Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          kjN/a5hBSC6ul/5a8VamZK3p4kIH+rK5KsnB3GrMLgM=
Subject key identifier:   81:9C:6E:62:8E:C6:E2:4D:A0:F9:B4:53:A2:8C:F2:94:01:1A:77:74
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       0196BCDBA7584BE481F44D175DE118A3B7F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          0FFF
Signing time:             Sun 11 May 2025 01:00:33 +0000
Manifest this update:     Sun 11 May 2025 01:00:33 +0000
Manifest next update:     Mon 12 May 2025 01:00:33 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: HFsLWzRKES5ws+aC13C/DV0/0EQ2F2BancAcRJg01Kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:db:a7:58:4b:e4:81:f4:4d:17:5d:e1:18:a3:b7:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: May 11 01:00:33 2025 GMT
            Not After : May 12 01:00:33 2025 GMT
        Subject: CN=819c6e628ec6e24da0f9b453a28cf294011a7774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:51:43:80:bb:dc:ec:9d:da:03:f5:47:ca:04:
                    e0:38:16:68:6e:42:86:2e:c8:8b:aa:f3:2c:c7:d7:
                    13:cd:72:17:f9:27:4d:35:e3:1d:ca:61:8b:56:8d:
                    a7:ab:77:88:a3:11:0b:ee:23:6e:ca:f7:70:f8:bd:
                    fb:c8:41:bd:88:80:a3:7b:97:fe:a2:ab:1d:ce:da:
                    62:91:2b:66:3b:b4:b3:34:6d:57:7f:15:62:56:ea:
                    02:42:0c:4d:3b:ea:47:2f:a0:b1:88:ff:91:60:d5:
                    2a:38:05:37:cb:b5:a7:d1:60:cd:ed:98:8a:cd:f4:
                    55:14:96:7c:35:41:36:7c:60:cb:4b:97:1b:4b:7e:
                    88:10:50:01:a6:9d:a8:18:20:7a:38:1e:19:10:84:
                    6c:98:81:43:81:ca:89:20:a0:01:02:c3:05:43:fe:
                    89:0c:f3:34:eb:17:5e:4d:37:ca:37:a3:22:3e:50:
                    e8:d0:37:f1:2c:ec:43:3c:26:7b:37:bd:62:65:67:
                    b5:48:da:0b:96:35:4f:51:5a:35:72:46:39:11:46:
                    ce:88:c4:24:72:67:3b:e6:cb:bb:97:db:56:24:31:
                    a0:df:c3:01:1a:15:16:c7:67:7e:ab:9b:1c:9e:bc:
                    cf:a3:54:84:9e:c0:b9:c9:6f:f0:38:ab:45:12:d9:
                    c6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:9C:6E:62:8E:C6:E2:4D:A0:F9:B4:53:A2:8C:F2:94:01:1A:77:74
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:a7:b7:0f:f1:f3:52:a3:6a:e9:09:0c:27:96:e5:6d:90:f3:
         77:98:ea:03:00:f7:21:dd:81:a8:dc:9c:9e:6c:71:b6:86:98:
         f0:cd:af:7f:65:d3:d2:7d:c5:a3:a5:e0:54:4b:a2:be:94:71:
         0d:d0:3b:37:82:3d:bc:a5:ba:9c:bf:85:80:bd:61:a2:18:20:
         2e:04:b9:a8:c6:aa:6b:fa:d9:94:6f:61:7f:a7:72:05:cc:71:
         78:f3:3b:f3:29:20:b9:6c:79:da:d1:75:67:29:7c:2d:41:aa:
         64:d2:43:a1:b2:4e:8b:7b:de:86:24:13:98:87:bb:89:15:54:
         3e:47:0c:bc:be:e6:15:81:cd:e4:2d:36:4f:7f:d7:a0:20:df:
         17:95:54:69:89:23:bd:2d:21:bc:4a:b2:aa:19:bf:e3:31:5b:
         8a:63:36:76:06:ed:5b:2a:b2:c8:92:eb:0f:92:1f:de:31:76:
         8b:52:53:8f:69:12:b7:a0:6d:da:5c:69:64:c2:d0:66:07:48:
         a5:a7:af:76:66:b3:02:2b:56:f8:d7:d4:25:7b:61:c3:dd:b7:
         c7:2d:c6:6d:a4:bf:85:21:b9:c6:43:02:1c:ef:8d:f4:87:05:
         d1:d9:7d:1f:9b:13:7c:35:af:9a:e0:6f:2c:7d:46:f7:c6:6f:
         ee:1d:af:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa826dYS+SB9E0XXeEYo7f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjUwNTExMDEwMDMzWhcNMjUwNTEyMDEwMDMzWjAzMTEwLwYDVQQD
Eyg4MTljNmU2MjhlYzZlMjRkYTBmOWI0NTNhMjhjZjI5NDAxMWE3Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11FDgLvc7J3aA/VHygTgOBZobkKG
LsiLqvMsx9cTzXIX+SdNNeMdymGLVo2nq3eIoxEL7iNuyvdw+L37yEG9iICje5f+
oqsdztpikStmO7SzNG1XfxViVuoCQgxNO+pHL6CxiP+RYNUqOAU3y7Wn0WDN7ZiK
zfRVFJZ8NUE2fGDLS5cbS36IEFABpp2oGCB6OB4ZEIRsmIFDgcqJIKABAsMFQ/6J
DPM06xdeTTfKN6MiPlDo0DfxLOxDPCZ7N71iZWe1SNoLljVPUVo1ckY5EUbOiMQk
cmc75su7l9tWJDGg38MBGhUWx2d+q5scnrzPo1SEnsC5yW/wOKtFEtnGawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGcbmKOxuJNoPm0U6KM8pQBGnd0MB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqe3D/Hz
UqNq6QkMJ5blbZDzd5jqAwD3Id2BqNycnmxxtoaY8M2vf2XT0n3Fo6XgVEuivpRx
DdA7N4I9vKW6nL+FgL1hohggLgS5qMaqa/rZlG9hf6dyBcxxePM78ykguWx52tF1
Zyl8LUGqZNJDobJOi3vehiQTmIe7iRVUPkcMvL7mFYHN5C02T3/XoCDfF5VUaYkj
vS0hvEqyqhm/4zFbimM2dgbtWyqyyJLrD5If3jF2i1JTj2kSt6Bt2lxpZMLQZgdI
paevdmazAitW+NfUJXthw923xy3GbaS/hSG5xkMCHO+N9IcF0dl9H5sTfDWvmuBv
LH1G98Zv7h2vBA==
-----END CERTIFICATE-----