Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          Jy76KxXhrP3expttmBoBgbu4RfxntOK4RdUQyyZjf2k=
Subject key identifier:   53:6C:19:9A:68:D9:AB:FA:16:97:C3:93:4B:FA:F1:39:26:AD:E1:F8
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       0196A653C9A1F2E505F3E77393D51316D392
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0D84
Signing time:             Tue 06 May 2025 16:00:31 +0000
Manifest this update:     Tue 06 May 2025 16:00:31 +0000
Manifest next update:     Wed 07 May 2025 16:00:31 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: uKzjwDYvGVRyh/taQZqmhqCwIax8EkFcoI4goyKtGww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 16:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a6:53:c9:a1:f2:e5:05:f3:e7:73:93:d5:13:16:d3:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: May  6 16:00:31 2025 GMT
            Not After : May  7 16:00:31 2025 GMT
        Subject: CN=536c199a68d9abfa1697c3934bfaf13926ade1f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c6:b1:1c:05:a8:4c:99:ee:4a:b0:d0:ae:2b:
                    20:24:45:f5:1d:70:52:61:ff:5b:f4:ce:66:4e:56:
                    e8:41:37:00:bb:b8:24:bc:57:f6:28:67:3f:91:44:
                    dd:9d:e1:9c:04:80:38:96:cf:ed:b3:8f:87:7e:17:
                    1b:db:7e:3a:53:6a:fb:b0:15:4f:ae:85:1e:ce:a8:
                    9c:43:98:f1:0f:49:e3:88:5a:ee:85:25:53:bd:fb:
                    73:48:93:8c:60:ff:f3:40:1f:66:db:87:c0:ea:92:
                    fb:3f:b7:9d:cc:ec:a7:44:99:fa:e7:f7:06:00:e7:
                    6b:1f:b1:4d:c3:30:e9:d5:87:84:76:30:47:bf:4c:
                    55:63:04:de:e1:91:8b:25:93:95:54:2a:a5:14:0f:
                    8d:b9:c9:6a:be:bc:e7:70:92:2a:1f:9f:1e:ce:75:
                    c9:53:a9:58:af:26:5c:64:26:a5:5d:17:ff:ed:a8:
                    ee:ab:3d:23:f8:ae:1c:b5:e8:fc:34:10:f0:37:d4:
                    58:4e:fa:c1:5a:7d:e1:9a:31:dd:27:75:b4:97:0b:
                    1d:31:c0:43:33:03:f6:d4:93:72:9b:31:0c:03:2b:
                    8e:3c:3a:7c:0a:4f:1e:99:cb:df:28:20:10:3b:0d:
                    29:bf:1c:e2:8b:26:13:d3:bd:b8:7c:d3:ed:32:a9:
                    68:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:6C:19:9A:68:D9:AB:FA:16:97:C3:93:4B:FA:F1:39:26:AD:E1:F8
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:81:f8:1c:4b:67:b6:7c:9c:89:5a:00:95:25:9a:c9:39:ac:
         5c:2e:28:32:2c:09:07:a5:00:9d:65:5a:f4:01:c5:78:73:10:
         88:01:55:60:62:2e:86:e4:26:79:b6:ba:0f:80:0f:af:35:3d:
         92:74:a9:86:90:e1:12:f5:cc:b2:a1:21:3b:a3:ca:be:a6:5e:
         be:25:1b:73:bd:00:34:e2:00:4a:db:23:9b:cd:8e:f1:7d:c8:
         27:bc:78:fe:30:02:ed:2c:76:da:4d:c8:e5:36:3d:ec:2a:b2:
         d6:cc:0a:7a:52:2c:52:39:eb:5c:a8:4f:df:38:fb:d6:3e:d5:
         bb:b0:84:4c:b9:a3:ed:f0:48:97:5b:5a:86:cb:a9:0e:78:cf:
         46:61:8a:59:05:03:82:68:80:ca:7f:46:6e:13:98:b7:36:c6:
         2a:53:74:dc:1f:0b:1a:1d:7e:74:34:da:e2:7a:3e:22:02:98:
         17:60:f5:23:6c:dd:8a:74:d6:52:70:bc:86:bc:79:09:ff:e7:
         f1:3f:68:ba:3b:f3:00:57:75:1d:48:0b:e4:f5:a2:64:56:e6:
         c5:40:3f:ff:17:90:06:9a:1b:07:94:bd:b3:6c:7f:63:8c:a2:
         1c:8b:7e:81:c1:b9:4b:28:d8:1c:78:12:42:02:da:65:64:48:
         d8:5c:86:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZamU8mh8uUF8+dzk9UTFtOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwNTA2MTYwMDMxWhcNMjUwNTA3MTYwMDMxWjAzMTEwLwYDVQQD
Eyg1MzZjMTk5YTY4ZDlhYmZhMTY5N2MzOTM0YmZhZjEzOTI2YWRlMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMaxHAWoTJnuSrDQrisgJEX1HXBS
Yf9b9M5mTlboQTcAu7gkvFf2KGc/kUTdneGcBIA4ls/ts4+Hfhcb2346U2r7sBVP
roUezqicQ5jxD0njiFruhSVTvftzSJOMYP/zQB9m24fA6pL7P7edzOynRJn65/cG
AOdrH7FNwzDp1YeEdjBHv0xVYwTe4ZGLJZOVVCqlFA+NuclqvrzncJIqH58eznXJ
U6lYryZcZCalXRf/7ajuqz0j+K4ctej8NBDwN9RYTvrBWn3hmjHdJ3W0lwsdMcBD
MwP21JNymzEMAyuOPDp8Ck8emcvfKCAQOw0pvxziiyYT0724fNPtMqloMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNsGZpo2av6FpfDk0v68TkmreH4MB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIH4HEtn
tnyciVoAlSWayTmsXC4oMiwJB6UAnWVa9AHFeHMQiAFVYGIuhuQmeba6D4APrzU9
knSphpDhEvXMsqEhO6PKvqZeviUbc70ANOIAStsjm82O8X3IJ7x4/jAC7Sx22k3I
5TY97Cqy1swKelIsUjnrXKhP3zj71j7Vu7CETLmj7fBIl1tahsupDnjPRmGKWQUD
gmiAyn9GbhOYtzbGKlN03B8LGh1+dDTa4no+IgKYF2D1I2zdinTWUnC8hrx5Cf/n
8T9oujvzAFd1HUgL5PWiZFbmxUA//xeQBpobB5S9s2x/Y4yiHIt+gcG5SyjYHHgS
QgLaZWRI2FyGGw==
-----END CERTIFICATE-----