Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
File:                     ap2Z4esn7Hq76TViechBGkEw_co.mft (raw, json)
Hash identifier:          S1ioKOWgg8rNeV5k17+/p+KxsMB2G4G2H4Z1i/3Wfvk=
Subject key identifier:   35:AC:05:AC:71:60:D4:43:54:9F:13:06:32:89:58:6C:35:7A:CA:79
Authority key identifier: 6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA
Certificate issuer:       /CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
Certificate serial:       01969F0821B3B3A6F3AEC351196192AA596B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
Manifest number:          0B9A
Signing time:             Mon 05 May 2025 06:00:32 +0000
Manifest this update:     Mon 05 May 2025 06:00:32 +0000
Manifest next update:     Tue 06 May 2025 06:00:32 +0000
Files and hashes:         1: ap2Z4esn7Hq76TViechBGkEw_co.crl (hash: 2eiINqYYHPkCUZr2By11e43cHg+0y0SqrO4HkwMRiNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:08:21:b3:b3:a6:f3:ae:c3:51:19:61:92:aa:59:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
        Validity
            Not Before: May  5 06:00:32 2025 GMT
            Not After : May  6 06:00:32 2025 GMT
        Subject: CN=35ac05ac7160d443549f13063289586c357aca79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d0:c8:ce:3d:2d:19:e7:8c:ed:2a:23:35:bf:
                    49:07:4d:44:57:1b:5a:74:4b:4c:9f:58:39:9b:ef:
                    cb:3b:22:75:13:64:2e:be:22:91:3e:06:49:10:55:
                    a9:7c:ca:7a:d8:d2:68:48:7d:81:63:e0:50:41:bb:
                    f5:b5:f9:37:1a:bc:ab:90:c7:70:75:30:eb:72:bb:
                    79:82:dd:74:40:34:8f:9e:99:14:49:a4:86:4d:1b:
                    a1:87:44:b3:d7:96:99:af:e7:f5:7b:72:e3:97:8f:
                    4e:45:e8:2f:77:77:91:d2:d9:ec:93:13:50:6d:74:
                    e2:f5:5b:a4:d6:f1:5d:b5:d4:dd:75:b3:4f:89:03:
                    4a:1b:12:40:c8:72:a3:f8:7c:e3:9d:f4:d6:b0:1d:
                    a2:35:e2:20:47:9b:95:d2:14:18:b5:4b:b8:e1:1a:
                    36:89:08:bc:e4:a0:0a:87:74:ba:83:6f:7e:61:29:
                    e7:31:b1:45:f1:29:a6:8e:d2:9c:ad:80:2a:3c:78:
                    e5:9c:9e:52:39:58:82:20:35:f4:55:63:4a:3f:e4:
                    a0:d4:bf:36:aa:1d:9d:e7:61:20:b8:93:80:c9:c4:
                    ec:f5:7f:af:f2:7f:af:04:23:6c:9d:1f:9c:74:66:
                    d5:06:d2:2d:73:e7:50:a5:95:2f:53:86:ed:4c:e2:
                    72:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:AC:05:AC:71:60:D4:43:54:9F:13:06:32:89:58:6C:35:7A:CA:79
            X509v3 Authority Key Identifier:
                keyid:6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:3b:4c:41:87:8f:75:1a:7d:08:0a:3f:12:8e:7f:4e:23:eb:
         42:25:36:d9:3a:0e:d6:8b:6d:57:b1:2f:22:82:c1:3b:9f:a0:
         e1:b1:70:03:fd:58:24:52:31:7d:a6:41:45:01:b6:fe:c2:af:
         9e:4e:a5:a2:f9:26:03:86:b1:4a:90:ba:c2:fb:71:c7:31:3e:
         c1:f3:a8:a1:c3:f0:02:bd:c3:c8:c5:7d:13:22:ab:ea:97:12:
         3f:4b:4c:a0:c3:b4:60:22:79:d1:26:cb:73:9c:63:8f:94:05:
         a9:a9:8f:8d:6f:76:fc:9c:32:82:15:23:19:d4:d9:c0:20:38:
         27:dc:70:67:51:12:ac:1c:79:d5:07:a3:c1:86:67:dc:cc:0b:
         f5:1a:ab:3a:b2:b1:f9:11:ce:d6:15:af:37:b9:2a:7a:76:f7:
         a3:9b:4b:ec:a0:39:7d:12:23:d4:07:e7:50:64:3b:a6:64:15:
         5e:21:67:92:7b:5a:ec:1f:ae:9d:6e:84:72:8b:1e:79:34:38:
         a6:02:73:f4:d9:8e:da:ab:50:aa:da:be:75:47:fc:53:12:c4:
         6f:fd:40:7a:f9:06:00:a9:53:1d:5b:11:3d:4b:9f:52:62:1c:
         24:84:ba:b8:92:c7:12:94:f7:3e:89:ad:02:b0:36:05:e4:f0:
         22:cc:43:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafCCGzs6bzrsNRGWGSqllrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ5OWUxZWIyN2VjN2FiYmU5MzU2Mjc5Yzg0MTFhNDEz
MGZkY2EwHhcNMjUwNTA1MDYwMDMyWhcNMjUwNTA2MDYwMDMyWjAzMTEwLwYDVQQD
EygzNWFjMDVhYzcxNjBkNDQzNTQ5ZjEzMDYzMjg5NTg2YzM1N2FjYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutDIzj0tGeeM7SojNb9JB01EVxta
dEtMn1g5m+/LOyJ1E2QuviKRPgZJEFWpfMp62NJoSH2BY+BQQbv1tfk3GryrkMdw
dTDrcrt5gt10QDSPnpkUSaSGTRuhh0Sz15aZr+f1e3Ljl49ORegvd3eR0tnskxNQ
bXTi9Vuk1vFdtdTddbNPiQNKGxJAyHKj+HzjnfTWsB2iNeIgR5uV0hQYtUu44Ro2
iQi85KAKh3S6g29+YSnnMbFF8SmmjtKcrYAqPHjlnJ5SOViCIDX0VWNKP+Sg1L82
qh2d52EguJOAycTs9X+v8n+vBCNsnR+cdGbVBtItc+dQpZUvU4btTOJyOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWsBaxxYNRDVJ8TBjKJWGw1esp5MB8GA1UdIwQY
MBaAFGqdmeHrJ+x6u+k1YnnIQRpBMP3KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQt
YjdkYWYyZTYwZjZmLzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQtYjdkYWYyZTYwZjZm
LzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDtMQYeP
dRp9CAo/Eo5/TiPrQiU22ToO1ottV7EvIoLBO5+g4bFwA/1YJFIxfaZBRQG2/sKv
nk6lovkmA4axSpC6wvtxxzE+wfOoocPwAr3DyMV9EyKr6pcSP0tMoMO0YCJ50SbL
c5xjj5QFqamPjW92/JwyghUjGdTZwCA4J9xwZ1ESrBx51QejwYZn3MwL9RqrOrKx
+RHO1hWvN7kqenb3o5tL7KA5fRIj1AfnUGQ7pmQVXiFnknta7B+unW6EcoseeTQ4
pgJz9NmO2qtQqtq+dUf8UxLEb/1AevkGAKlTHVsRPUufUmIcJIS6uJLHEpT3Pomt
ArA2BeTwIsxDRQ==
-----END CERTIFICATE-----