Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
File:                     2_9h1cWObqbsXPfubPNTpmOxs6g.mft (raw, json)
Hash identifier:          isvenXojLfR4p4gp4dG0rDfo1LehiFYbWCBGh7D3SYA=
Subject key identifier:   F6:5B:74:21:38:F2:D5:9B:55:96:3A:EB:6B:11:DF:ED:64:6B:6F:CF
Authority key identifier: DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8
Certificate issuer:       /CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
Certificate serial:       0196808FA6D309AB31862D53178AA174EFCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
Manifest number:          013A
Signing time:             Tue 29 Apr 2025 08:00:19 +0000
Manifest this update:     Tue 29 Apr 2025 08:00:19 +0000
Manifest next update:     Wed 30 Apr 2025 08:00:19 +0000
Files and hashes:         1: 2_9h1cWObqbsXPfubPNTpmOxs6g.crl (hash: IZYL3dgvNIM4V7JuNn+bQATVQtTTihs31RvIjU1kPVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 08:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:8f:a6:d3:09:ab:31:86:2d:53:17:8a:a1:74:ef:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
        Validity
            Not Before: Apr 29 08:00:19 2025 GMT
            Not After : Apr 30 08:00:19 2025 GMT
        Subject: CN=f65b742138f2d59b55963aeb6b11dfed646b6fcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:30:8a:18:c1:3c:b0:a4:f9:78:cf:e6:b2:df:
                    41:98:7c:6b:17:cc:bd:c3:11:6b:6d:13:ab:c6:fa:
                    ce:e2:ca:cc:22:0f:e6:e5:79:4a:7e:44:57:49:b0:
                    64:00:32:a6:a4:ae:02:0b:bc:0f:ee:5d:d1:00:85:
                    ae:37:73:86:69:a5:00:43:ff:47:96:13:34:68:50:
                    5f:a3:f0:e3:a2:97:58:b6:02:83:71:4e:26:9b:cf:
                    b2:b9:fa:b6:0f:f0:22:d9:24:ab:44:5e:e4:c7:1f:
                    81:42:a7:96:e4:9e:fb:3f:10:09:1a:e9:62:a1:8c:
                    a8:7e:48:09:ae:36:3d:0f:69:6f:07:63:ba:55:91:
                    27:3b:5b:9f:fc:eb:ce:95:ed:7b:ff:90:8e:73:ed:
                    27:ea:6f:70:8d:1b:ff:0a:6d:17:a2:ae:e1:4b:4e:
                    4b:51:7d:86:43:c1:0c:7f:b3:48:e4:3b:04:af:a7:
                    0c:cc:2d:77:b6:57:2c:82:13:28:3f:49:58:dc:7e:
                    3b:3d:fc:8e:0e:79:e7:6a:8d:63:ae:8d:45:16:ad:
                    86:f4:da:b0:fc:24:ae:bb:5f:e0:8d:09:23:e8:38:
                    cf:8e:8c:ad:8d:89:f0:b9:b3:44:e4:49:24:7a:2d:
                    66:17:01:b2:f9:0d:92:be:5a:f9:31:cb:de:8b:0d:
                    63:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:5B:74:21:38:F2:D5:9B:55:96:3A:EB:6B:11:DF:ED:64:6B:6F:CF
            X509v3 Authority Key Identifier:
                keyid:DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:da:dd:d2:4a:93:7f:30:ef:e8:19:23:c5:15:c5:1e:7a:12:
         ad:9c:2f:3c:b7:9d:00:5e:1f:2d:6a:5c:35:95:e2:0d:7c:4d:
         0a:35:30:ca:ee:77:03:19:ca:d3:71:4b:d8:8b:80:21:c9:d6:
         6c:c9:12:02:e8:e7:bc:97:ca:b4:e3:74:1f:38:f0:8a:bf:34:
         98:df:29:fc:04:ab:87:c7:86:6f:f8:35:a8:69:15:b4:2f:a1:
         bc:85:32:b4:df:4d:ba:cd:15:83:45:78:92:10:32:35:fd:b6:
         be:ce:3c:ee:31:d4:11:ce:23:86:db:d5:25:9d:ba:52:17:42:
         ee:1e:c7:cc:bf:62:26:84:3d:09:ab:d2:ea:8a:6d:aa:2e:3c:
         67:34:a0:34:a3:54:e4:ae:65:4a:c4:4b:01:77:28:9e:2d:8a:
         f6:6e:ab:5e:59:1e:b7:69:18:48:1c:34:94:8b:7c:f4:cd:f9:
         58:89:54:63:14:3b:a1:9b:7b:6f:18:c3:eb:bb:0b:90:c3:79:
         e3:27:d1:99:13:60:a9:f0:c9:96:13:57:ca:9a:ac:ef:f8:80:
         85:ee:ec:83:7d:f4:09:3a:47:2d:33:ff:3f:6f:60:82:f8:83:
         bc:a5:f4:d6:a2:9c:ea:64:32:2e:02:c4:a9:61:c6:52:88:6e:
         12:23:e4:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAj6bTCasxhi1TF4qhdO/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmY2MWQ1YzU4ZTZlYTZlYzVjZjdlZTZjZjM1M2E2NjNi
MWIzYTgwHhcNMjUwNDI5MDgwMDE5WhcNMjUwNDMwMDgwMDE5WjAzMTEwLwYDVQQD
EyhmNjViNzQyMTM4ZjJkNTliNTU5NjNhZWI2YjExZGZlZDY0NmI2ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzCKGME8sKT5eM/mst9BmHxrF8y9
wxFrbROrxvrO4srMIg/m5XlKfkRXSbBkADKmpK4CC7wP7l3RAIWuN3OGaaUAQ/9H
lhM0aFBfo/DjopdYtgKDcU4mm8+yufq2D/Ai2SSrRF7kxx+BQqeW5J77PxAJGuli
oYyofkgJrjY9D2lvB2O6VZEnO1uf/OvOle17/5COc+0n6m9wjRv/Cm0Xoq7hS05L
UX2GQ8EMf7NI5DsEr6cMzC13tlcsghMoP0lY3H47PfyODnnnao1jro1FFq2G9Nqw
/CSuu1/gjQkj6DjPjoytjYnwubNE5Ekkei1mFwGy+Q2Svlr5Mcveiw1jTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZbdCE48tWbVZY662sR3+1ka2/PMB8GA1UdIwQY
MBaAFNv/YdXFjm6m7Fz37mzzU6ZjsbOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMt
YjhiMzZmODk1NmI3LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMtYjhiMzZmODk1NmI3
LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABdrd0kqT
fzDv6BkjxRXFHnoSrZwvPLedAF4fLWpcNZXiDXxNCjUwyu53AxnK03FL2IuAIcnW
bMkSAujnvJfKtON0Hzjwir80mN8p/ASrh8eGb/g1qGkVtC+hvIUytN9Nus0Vg0V4
khAyNf22vs487jHUEc4jhtvVJZ26UhdC7h7HzL9iJoQ9CavS6optqi48ZzSgNKNU
5K5lSsRLAXconi2K9m6rXlket2kYSBw0lIt89M35WIlUYxQ7oZt7bxjD67sLkMN5
4yfRmRNgqfDJlhNXypqs7/iAhe7sg330CTpHLTP/P29ggviDvKX01qKc6mQyLgLE
qWHGUohuEiPkfA==
-----END CERTIFICATE-----