Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          qbnMasVaxPfD9G2IQhhAaDB/n1NikMBsw6PGvcSCBQ8=
Subject key identifier:   E9:03:C5:34:83:2F:78:74:DA:F1:54:57:B7:DA:DD:04:45:76:A0:65
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       0196B9A36E51B6AB9A9FF8932868F38A5EEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          11C2
Signing time:             Sat 10 May 2025 10:00:17 +0000
Manifest this update:     Sat 10 May 2025 10:00:17 +0000
Manifest next update:     Sun 11 May 2025 10:00:17 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: r9HLiWPHB4dbxTC3J3THhTPsi7iL0w5tiym8suekhkI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:6e:51:b6:ab:9a:9f:f8:93:28:68:f3:8a:5e:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: May 10 10:00:17 2025 GMT
            Not After : May 11 10:00:17 2025 GMT
        Subject: CN=e903c534832f7874daf15457b7dadd044576a065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:11:76:dd:26:a4:83:0b:1f:37:77:58:42:19:
                    f8:6b:4e:70:26:a3:f5:38:85:7d:09:02:69:fa:12:
                    69:3b:90:c2:89:bd:c8:1f:29:7d:2d:70:35:1c:bb:
                    98:78:71:9a:c6:c3:e4:4d:2e:a2:66:e9:29:bb:e5:
                    e1:87:0f:cf:ee:c2:fe:b0:5d:21:94:c1:ca:ee:0c:
                    eb:48:bc:8d:cf:a7:19:ae:ce:2c:74:6a:ef:55:87:
                    32:cb:ca:2b:4e:5f:5d:82:11:39:16:f5:fe:ee:85:
                    3a:de:ee:98:b1:e9:f2:39:3a:3a:d6:93:44:d4:09:
                    c9:67:6e:49:21:4b:0b:c4:cc:e5:fb:90:6e:d1:db:
                    b9:6f:3d:10:b4:23:6f:d2:7b:c8:cc:33:9c:5b:e7:
                    a2:bc:80:01:b9:23:1f:f4:5b:69:bd:c4:48:9a:5c:
                    30:01:fa:c8:ba:60:76:65:8b:79:bd:38:1f:d7:b0:
                    44:c5:3c:af:3f:05:f5:28:4b:95:52:aa:94:9e:61:
                    50:d9:81:3f:89:7d:82:3b:dc:ad:7b:44:e0:c8:4c:
                    51:58:fe:82:9a:bd:4b:7f:00:b6:69:57:71:a7:84:
                    8f:0e:78:cc:d9:82:d4:cd:ac:44:1d:11:18:1d:1e:
                    d7:69:3a:40:45:5b:6b:56:ce:a3:b3:7d:84:e2:d4:
                    2b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:03:C5:34:83:2F:78:74:DA:F1:54:57:B7:DA:DD:04:45:76:A0:65
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:77:bd:d0:ac:58:cd:b0:38:ea:08:cc:fc:56:72:f9:f0:a4:
         40:db:6f:fb:85:89:57:7c:b6:25:27:87:69:ae:02:eb:1e:0a:
         54:d3:70:a4:40:9d:75:b7:59:b4:2b:99:f0:fe:2f:1e:f1:97:
         9e:09:5e:36:ba:50:80:c1:81:f9:dc:f2:81:94:45:f1:56:ea:
         3d:ad:06:4d:04:7b:27:90:07:a9:40:e2:3c:db:94:c1:7a:9c:
         69:70:72:db:33:fb:eb:94:18:de:4d:87:7c:6a:fa:2c:d8:3d:
         84:0b:b1:cc:1f:87:5b:c4:5c:8c:62:eb:d7:a3:9c:67:06:26:
         46:95:38:a2:e1:51:99:35:4d:df:91:03:28:b8:9a:d1:5b:90:
         af:de:fc:ca:a5:85:38:4c:3f:e3:7d:2a:07:a2:bd:ee:37:11:
         4e:af:d7:f9:35:c2:19:80:3e:0d:4a:46:de:9f:75:85:e8:bf:
         e8:0b:cc:7f:88:d9:30:ed:80:f3:c2:78:46:1a:de:35:2e:4d:
         6c:92:0c:b9:a1:bb:80:2d:53:39:cf:27:2a:82:96:0e:51:e6:
         39:35:a0:16:a5:26:ea:b4:79:f8:19:05:f1:d2:5b:bd:1e:14:
         d8:f4:1a:6f:f7:7c:07:ed:19:bf:7d:d7:74:92:01:88:a3:5c:
         4b:f3:0f:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o25Rtquan/iTKGjzil7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjUwNTEwMTAwMDE3WhcNMjUwNTExMTAwMDE3WjAzMTEwLwYDVQQD
EyhlOTAzYzUzNDgzMmY3ODc0ZGFmMTU0NTdiN2RhZGQwNDQ1NzZhMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhF23SakgwsfN3dYQhn4a05wJqP1
OIV9CQJp+hJpO5DCib3IHyl9LXA1HLuYeHGaxsPkTS6iZukpu+Xhhw/P7sL+sF0h
lMHK7gzrSLyNz6cZrs4sdGrvVYcyy8orTl9dghE5FvX+7oU63u6YsenyOTo61pNE
1AnJZ25JIUsLxMzl+5Bu0du5bz0QtCNv0nvIzDOcW+eivIABuSMf9FtpvcRImlww
AfrIumB2ZYt5vTgf17BExTyvPwX1KEuVUqqUnmFQ2YE/iX2CO9yte0TgyExRWP6C
mr1LfwC2aVdxp4SPDnjM2YLUzaxEHREYHR7XaTpARVtrVs6js32E4tQr8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkDxTSDL3h02vFUV7fa3QRFdqBlMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWHe90KxY
zbA46gjM/FZy+fCkQNtv+4WJV3y2JSeHaa4C6x4KVNNwpECddbdZtCuZ8P4vHvGX
ngleNrpQgMGB+dzygZRF8VbqPa0GTQR7J5AHqUDiPNuUwXqcaXBy2zP765QY3k2H
fGr6LNg9hAuxzB+HW8RcjGLr16OcZwYmRpU4ouFRmTVN35EDKLia0VuQr978yqWF
OEw/430qB6K97jcRTq/X+TXCGYA+DUpG3p91hei/6AvMf4jZMO2A88J4RhreNS5N
bJIMuaG7gC1TOc8nKoKWDlHmOTWgFqUm6rR5+BkF8dJbvR4U2PQab/d8B+0Zv33X
dJIBiKNcS/MPtQ==
-----END CERTIFICATE-----