Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          04/iTUnbl5gMYcVxIkNr06NF/L1gch4LEkS4XYFTtVU=
Subject key identifier:   3A:5C:A7:C2:8E:F8:3B:75:01:AC:09:8F:7A:C6:7F:51:B6:53:09:95
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       0196BC6E65E4D7656E21662219B9A3EF122D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0940
Signing time:             Sat 10 May 2025 23:01:13 +0000
Manifest this update:     Sat 10 May 2025 23:01:13 +0000
Manifest next update:     Sun 11 May 2025 23:01:13 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: TW8rS/M6IgZvxc9KE28qFLzYS5Rssp6ClC+ao1oHCrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:6e:65:e4:d7:65:6e:21:66:22:19:b9:a3:ef:12:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: May 10 23:01:13 2025 GMT
            Not After : May 11 23:01:13 2025 GMT
        Subject: CN=3a5ca7c28ef83b7501ac098f7ac67f51b6530995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e3:65:4d:5c:7e:10:57:73:82:82:17:f9:78:
                    bb:0c:5a:d9:21:37:7a:d4:83:2d:fd:70:70:a7:fc:
                    e0:f9:61:1c:7f:01:60:ae:f7:b2:08:4c:8c:d7:80:
                    9c:ab:83:71:8f:2f:09:89:bf:27:34:e5:a5:eb:9a:
                    d8:10:dd:fa:56:67:86:bd:44:85:6e:88:15:fb:89:
                    be:b6:08:e4:c4:26:ba:f1:da:b3:bb:b7:88:db:6c:
                    0f:44:a8:6d:33:2f:f2:9a:60:5b:32:15:1f:f4:a7:
                    fd:7d:c0:8e:f5:fe:10:12:37:cc:ac:88:3e:6d:8e:
                    f9:ec:33:50:cc:0a:0b:03:90:05:18:8b:18:aa:19:
                    17:d7:3f:cd:76:49:21:c0:e5:5d:8b:c7:2c:03:57:
                    28:e8:f6:b1:b0:b5:8c:b3:28:8f:ba:cb:49:f1:da:
                    0a:c8:41:4b:3c:b0:0c:66:8b:12:5e:31:61:bd:c7:
                    8a:a9:29:9a:bf:c8:c0:34:1d:59:e1:b6:86:af:4a:
                    40:21:6e:a7:68:33:63:ab:58:1d:77:2a:9b:cf:1d:
                    c2:a7:d6:30:84:12:42:f7:f5:c2:e1:35:c7:6f:89:
                    2f:0c:e7:a4:d0:b2:13:22:3e:2f:44:d3:e9:d7:2f:
                    53:be:e3:0d:95:9c:1f:61:1a:3a:b8:5b:f7:e4:76:
                    7d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:5C:A7:C2:8E:F8:3B:75:01:AC:09:8F:7A:C6:7F:51:B6:53:09:95
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:7e:cf:34:f6:d9:a9:7e:d9:0a:dc:88:31:b5:d5:08:82:f1:
         f3:e0:7c:87:ef:47:a5:a9:c2:17:ba:d4:1d:b8:65:74:4f:a9:
         71:f2:9c:e1:c8:53:2d:30:f1:4b:96:f1:4a:b6:1e:8e:58:57:
         44:3a:bf:6c:1f:03:e0:80:11:c6:8f:2e:66:1d:b4:42:b2:a1:
         ee:e5:df:5c:48:fa:72:83:21:94:5a:5a:ec:5c:93:8a:60:87:
         bb:64:8c:1a:b6:98:20:10:b3:50:f3:f9:79:49:d1:9b:2e:c8:
         76:af:36:48:68:31:47:5b:f5:2f:c2:5d:9a:7e:b4:bc:92:b0:
         dc:7c:d0:9d:ec:9c:1d:06:2f:c5:66:01:ad:a6:66:df:31:fd:
         3b:18:4d:b3:cd:da:73:65:12:39:14:c9:96:5d:ec:f1:89:36:
         bb:d6:64:4f:a9:b9:94:27:62:b9:0c:bf:84:7f:9a:0f:2a:8a:
         da:8f:ba:92:13:b1:97:7f:73:22:7e:36:35:a2:c6:a1:e1:b5:
         70:a3:c1:24:e9:08:dd:ad:d5:67:c2:83:ec:4a:36:da:1c:2f:
         96:7f:9f:e6:2f:84:c0:29:c0:53:2f:51:46:b4:30:cc:e9:77:
         19:65:ab:b4:79:2f:2d:04:7c:2d:a0:29:fa:59:38:fc:7d:1d:
         61:dc:20:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa8bmXk12VuIWYiGbmj7xItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUwNTEwMjMwMTEzWhcNMjUwNTExMjMwMTEzWjAzMTEwLwYDVQQD
EygzYTVjYTdjMjhlZjgzYjc1MDFhYzA5OGY3YWM2N2Y1MWI2NTMwOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ONlTVx+EFdzgoIX+Xi7DFrZITd6
1IMt/XBwp/zg+WEcfwFgrveyCEyM14Ccq4Nxjy8Jib8nNOWl65rYEN36VmeGvUSF
bogV+4m+tgjkxCa68dqzu7eI22wPRKhtMy/ymmBbMhUf9Kf9fcCO9f4QEjfMrIg+
bY757DNQzAoLA5AFGIsYqhkX1z/NdkkhwOVdi8csA1co6PaxsLWMsyiPustJ8doK
yEFLPLAMZosSXjFhvceKqSmav8jANB1Z4baGr0pAIW6naDNjq1gddyqbzx3Cp9Yw
hBJC9/XC4TXHb4kvDOek0LITIj4vRNPp1y9TvuMNlZwfYRo6uFv35HZ9cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpcp8KO+Dt1AawJj3rGf1G2UwmVMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArH7PNPbZ
qX7ZCtyIMbXVCILx8+B8h+9HpanCF7rUHbhldE+pcfKc4chTLTDxS5bxSrYejlhX
RDq/bB8D4IARxo8uZh20QrKh7uXfXEj6coMhlFpa7FyTimCHu2SMGraYIBCzUPP5
eUnRmy7Idq82SGgxR1v1L8Jdmn60vJKw3HzQneycHQYvxWYBraZm3zH9OxhNs83a
c2USORTJll3s8Yk2u9ZkT6m5lCdiuQy/hH+aDyqK2o+6khOxl39zIn42NaLGoeG1
cKPBJOkI3a3VZ8KD7Eo22hwvln+f5i+EwCnAUy9RRrQwzOl3GWWrtHkvLQR8LaAp
+lk4/H0dYdwgMA==
-----END CERTIFICATE-----