Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          0gRvMtGC2z1u6xd+8GWFoT7ru87DSQZSpCtEtLYUCQo=
Subject key identifier:   F6:46:93:B1:DB:D5:33:53:59:DA:72:89:3E:65:C8:53:AD:C0:38:D3
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       0196D43F5328BC72319AA5226ADAE63B0895
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          02A5
Signing time:             Thu 15 May 2025 14:00:41 +0000
Manifest this update:     Thu 15 May 2025 14:00:41 +0000
Manifest next update:     Fri 16 May 2025 14:00:41 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: UOdidSkvNjWA/x4COz7LAmXoYcpg68ADOJne86W7my8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 14:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d4:3f:53:28:bc:72:31:9a:a5:22:6a:da:e6:3b:08:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: May 15 14:00:41 2025 GMT
            Not After : May 16 14:00:41 2025 GMT
        Subject: CN=f64693b1dbd5335359da72893e65c853adc038d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:20:16:ff:4a:3c:9b:aa:67:c1:90:cd:21:73:
                    7f:99:39:64:5f:c6:b0:24:4c:c5:52:96:d9:1a:13:
                    72:cc:91:73:2d:62:7a:d7:b2:98:36:b0:5c:0e:df:
                    ad:8d:eb:97:cd:60:57:71:9a:ad:90:ed:5c:7e:37:
                    20:4b:54:8e:0a:9a:f4:de:5b:52:70:ce:d5:6e:0b:
                    4f:94:b8:ab:e4:fc:ac:58:61:02:7a:b2:0f:bd:63:
                    f3:22:13:47:f2:f7:60:bb:af:93:8c:3d:cd:e9:4b:
                    2f:a7:e8:2d:ff:07:c0:93:ef:d9:e9:63:49:f9:27:
                    d1:61:3e:0a:52:2c:06:96:cd:9b:be:ee:61:ce:f0:
                    82:ca:cb:80:cf:ba:6b:fd:58:3c:0f:c6:60:f8:16:
                    73:f8:c6:11:58:18:91:8d:05:b9:aa:20:33:7d:8b:
                    34:1d:da:b9:c6:96:7d:d0:e5:ee:9a:94:fe:72:5d:
                    f3:56:7c:39:d4:a7:12:16:dc:38:de:7c:f2:9d:a8:
                    10:df:54:72:57:50:08:35:1d:2c:7b:73:dc:19:56:
                    d2:b2:da:1e:42:3b:6d:a1:9c:a8:d7:e7:85:b1:ae:
                    fe:4e:a9:47:e1:97:85:ed:67:21:cd:e9:8b:81:11:
                    4f:9e:6b:03:a5:8e:91:5f:ae:a3:70:23:3b:18:16:
                    6e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:46:93:B1:DB:D5:33:53:59:DA:72:89:3E:65:C8:53:AD:C0:38:D3
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:af:ff:b7:67:90:b4:7b:52:ec:5d:a2:d2:55:3c:2a:fd:45:
         fd:a2:73:ec:24:c2:02:64:8d:93:51:f0:1d:1a:36:fe:2d:6d:
         f8:ec:70:4c:76:dc:2d:11:ce:1b:49:98:d3:67:75:a6:3b:d0:
         7f:6c:49:8e:8c:3d:cd:c1:96:78:a4:f1:37:10:88:f2:e7:5a:
         13:0d:66:b4:0e:a4:93:b6:e6:fc:27:14:d5:97:26:fd:e2:96:
         69:86:cc:a3:33:8c:e7:f2:fd:6d:16:86:09:36:e2:94:d3:6c:
         e8:38:36:29:49:26:00:2e:5a:f2:68:83:22:ac:83:73:66:c2:
         04:cb:b6:5b:f0:ea:a1:04:84:12:46:45:73:25:a7:42:1b:f4:
         4c:de:f3:2f:19:31:ea:d0:6f:37:bc:e6:35:f9:64:cb:31:49:
         e6:49:ff:5d:a2:c7:a8:bf:51:90:a2:19:91:85:37:74:8e:c3:
         d2:ea:c2:01:af:50:ff:91:11:d6:e6:bc:e6:db:9a:99:60:57:
         4b:90:0e:e8:7e:f5:1c:b1:a9:26:82:f8:42:23:49:fa:e3:c0:
         6f:3f:15:03:42:ef:96:a2:85:23:46:d1:58:62:0e:6a:58:21:
         7d:28:82:ec:1c:e6:f3:50:d6:76:93:ef:e5:64:59:15:9d:96:
         92:2b:8b:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbUP1MovHIxmqUiatrmOwiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUwNTE1MTQwMDQxWhcNMjUwNTE2MTQwMDQxWjAzMTEwLwYDVQQD
EyhmNjQ2OTNiMWRiZDUzMzUzNTlkYTcyODkzZTY1Yzg1M2FkYzAzOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSAW/0o8m6pnwZDNIXN/mTlkX8aw
JEzFUpbZGhNyzJFzLWJ617KYNrBcDt+tjeuXzWBXcZqtkO1cfjcgS1SOCpr03ltS
cM7VbgtPlLir5PysWGECerIPvWPzIhNH8vdgu6+TjD3N6Usvp+gt/wfAk+/Z6WNJ
+SfRYT4KUiwGls2bvu5hzvCCysuAz7pr/Vg8D8Zg+BZz+MYRWBiRjQW5qiAzfYs0
Hdq5xpZ90OXumpT+cl3zVnw51KcSFtw43nzynagQ31RyV1AINR0se3PcGVbSstoe
QjttoZyo1+eFsa7+TqlH4ZeF7WchzemLgRFPnmsDpY6RX66jcCM7GBZuYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZGk7Hb1TNTWdpyiT5lyFOtwDjTMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa6//t2eQ
tHtS7F2i0lU8Kv1F/aJz7CTCAmSNk1HwHRo2/i1t+OxwTHbcLRHOG0mY02d1pjvQ
f2xJjow9zcGWeKTxNxCI8udaEw1mtA6kk7bm/CcU1Zcm/eKWaYbMozOM5/L9bRaG
CTbilNNs6Dg2KUkmAC5a8miDIqyDc2bCBMu2W/DqoQSEEkZFcyWnQhv0TN7zLxkx
6tBvN7zmNflkyzFJ5kn/XaLHqL9RkKIZkYU3dI7D0urCAa9Q/5ER1ua85tuamWBX
S5AO6H71HLGpJoL4QiNJ+uPAbz8VA0LvlqKFI0bRWGIOalghfSiC7Bzm81DWdpPv
5WRZFZ2WkiuLqg==
-----END CERTIFICATE-----