Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          TxWzNR8/yNDMNkVp3BdW1wvCg9o1cz5MwcarfQYuNkU=
Subject key identifier:   81:31:9B:7E:E6:32:B3:AE:16:F9:5C:72:8C:F5:DC:1C:1B:1F:BD:2C
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       0196C34C6BA3B344F32247F056CC7D96821C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          05C8
Signing time:             Mon 12 May 2025 07:01:27 +0000
Manifest this update:     Mon 12 May 2025 07:01:27 +0000
Manifest next update:     Tue 13 May 2025 07:01:27 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: pViStMg1BQw3pQ1LypkQid9Ss/RDOV8gkvMn5uuABJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:4c:6b:a3:b3:44:f3:22:47:f0:56:cc:7d:96:82:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: May 12 07:01:27 2025 GMT
            Not After : May 13 07:01:27 2025 GMT
        Subject: CN=81319b7ee632b3ae16f95c728cf5dc1c1b1fbd2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:62:fc:a5:9e:51:43:09:14:f0:d9:c3:d3:f1:
                    08:bc:77:01:4f:3a:46:f9:8f:23:fd:30:53:3a:11:
                    35:5e:6b:57:92:0a:de:6f:bf:83:0f:89:f7:25:86:
                    4e:2e:60:65:8a:3d:de:e7:b2:37:48:6b:60:44:0f:
                    af:6f:a9:cb:24:a0:41:f1:34:8f:50:2e:65:b1:2b:
                    e5:5b:42:01:43:3d:fc:95:d8:2e:d0:6f:b9:2e:5a:
                    ab:57:4b:92:15:51:03:55:23:85:de:1d:87:c0:50:
                    2a:d7:fa:46:0d:07:23:20:38:65:bc:3e:c8:bf:77:
                    a1:88:b1:e3:98:d2:dc:43:f4:1f:c6:2d:38:07:6c:
                    92:25:d1:9b:63:e6:30:2e:01:c3:cf:16:63:de:89:
                    99:c0:a5:65:1a:4f:3b:f1:85:81:92:b6:00:37:bc:
                    81:2d:f4:d7:ce:14:63:4f:4b:8b:5e:5c:aa:f0:b4:
                    6d:9e:b3:9c:63:d1:7c:5f:09:e3:7d:98:37:72:2e:
                    f0:b9:e9:70:9c:a0:f6:bd:91:32:fb:73:6c:c7:20:
                    ca:17:b0:7f:fb:98:2e:57:63:b1:23:b1:b4:fa:7f:
                    8c:ad:0c:0a:71:e2:8f:33:2d:95:a6:0c:90:3d:7e:
                    ff:84:90:87:2b:db:48:4d:95:1f:b9:76:f0:22:92:
                    ca:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:31:9B:7E:E6:32:B3:AE:16:F9:5C:72:8C:F5:DC:1C:1B:1F:BD:2C
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:7e:90:00:de:ad:9e:46:74:b1:8d:aa:cb:da:ab:67:4c:90:
         ad:9e:69:a3:27:cf:6a:eb:82:f5:a1:77:5a:5e:31:d3:dc:41:
         be:34:8e:e1:c6:82:70:95:76:fa:e9:4b:3b:63:88:26:f7:6c:
         c3:83:d5:1f:92:8e:09:a8:be:fd:14:e5:21:30:13:0a:29:e3:
         ce:8e:48:fc:c5:a5:75:41:ce:2a:e0:1e:87:9f:3f:1e:04:a5:
         21:67:f4:90:68:ed:5c:df:1f:c6:8b:09:a6:05:5e:9d:6d:19:
         ec:cd:28:8f:2e:50:17:90:dc:f1:34:c9:81:a2:8c:bd:64:32:
         e1:9e:fe:be:e2:59:a3:43:67:37:2f:87:40:d7:b4:1c:59:76:
         2c:4b:43:b9:7e:a8:cf:70:33:0b:23:0a:85:80:fe:23:d3:88:
         55:d8:47:8f:77:02:e3:5d:8c:12:b8:fd:e3:64:fe:82:60:b6:
         e8:b6:7d:9e:cb:0b:83:74:a2:14:34:6e:e0:71:7f:68:2b:d8:
         91:4b:b6:54:62:8a:4f:f1:dd:b9:ca:79:f7:f2:df:f9:24:a2:
         21:a4:50:a2:b9:60:1c:df:39:54:d2:5c:41:ea:83:43:f0:ec:
         54:24:bc:44:8b:bf:c8:6b:28:63:0c:93:4d:aa:63:86:0e:39:
         6e:36:d5:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDTGujs0TzIkfwVsx9loIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUwNTEyMDcwMTI3WhcNMjUwNTEzMDcwMTI3WjAzMTEwLwYDVQQD
Eyg4MTMxOWI3ZWU2MzJiM2FlMTZmOTVjNzI4Y2Y1ZGMxYzFiMWZiZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGL8pZ5RQwkU8NnD0/EIvHcBTzpG
+Y8j/TBTOhE1XmtXkgreb7+DD4n3JYZOLmBlij3e57I3SGtgRA+vb6nLJKBB8TSP
UC5lsSvlW0IBQz38ldgu0G+5LlqrV0uSFVEDVSOF3h2HwFAq1/pGDQcjIDhlvD7I
v3ehiLHjmNLcQ/Qfxi04B2ySJdGbY+YwLgHDzxZj3omZwKVlGk878YWBkrYAN7yB
LfTXzhRjT0uLXlyq8LRtnrOcY9F8XwnjfZg3ci7wuelwnKD2vZEy+3NsxyDKF7B/
+5guV2OxI7G0+n+MrQwKceKPMy2VpgyQPX7/hJCHK9tITZUfuXbwIpLKzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIExm37mMrOuFvlccoz13BwbH70sMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlH6QAN6t
nkZ0sY2qy9qrZ0yQrZ5poyfPauuC9aF3Wl4x09xBvjSO4caCcJV2+ulLO2OIJvds
w4PVH5KOCai+/RTlITATCinjzo5I/MWldUHOKuAeh58/HgSlIWf0kGjtXN8fxosJ
pgVenW0Z7M0ojy5QF5Dc8TTJgaKMvWQy4Z7+vuJZo0NnNy+HQNe0HFl2LEtDuX6o
z3AzCyMKhYD+I9OIVdhHj3cC412MErj942T+gmC26LZ9nssLg3SiFDRu4HF/aCvY
kUu2VGKKT/Hducp59/Lf+SSiIaRQorlgHN85VNJcQeqDQ/DsVCS8RIu/yGsoYwyT
Tapjhg45bjbVbA==
-----END CERTIFICATE-----