Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          +lYBy1BHp3kfZTh3kgy7QJjHAIjkvMfA+nsI1k9SFek=
Subject key identifier:   8B:1B:14:D1:F8:C2:C3:48:17:C0:A7:AF:45:4E:00:9C:A6:42:FD:0D
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       0196760C5105CA37B772407D19B87BE66552
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          150D
Signing time:             Sun 27 Apr 2025 07:00:40 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:40 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:40 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: ElzNn1gXDJVoERsy6XWKSLtDJzjOmPdkGBarUjRowVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:51:05:ca:37:b7:72:40:7d:19:b8:7b:e6:65:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Apr 27 07:00:40 2025 GMT
            Not After : Apr 28 07:00:40 2025 GMT
        Subject: CN=8b1b14d1f8c2c34817c0a7af454e009ca642fd0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:69:ae:fd:ac:9c:c1:d8:72:22:2f:1f:48:bc:
                    06:28:2d:4a:de:8a:b1:f5:0b:8d:58:28:88:28:b5:
                    87:7f:a9:92:12:38:7e:d6:b9:f7:57:9e:cf:36:d4:
                    ab:f4:28:5b:23:21:46:96:52:43:fd:5a:de:e9:0f:
                    c8:ae:51:ce:86:1a:21:83:16:b1:85:f3:70:55:aa:
                    74:81:22:8e:94:2a:f0:90:7e:65:db:76:4e:e7:01:
                    15:a4:cf:b1:1a:77:02:15:b3:9a:49:8b:4f:03:3e:
                    84:02:a4:9f:e0:e6:4c:d9:78:a4:49:d8:c1:6f:a6:
                    62:08:d9:b2:53:99:58:df:93:cf:c7:b0:5b:f1:84:
                    91:1d:0c:79:92:eb:04:66:64:2b:e1:ff:e2:8b:2a:
                    c5:8d:17:df:76:1f:90:a6:12:02:42:1e:3b:c6:3e:
                    6e:42:da:9e:e3:60:da:1d:de:2c:09:59:f3:c2:be:
                    1a:a8:27:d1:5f:03:0b:2f:95:e7:78:b5:ae:b6:91:
                    ac:40:9f:a1:36:92:fa:aa:4e:74:6b:ed:b7:9d:4a:
                    e9:1d:b4:b0:53:dc:d9:4d:5d:46:9e:04:95:fb:80:
                    37:81:37:f3:c8:5f:36:a6:1c:69:55:03:57:0b:46:
                    55:ec:0c:4b:9b:d2:ca:e8:ad:14:80:c9:8a:90:46:
                    6c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:1B:14:D1:F8:C2:C3:48:17:C0:A7:AF:45:4E:00:9C:A6:42:FD:0D
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:2b:0e:8b:a0:5f:5c:71:34:41:38:6f:96:05:74:ea:4b:4d:
         e7:71:18:8c:ed:62:57:a4:d4:f4:f7:26:16:f7:20:0b:c2:b9:
         9f:fd:a9:d9:a6:0a:5a:34:18:2e:65:45:85:8b:64:56:5e:29:
         5e:b1:bb:67:76:0c:5b:16:5c:d1:a7:8d:c7:3f:77:9e:d8:9f:
         82:54:96:57:2e:1d:ad:34:d3:33:9f:bb:59:03:9a:78:09:86:
         ba:3c:87:7b:08:1f:02:ea:bd:c0:71:36:4a:22:d6:29:dd:04:
         e1:51:a1:05:f9:bd:4a:7a:96:26:d5:34:8f:41:fb:70:3b:6b:
         25:09:ca:02:0b:b0:ef:ff:cb:2a:2b:3c:09:63:0e:0e:bc:ba:
         41:9c:28:aa:ca:36:98:15:ea:00:2a:47:cf:7a:10:e8:d8:5b:
         96:7d:0d:1d:6f:c8:2c:2c:2b:86:f4:c9:60:62:44:61:ab:5f:
         7f:10:74:08:c3:f7:74:d8:96:a1:30:48:2c:7d:3b:e4:95:a7:
         e9:f9:7e:c5:a2:a2:02:80:8a:fa:c1:9a:10:a4:4f:51:e2:24:
         d2:7c:84:73:1e:a1:cb:00:62:af:a2:be:49:73:b9:e5:26:ef:
         2c:39:20:bd:ee:9a:c8:3c:2d:10:e1:ce:f8:72:87:18:09:42:
         da:7c:b4:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DFEFyje3ckB9Gbh75mVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwNDI3MDcwMDQwWhcNMjUwNDI4MDcwMDQwWjAzMTEwLwYDVQQD
Eyg4YjFiMTRkMWY4YzJjMzQ4MTdjMGE3YWY0NTRlMDA5Y2E2NDJmZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWmu/aycwdhyIi8fSLwGKC1K3oqx
9QuNWCiIKLWHf6mSEjh+1rn3V57PNtSr9ChbIyFGllJD/Vre6Q/IrlHOhhohgxax
hfNwVap0gSKOlCrwkH5l23ZO5wEVpM+xGncCFbOaSYtPAz6EAqSf4OZM2XikSdjB
b6ZiCNmyU5lY35PPx7Bb8YSRHQx5kusEZmQr4f/iiyrFjRffdh+QphICQh47xj5u
Qtqe42DaHd4sCVnzwr4aqCfRXwMLL5XneLWutpGsQJ+hNpL6qk50a+23nUrpHbSw
U9zZTV1GngSV+4A3gTfzyF82phxpVQNXC0ZV7AxLm9LK6K0UgMmKkEZsWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsbFNH4wsNIF8Cnr0VOAJymQv0NMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACysOi6Bf
XHE0QThvlgV06ktN53EYjO1iV6TU9PcmFvcgC8K5n/2p2aYKWjQYLmVFhYtkVl4p
XrG7Z3YMWxZc0aeNxz93ntifglSWVy4drTTTM5+7WQOaeAmGujyHewgfAuq9wHE2
SiLWKd0E4VGhBfm9SnqWJtU0j0H7cDtrJQnKAguw7//LKis8CWMODry6QZwoqso2
mBXqACpHz3oQ6Nhbln0NHW/ILCwrhvTJYGJEYatffxB0CMP3dNiWoTBILH075JWn
6fl+xaKiAoCK+sGaEKRPUeIk0nyEcx6hywBir6K+SXO55SbvLDkgve6ayDwtEOHO
+HKHGAlC2ny0Dg==
-----END CERTIFICATE-----