Not After : Apr 27 19:00:55 2025 GMT
        Subject: CN=1b11dc31ef55257a948100963baa348ff66589a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:d3:8d:0c:43:58:07:43:2b:af:0d:7b:10:90:
                    12:1a:44:cd:0f:19:cd:17:b0:d2:76:6b:85:f1:fb:
                    d6:ef:a9:84:1b:30:46:f5:8a:68:fc:f4:c0:ed:52:
                    c5:6b:29:84:4a:f1:3d:ba:6a:14:a7:64:73:22:82:
                    f5:b6:91:da:b0:6d:c9:0f:dc:9e:aa:1d:2d:9e:e1:
                    29:ec:87:58:d8:1c:20:e7:2e:ba:af:fb:f4:94:97:
                    8e:fb:6a:19:60:50:11:7f:d0:b1:01:b7:3d:ef:70:
                    46:11:d6:5b:8a:bb:a9:db:e5:e0:10:78:06:92:fc:
                    fd:55:b3:7c:5c:29:6c:9e:c1:2a:c2:35:e5:aa:ef:
                    f4:63:3c:95:28:0b:c1:89:7c:87:6b:5e:23:0e:fe:
                    40:c7:c5:78:67:e6:6e:f5:0f:9b:2b:b6:46:9f:f0:
                    f2:fe:15:36:f9:b7:ba:35:66:5a:55:01:6b:77:ed:
                    ee:c2:e6:a6:27:a9:59:a5:de:f3:c6:9c:90:99:d2:
                    6a:95:61:5c:b5:e4:39:4e:59:32:eb:c4:fa:3b:81:
                    a3:92:4a:c6:e3:35:0c:e6:ad:bd:af:88:dd:1a:4e:
                    bf:77:c2:ae:9c:41:0d:60:7d:f4:52:43:59:3e:a0:
                    69:14:ca:7e:4b:e8:d6:8f:dc:02:9e:2d:c2:dc:3a:
                    b2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:11:DC:31:EF:55:25:7A:94:81:00:96:3B:AA:34:8F:F6:65:89:A4
            X509v3 Authority Key Identifier:
                keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:f7:25:00:a7:00:7a:a8:cb:cc:b5:27:fd:a1:e2:91:cf:4f:
         b6:ae:a2:82:47:ed:e0:cc:13:2a:e3:a6:8d:21:97:4c:0f:5f:
         b0:9d:32:60:76:54:72:6f:8a:c0:ed:d5:7f:8e:f4:ee:7d:ad:
         10:b6:3a:c2:1e:00:b4:e3:fc:6e:a9:58:56:d3:12:fd:d0:9c:
         49:bf:73:4d:a4:ee:46:e6:1c:f9:63:90:d3:80:09:24:a3:8a:
         6e:cd:16:84:83:a9:3c:b6:32:fb:f4:b0:d3:ae:a8:f9:66:b0:
         13:63:37:0f:54:8a:bc:7d:2f:06:4e:f9:93:cb:57:69:52:3b:
         bd:b5:f4:dc:4d:18:d6:6c:e7:a1:0e:c6:31:75:9b:b8:32:c0:
         29:31:8a:42:61:c2:87:b1:fa:8e:16:28:63:e9:4a:69:57:91:
         27:75:52:2e:9d:60:2f:c2:e9:fb:ac:c7:2f:0e:f0:18:a7:2a:
         bd:82:7c:09:62:f2:ad:b9:26:fe:5f:57:76:4f:bf:4c:1f:18:
         4f:03:2d:f1:af:81:3b:bc:80:83:41:d5:96:99:43:23:31:f3:
         9f:d9:ab:9b:71:66:54:ab:ae:7c:03:78:99:ed:2c:82:fe:a8:
         1e:c3:6d:e9:a2:0d:e8:cd:e1:57:45:fa:d5:7b:6f:e6:e1:e5:
         06:b0:39:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZzeVu2lgcHj5ViM603dweJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2
ZGMxMmYwHhcNMjUwNDI2MTkwMDU1WhcNMjUwNDI3MTkwMDU1WjAzMTEwLwYDVQQD
EygxYjExZGMzMWVmNTUyNTdhOTQ4MTAwOTYzYmFhMzQ4ZmY2NjU4OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NONDENYB0Mrrw17EJASGkTNDxnN
F7DSdmuF8fvW76mEGzBG9Ypo/PTA7VLFaymESvE9umoUp2RzIoL1tpHasG3JD9ye
qh0tnuEp7IdY2Bwg5y66r/v0lJeO+2oZYFARf9CxAbc973BGEdZbirup2+XgEHgG
kvz9VbN8XClsnsEqwjXlqu/0YzyVKAvBiXyHa14jDv5Ax8V4Z+Zu9Q+bK7ZGn/Dy
/hU2+be6NWZaVQFrd+3uwuamJ6lZpd7zxpyQmdJqlWFcteQ5Tlky68T6O4GjkkrG
4zUM5q29r4jdGk6/d8KunEENYH30UkNZPqBpFMp+S+jWj9wCni3C3DqyCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsR3DHvVSV6lIEAljuqNI/2ZYmkMB8GA1UdIwQY
MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt
ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm
LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt/clAKcA
eqjLzLUn/aHikc9Ptq6igkft4MwTKuOmjSGXTA9fsJ0yYHZUcm+KwO3Vf4707n2t
ELY6wh4AtOP8bqlYVtMS/dCcSb9zTaTuRuYc+WOQ04AJJKOKbs0WhIOpPLYy+/Sw
066o+WawE2M3D1SKvH0vBk75k8tXaVI7vbX03E0Y1mznoQ7GMXWbuDLAKTGKQmHC
h7H6jhYoY+lKaVeRJ3VSLp1gL8Lp+6zHLw7wGKcqvYJ8CWLyrbkm/l9Xdk+/TB8Y
TwMt8a+BO7yAg0HVlplDIzHzn9mrm3FmVKuufAN4me0sgv6oHsNt6aIN6M3hV0X6
1Xtv5uHlBrA5Tw==
-----END CERTIFICATE-----