Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          FjHlmeyBNyonXHxQ4jfDNHu1ZkHwWHCpmwFR4Bc61S4=
Subject key identifier:   AC:A2:6A:A0:A4:8D:E5:E6:A8:8D:7E:8B:6F:A1:89:75:8F:44:6E:71
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       01969E9AF31616DD835EC333C51C57BCE1DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0E29
Signing time:             Mon 05 May 2025 04:01:16 +0000
Manifest this update:     Mon 05 May 2025 04:01:16 +0000
Manifest next update:     Tue 06 May 2025 04:01:16 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: oK7HSQCH+MrPsPVAUs5o/r/lEmrAFe3MT23aLARF2ik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:f3:16:16:dd:83:5e:c3:33:c5:1c:57:bc:e1:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: May  5 04:01:16 2025 GMT
            Not After : May  6 04:01:16 2025 GMT
        Subject: CN=aca26aa0a48de5e6a88d7e8b6fa189758f446e71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:df:c8:3c:a9:a5:8e:80:af:af:a6:c2:35:83:
                    b4:95:85:28:74:84:7c:47:31:1c:03:89:f8:2a:a4:
                    19:34:1f:43:18:7f:c3:48:87:c6:ee:8a:1b:24:54:
                    f6:36:f7:fe:e1:f5:d4:aa:ff:8c:0c:b5:20:60:16:
                    6a:17:7b:25:79:ab:f4:df:b7:59:5d:fb:5c:6e:81:
                    6f:39:db:e5:0d:a9:2e:2d:72:40:60:db:38:cb:b0:
                    2b:eb:f4:a4:20:ac:8b:90:d2:f0:5e:0e:72:7b:b8:
                    75:77:a2:d1:35:c4:43:c7:89:ee:6e:99:d9:c6:20:
                    41:3e:a9:50:2c:b1:63:f1:77:06:be:11:f1:45:10:
                    08:2d:6a:74:6a:03:33:b0:4a:6b:9e:44:4b:90:ec:
                    9a:67:a7:df:c9:78:cf:26:f3:d5:da:7a:21:f6:6a:
                    92:bc:7a:d9:a0:40:c3:c5:4f:e0:9a:be:04:5d:fa:
                    a0:8e:6d:8d:58:69:df:93:cf:97:9e:9d:9d:41:3b:
                    82:20:60:ea:bb:c5:83:c4:6c:0c:db:5b:65:3c:f4:
                    d3:4f:ac:24:44:07:d8:a5:ba:5d:38:86:52:24:00:
                    0c:a7:26:80:53:ac:62:e5:34:74:b6:34:0d:b5:74:
                    4b:5b:6a:37:fd:02:35:c7:e1:d7:c2:15:60:ea:75:
                    0f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:A2:6A:A0:A4:8D:E5:E6:A8:8D:7E:8B:6F:A1:89:75:8F:44:6E:71
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:7a:c5:d1:a4:a7:d8:2d:2c:68:a1:64:77:9d:e2:94:8b:89:
         cb:40:f4:ac:52:5f:1f:82:a7:e7:bf:ae:82:31:78:f4:c5:ec:
         eb:11:10:2e:7e:96:9c:b8:4a:ad:31:e0:9d:94:8b:26:07:ea:
         93:55:03:9a:e5:57:c0:47:9d:5a:76:a4:02:fc:c5:79:5c:4b:
         a1:d6:55:fd:bc:47:d2:89:d6:a0:b6:b0:6e:c4:bc:08:80:dd:
         ba:f1:aa:6e:03:aa:2a:fc:03:62:6a:18:6e:75:5b:6e:15:ab:
         fa:b8:22:7b:98:59:0d:90:51:a1:e8:eb:7c:be:ca:6b:ff:c2:
         ae:90:fd:67:54:fb:04:48:aa:fb:ce:1b:c6:17:2f:60:d7:b5:
         33:ae:66:f3:bc:c9:b7:d2:69:06:4d:c5:37:20:34:3c:0d:27:
         03:c6:b2:98:d4:fc:b0:a9:7a:6a:97:dd:15:05:5c:47:91:74:
         42:b7:73:a1:9b:13:b3:aa:75:62:f1:a3:4c:fd:ed:ba:4a:98:
         bd:30:a9:1b:81:c0:fa:f9:c9:c5:57:37:bf:26:08:38:d1:b2:
         af:f3:94:c5:f9:84:ee:a8:b4:75:03:88:31:be:67:e6:6c:16:
         f0:c5:b6:c3:88:f7:f8:62:69:1d:6f:18:07:cf:7d:fd:11:5c:
         43:46:38:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemvMWFt2DXsMzxRxXvOHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUwNTA1MDQwMTE2WhcNMjUwNTA2MDQwMTE2WjAzMTEwLwYDVQQD
EyhhY2EyNmFhMGE0OGRlNWU2YTg4ZDdlOGI2ZmExODk3NThmNDQ2ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst/IPKmljoCvr6bCNYO0lYUodIR8
RzEcA4n4KqQZNB9DGH/DSIfG7oobJFT2Nvf+4fXUqv+MDLUgYBZqF3sleav037dZ
XftcboFvOdvlDakuLXJAYNs4y7Ar6/SkIKyLkNLwXg5ye7h1d6LRNcRDx4nubpnZ
xiBBPqlQLLFj8XcGvhHxRRAILWp0agMzsEprnkRLkOyaZ6ffyXjPJvPV2noh9mqS
vHrZoEDDxU/gmr4EXfqgjm2NWGnfk8+Xnp2dQTuCIGDqu8WDxGwM21tlPPTTT6wk
RAfYpbpdOIZSJAAMpyaAU6xi5TR0tjQNtXRLW2o3/QI1x+HXwhVg6nUPuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyiaqCkjeXmqI1+i2+hiXWPRG5xMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACHrF0aSn
2C0saKFkd53ilIuJy0D0rFJfH4Kn57+ugjF49MXs6xEQLn6WnLhKrTHgnZSLJgfq
k1UDmuVXwEedWnakAvzFeVxLodZV/bxH0onWoLawbsS8CIDduvGqbgOqKvwDYmoY
bnVbbhWr+rgie5hZDZBRoejrfL7Ka//CrpD9Z1T7BEiq+84bxhcvYNe1M65m87zJ
t9JpBk3FNyA0PA0nA8aymNT8sKl6apfdFQVcR5F0QrdzoZsTs6p1YvGjTP3tukqY
vTCpG4HA+vnJxVc3vyYIONGyr/OUxfmE7qi0dQOIMb5n5mwW8MW2w4j3+GJpHW8Y
B899/RFcQ0Y42g==
-----END CERTIFICATE-----