Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
File:                     G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft (raw, json)
Hash identifier:          22FL3BsoN9Qk3zZwzyQvDODWM7LHdk/mQWFfd3oR1vQ=
Subject key identifier:   CB:94:C4:DB:C4:2A:9F:77:27:25:13:6B:E8:4E:15:45:F1:9B:A6:BF
Authority key identifier: 1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE
Certificate issuer:       /CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
Certificate serial:       0196C539B0FA633D12F86017F363AAC29B79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
Manifest number:          DE
Signing time:             Mon 12 May 2025 16:00:14 +0000
Manifest this update:     Mon 12 May 2025 16:00:14 +0000
Manifest next update:     Tue 13 May 2025 16:00:14 +0000
Files and hashes:         1: G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl (hash: cgPmzYNP6pn5KHHPh6qNxqotsrI8Iz34VXylv+XZbtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:39:b0:fa:63:3d:12:f8:60:17:f3:63:aa:c2:9b:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
        Validity
            Not Before: May 12 16:00:14 2025 GMT
            Not After : May 13 16:00:14 2025 GMT
        Subject: CN=cb94c4dbc42a9f772725136be84e1545f19ba6bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:04:c7:f5:0b:67:6a:f5:c9:a4:d6:19:68:bb:
                    85:37:fe:42:1c:43:79:d2:b4:fa:b2:00:25:b2:52:
                    0f:18:2b:a4:aa:fc:04:15:60:25:8b:0d:48:73:b8:
                    ef:fe:64:b6:6e:69:c2:77:23:b0:f8:11:de:6e:8f:
                    96:42:8a:0e:2f:5c:88:7f:3f:f7:29:96:5a:98:09:
                    36:09:7b:62:fb:b7:52:c5:ad:01:e2:96:86:a7:c7:
                    0f:9c:05:81:4f:fa:dd:f2:b2:00:cd:b4:e9:3e:ad:
                    fc:72:6a:c6:59:5b:15:c5:9d:f3:10:84:5f:b5:14:
                    0c:d7:4a:3b:8b:0b:e9:cc:4b:06:11:43:9e:f3:36:
                    a3:5e:12:89:47:cc:9a:3e:56:6e:ae:f1:3a:36:54:
                    c1:c3:79:1d:45:b2:d9:b0:4c:d6:9f:17:6a:12:02:
                    63:80:f4:38:ce:4b:09:b6:d9:df:21:4b:f4:56:9c:
                    2d:1b:82:7f:6a:9b:89:96:2d:a5:41:0f:4f:8b:35:
                    7b:89:0c:0b:cd:8c:dc:6b:28:e3:26:5e:ed:5b:69:
                    3d:c8:7d:d4:6f:f7:c4:8c:04:0c:a0:a9:12:71:61:
                    0b:24:81:b2:30:e9:89:fb:f4:6c:14:39:18:8f:93:
                    10:bf:91:f7:11:66:6c:2c:4b:66:eb:be:de:c9:59:
                    ca:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:94:C4:DB:C4:2A:9F:77:27:25:13:6B:E8:4E:15:45:F1:9B:A6:BF
            X509v3 Authority Key Identifier:
                keyid:1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:4d:e7:59:a4:36:dd:5f:80:2c:d5:09:b2:20:bc:58:44:66:
         b0:74:73:6c:45:81:b0:e9:02:60:2f:cd:fb:61:24:f9:5a:a8:
         ba:83:be:6a:09:5c:4a:54:e0:ac:d7:11:80:09:3f:c5:84:6a:
         1f:55:57:d3:e2:74:7e:f9:f8:29:22:8a:5f:b0:9b:92:12:05:
         8f:b9:5b:d2:86:1e:1b:67:b6:93:d3:5c:ab:25:3f:b2:5b:c3:
         15:81:d0:c2:68:d1:7d:fe:35:95:bd:70:ff:ba:f5:63:fc:d9:
         e8:af:dd:6f:37:00:c1:c5:4a:68:42:55:75:4a:70:4f:a4:9f:
         d2:f0:4b:0d:51:eb:fa:5d:6d:af:dd:35:40:a1:3e:48:63:78:
         b4:da:30:2f:bf:29:a1:19:5e:e8:3c:d1:eb:f6:95:52:b8:f5:
         2f:7a:98:2f:1c:83:de:51:6f:58:72:d8:a9:8a:74:65:e3:66:
         eb:25:91:bc:6c:f0:5c:7d:cc:a4:b9:64:52:6d:a5:c3:ce:39:
         63:e8:bb:ea:f2:b0:e0:bb:94:d4:44:9e:62:97:3a:d4:d2:62:
         a0:75:c9:ce:ca:a5:85:90:d3:fb:ef:46:e3:bc:93:3a:b0:5b:
         9a:1f:45:33:2f:1c:dd:0c:c1:41:81:b0:15:2d:91:d2:60:41:
         5f:8c:2a:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFObD6Yz0S+GAX82Oqwpt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjkzMDFmYThkNzg4ZTAyZjdlYjJmYTg4MDIxMDkwNzQy
MDZjZmUwHhcNMjUwNTEyMTYwMDE0WhcNMjUwNTEzMTYwMDE0WjAzMTEwLwYDVQQD
EyhjYjk0YzRkYmM0MmE5Zjc3MjcyNTEzNmJlODRlMTU0NWYxOWJhNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwTH9QtnavXJpNYZaLuFN/5CHEN5
0rT6sgAlslIPGCukqvwEFWAliw1Ic7jv/mS2bmnCdyOw+BHebo+WQooOL1yIfz/3
KZZamAk2CXti+7dSxa0B4paGp8cPnAWBT/rd8rIAzbTpPq38cmrGWVsVxZ3zEIRf
tRQM10o7iwvpzEsGEUOe8zajXhKJR8yaPlZurvE6NlTBw3kdRbLZsEzWnxdqEgJj
gPQ4zksJttnfIUv0VpwtG4J/apuJli2lQQ9PizV7iQwLzYzcayjjJl7tW2k9yH3U
b/fEjAQMoKkScWELJIGyMOmJ+/RsFDkYj5MQv5H3EWZsLEtm677eyVnKNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuUxNvEKp93JyUTa+hOFUXxm6a/MB8GA1UdIwQY
MBaAFBtpMB+o14jgL36y+ogCEJB0IGz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUt
NDE2YzI4Nzk4ZmUyLzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUtNDE2YzI4Nzk4ZmUy
LzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnU3nWaQ2
3V+ALNUJsiC8WERmsHRzbEWBsOkCYC/N+2Ek+VqouoO+aglcSlTgrNcRgAk/xYRq
H1VX0+J0fvn4KSKKX7CbkhIFj7lb0oYeG2e2k9NcqyU/slvDFYHQwmjRff41lb1w
/7r1Y/zZ6K/dbzcAwcVKaEJVdUpwT6Sf0vBLDVHr+l1tr901QKE+SGN4tNowL78p
oRle6DzR6/aVUrj1L3qYLxyD3lFvWHLYqYp0ZeNm6yWRvGzwXH3MpLlkUm2lw845
Y+i76vKw4LuU1ESeYpc61NJioHXJzsqlhZDT++9G47yTOrBbmh9FMy8c3QzBQYGw
FS2R0mBBX4wqvg==
-----END CERTIFICATE-----