Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          7EVSqdXLUTAOEj5buPyAG0zrP/p3UxhhlafkP9UhEw0=
Subject key identifier:   DC:9D:04:E4:35:83:11:24:89:76:21:60:99:6A:27:E9:80:17:D0:77
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       0196C8A93303F58EFE98D2C96F162B350805
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          01C0
Signing time:             Tue 13 May 2025 08:00:53 +0000
Manifest this update:     Tue 13 May 2025 08:00:53 +0000
Manifest next update:     Wed 14 May 2025 08:00:53 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: 6JTxViMkwFfO+8lBRCtZOBinisQILQcrEP/csE7Yu04=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c8:a9:33:03:f5:8e:fe:98:d2:c9:6f:16:2b:35:08:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: May 13 08:00:53 2025 GMT
            Not After : May 14 08:00:53 2025 GMT
        Subject: CN=dc9d04e43583112489762160996a27e98017d077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:84:c0:ff:6d:d0:63:37:84:86:96:53:5b:16:
                    0f:02:54:de:c6:a7:61:62:88:e1:7a:b0:54:0a:a3:
                    f5:48:01:9a:23:f9:05:a8:0e:4f:0b:4a:7a:f9:a9:
                    89:5d:e8:c4:a3:6a:e0:69:0f:d6:c8:5a:91:18:54:
                    00:e2:a0:dd:1d:47:ea:e0:15:de:51:65:d8:f7:9c:
                    59:b9:14:4a:62:80:23:d6:eb:5e:f8:26:7e:f4:29:
                    20:8e:88:f2:f6:25:5f:88:39:c5:ad:24:c0:84:26:
                    15:60:7c:98:d5:52:6d:3e:40:62:da:1d:0e:a7:7b:
                    84:b8:7e:b4:61:13:b7:71:f7:a8:e6:d0:3c:17:02:
                    0d:5b:09:26:75:c7:f7:b1:02:34:70:8d:de:4e:4a:
                    60:95:2e:1b:c5:20:77:73:e1:b4:b1:96:c5:a3:2b:
                    fa:13:54:b2:70:71:37:ac:09:d6:47:f1:bd:46:df:
                    59:b7:7c:45:56:b3:db:0b:f4:3b:bc:6a:4d:26:77:
                    60:fe:c5:e2:fa:d2:0f:7b:66:08:9f:6e:03:23:9d:
                    e4:56:06:83:2b:70:72:e6:67:89:e3:e3:b7:4a:e5:
                    a9:64:64:d0:6c:79:4c:18:dc:a9:53:89:04:35:c3:
                    ef:23:ce:f2:67:97:e5:40:23:d9:10:77:c2:cb:e3:
                    0e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9D:04:E4:35:83:11:24:89:76:21:60:99:6A:27:E9:80:17:D0:77
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:d3:56:78:09:92:92:d2:dc:c3:b5:9c:f6:60:e6:71:dd:35:
         ec:6d:bd:aa:66:19:4b:4b:c0:96:e4:ad:e4:c9:ab:a3:64:cc:
         6a:08:7d:d8:31:c2:c5:53:79:3f:67:ad:1d:21:0a:c8:b1:47:
         9f:7a:e1:7e:6f:d8:db:2c:fd:8d:06:6e:9a:e8:ac:2f:0f:15:
         04:4d:ae:2f:57:ce:e2:23:37:f3:db:cf:be:2e:9f:c2:8d:18:
         40:bb:9b:94:e0:65:fc:0b:47:9b:9a:25:d3:16:76:67:c4:ae:
         76:6b:38:03:cf:15:90:c4:ac:7b:a1:e0:b9:f5:1a:be:cc:1b:
         79:bd:4d:5b:b1:e4:32:99:aa:83:ee:9c:5d:1b:88:19:7d:cc:
         95:30:21:fc:be:84:a3:1d:15:99:2a:83:17:97:87:52:50:7a:
         97:a6:99:66:e3:8c:8a:ea:63:17:71:ea:0e:20:e7:8a:16:8e:
         c6:c8:94:f1:03:80:1f:ba:66:68:93:55:9e:c3:99:13:69:8a:
         88:14:c6:31:d0:1a:2b:dd:95:d9:29:47:ca:c0:c1:07:f9:b6:
         10:d5:9d:fc:46:8d:c3:6b:9d:d5:ca:d7:36:2f:02:34:9c:b4:
         57:6e:12:eb:7d:30:0f:bd:3f:35:8f:e5:87:16:0a:04:42:1c:
         e6:8c:75:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbIqTMD9Y7+mNLJbxYrNQgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwNTEzMDgwMDUzWhcNMjUwNTE0MDgwMDUzWjAzMTEwLwYDVQQD
EyhkYzlkMDRlNDM1ODMxMTI0ODk3NjIxNjA5OTZhMjdlOTgwMTdkMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYTA/23QYzeEhpZTWxYPAlTexqdh
YojherBUCqP1SAGaI/kFqA5PC0p6+amJXejEo2rgaQ/WyFqRGFQA4qDdHUfq4BXe
UWXY95xZuRRKYoAj1ute+CZ+9Ckgjojy9iVfiDnFrSTAhCYVYHyY1VJtPkBi2h0O
p3uEuH60YRO3cfeo5tA8FwINWwkmdcf3sQI0cI3eTkpglS4bxSB3c+G0sZbFoyv6
E1SycHE3rAnWR/G9Rt9Zt3xFVrPbC/Q7vGpNJndg/sXi+tIPe2YIn24DI53kVgaD
K3By5meJ4+O3SuWpZGTQbHlMGNypU4kENcPvI87yZ5flQCPZEHfCy+MOJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNydBOQ1gxEkiXYhYJlqJ+mAF9B3MB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnNNWeAmS
ktLcw7Wc9mDmcd017G29qmYZS0vAluSt5Mmro2TMagh92DHCxVN5P2etHSEKyLFH
n3rhfm/Y2yz9jQZumuisLw8VBE2uL1fO4iM389vPvi6fwo0YQLublOBl/AtHm5ol
0xZ2Z8Sudms4A88VkMSse6HgufUavswbeb1NW7HkMpmqg+6cXRuIGX3MlTAh/L6E
ox0VmSqDF5eHUlB6l6aZZuOMiupjF3HqDiDnihaOxsiU8QOAH7pmaJNVnsOZE2mK
iBTGMdAaK92V2SlHysDBB/m2ENWd/EaNw2ud1crXNi8CNJy0V24S630wD70/NY/l
hxYKBEIc5ox1/g==
-----END CERTIFICATE-----