Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          fXYJURrosdx2zFHIrfdqhL3bMGFSiA/swAI7Ny4wMFQ=
Subject key identifier:   01:69:74:AD:1A:7A:8E:14:7F:CF:AE:5C:A7:32:07:18:39:DA:46:0D
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0196A23FDD04C680B0FD94161A9C29C63C98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0934
Signing time:             Mon 05 May 2025 21:00:16 +0000
Manifest this update:     Mon 05 May 2025 21:00:16 +0000
Manifest next update:     Tue 06 May 2025 21:00:16 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: 9mLrD790wij5IO6G228xW1Q7KguZ+Logdhjp7WhwlEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a2:3f:dd:04:c6:80:b0:fd:94:16:1a:9c:29:c6:3c:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: May  5 21:00:16 2025 GMT
            Not After : May  6 21:00:16 2025 GMT
        Subject: CN=016974ad1a7a8e147fcfae5ca732071839da460d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:79:6e:6a:47:bc:52:91:7f:5d:75:f9:28:f6:
                    a1:21:bb:6f:1d:b7:c4:b3:b8:10:c3:8a:bf:b4:ba:
                    df:d8:29:73:84:20:68:ea:dd:e2:69:43:78:94:1f:
                    ef:a6:35:b2:9e:3d:2b:ea:16:43:1e:dd:0f:db:ac:
                    1b:c3:05:08:aa:d4:61:14:ae:b7:07:c9:b9:80:45:
                    5a:cb:d0:49:4f:81:93:07:99:65:fa:f9:9a:69:e5:
                    3d:5f:4a:e8:b5:62:b2:38:61:d5:14:8b:3d:22:92:
                    88:56:4e:e9:ee:17:bf:f8:f4:64:26:7f:e8:7a:32:
                    a0:21:3f:ba:b4:9d:ce:8e:8a:1c:2f:60:90:1c:a7:
                    92:54:88:f1:7b:7b:7b:69:f5:0b:b7:af:a5:fe:36:
                    45:db:4c:74:33:7b:61:e0:7e:fe:35:8d:fe:cd:94:
                    10:bd:a9:6a:be:64:de:ba:79:5d:cc:f8:6b:d9:89:
                    fd:66:98:47:85:6e:2d:b6:79:87:df:33:a5:63:f2:
                    7a:3a:a2:94:50:ec:a9:bb:85:ff:64:59:2d:de:83:
                    3f:9b:3b:51:a9:79:31:4e:ad:38:ee:99:1e:8e:0c:
                    07:bf:19:c7:d9:b9:5d:74:80:6b:c5:56:4a:25:89:
                    a6:f5:8e:16:76:10:ac:68:fc:88:3d:26:68:13:ee:
                    92:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:69:74:AD:1A:7A:8E:14:7F:CF:AE:5C:A7:32:07:18:39:DA:46:0D
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:55:90:4b:b7:6e:eb:31:f5:b4:22:d4:5e:af:29:0b:b3:6f:
         6b:cd:66:a9:c8:94:05:fd:3c:8c:ef:dd:63:de:aa:b9:26:43:
         95:fb:e8:57:e4:03:83:95:cb:78:f2:d6:f1:c6:53:c5:76:90:
         ba:d2:61:72:55:df:ce:d2:66:c4:7a:ea:d8:64:1b:b9:d0:db:
         3b:24:b8:63:b6:b6:39:5b:ed:d8:b5:7e:92:ae:fb:b2:b0:82:
         ba:bc:18:92:74:6b:87:b7:14:47:88:53:52:d2:cb:5f:20:93:
         aa:36:d2:21:37:48:86:30:06:c8:eb:9b:d3:05:7e:63:63:b8:
         d4:fc:35:76:49:a3:c1:bb:fe:4a:4c:86:c5:50:5f:84:90:2d:
         78:2f:90:79:06:30:11:2a:0f:01:e0:bb:b7:3c:61:7d:d7:b4:
         dd:54:e4:dc:01:a9:ad:57:67:a7:41:00:49:68:97:94:29:7a:
         f2:bc:f8:4c:46:7d:71:25:53:70:12:3e:48:99:18:16:13:ac:
         a7:9b:d5:cb:eb:16:5f:3d:88:30:4b:8f:a9:f7:4e:25:d5:44:
         ba:74:ad:f9:56:be:17:e8:e2:eb:12:0a:57:8f:79:a2:6a:21:
         3c:1e:d9:89:0c:b8:30:ab:63:99:ac:e5:1f:a5:bd:98:06:b8:
         8f:f9:38:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaiP90ExoCw/ZQWGpwpxjyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwNTA1MjEwMDE2WhcNMjUwNTA2MjEwMDE2WjAzMTEwLwYDVQQD
EygwMTY5NzRhZDFhN2E4ZTE0N2ZjZmFlNWNhNzMyMDcxODM5ZGE0NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3luake8UpF/XXX5KPahIbtvHbfE
s7gQw4q/tLrf2ClzhCBo6t3iaUN4lB/vpjWynj0r6hZDHt0P26wbwwUIqtRhFK63
B8m5gEVay9BJT4GTB5ll+vmaaeU9X0rotWKyOGHVFIs9IpKIVk7p7he/+PRkJn/o
ejKgIT+6tJ3OjoocL2CQHKeSVIjxe3t7afULt6+l/jZF20x0M3th4H7+NY3+zZQQ
valqvmTeunldzPhr2Yn9ZphHhW4ttnmH3zOlY/J6OqKUUOypu4X/ZFkt3oM/mztR
qXkxTq047pkejgwHvxnH2blddIBrxVZKJYmm9Y4WdhCsaPyIPSZoE+6SxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFpdK0aeo4Uf8+uXKcyBxg52kYNMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVWQS7du
6zH1tCLUXq8pC7Nva81mqciUBf08jO/dY96quSZDlfvoV+QDg5XLePLW8cZTxXaQ
utJhclXfztJmxHrq2GQbudDbOyS4Y7a2OVvt2LV+kq77srCCurwYknRrh7cUR4hT
UtLLXyCTqjbSITdIhjAGyOub0wV+Y2O41Pw1dkmjwbv+SkyGxVBfhJAteC+QeQYw
ESoPAeC7tzxhfde03VTk3AGprVdnp0EASWiXlCl68rz4TEZ9cSVTcBI+SJkYFhOs
p5vVy+sWXz2IMEuPqfdOJdVEunSt+Va+F+ji6xIKV495omohPB7ZiQy4MKtjmazl
H6W9mAa4j/k49A==
-----END CERTIFICATE-----