Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          YC0LEZBbAFl4ZdtGXMSYfKF1+/HQSzfBLg7rt0PIwJE=
Subject key identifier:   4B:30:F3:65:A4:82:1F:1E:DB:E3:D9:DC:5F:4B:0E:DC:E2:1B:FD:7B
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       0196BBC93703106B00C2951D7B9B334A23D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          01E2
Signing time:             Sat 10 May 2025 20:00:48 +0000
Manifest this update:     Sat 10 May 2025 20:00:48 +0000
Manifest next update:     Sun 11 May 2025 20:00:48 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: Lu3PzfaKj1CMbv2p6DIv7IOH0gs3xgfehi9WKhf4uFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 20:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:c9:37:03:10:6b:00:c2:95:1d:7b:9b:33:4a:23:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: May 10 20:00:48 2025 GMT
            Not After : May 11 20:00:48 2025 GMT
        Subject: CN=4b30f365a4821f1edbe3d9dc5f4b0edce21bfd7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:ca:f7:12:0c:bd:cb:fd:6d:1a:20:b2:a5:
                    64:81:ea:f1:26:59:20:23:a0:54:a3:e0:55:a7:96:
                    e4:d2:89:a3:bb:3c:50:0f:c1:9d:5e:24:2a:fd:8b:
                    a7:0a:94:9d:78:04:fa:98:0f:64:72:30:79:12:97:
                    25:a3:ec:88:fb:63:13:0a:2c:c8:d1:d4:e8:28:74:
                    4f:02:60:26:01:c5:d7:ef:e2:72:0c:ac:ec:24:18:
                    65:b4:04:6f:e3:65:e0:8e:1b:17:c8:ab:32:17:c1:
                    e1:ef:34:ed:4b:e1:93:54:72:b9:c2:94:c3:e8:bc:
                    ba:67:06:d2:1c:68:7c:0a:fb:b9:52:19:43:91:6e:
                    63:76:be:4e:63:5c:19:69:9c:b0:38:46:cc:20:da:
                    7d:b9:57:0d:31:1f:54:0f:f6:8e:04:cf:c2:ff:69:
                    f0:09:e5:9d:88:3f:d7:e4:28:55:b2:3a:81:09:2c:
                    24:c9:3c:3c:9d:53:ab:86:b3:1b:a6:91:48:bf:9b:
                    8a:f2:7c:ba:61:d4:8c:23:9d:61:a7:5a:c1:7e:e3:
                    d6:28:cb:fd:45:0b:f3:ce:7b:74:75:a0:69:0c:35:
                    47:77:0c:14:bb:93:eb:b6:fa:20:85:ed:87:34:0b:
                    03:54:ac:5a:a4:eb:71:5d:68:e2:b6:6e:fa:02:e9:
                    cc:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:30:F3:65:A4:82:1F:1E:DB:E3:D9:DC:5F:4B:0E:DC:E2:1B:FD:7B
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:80:e5:5b:7f:07:58:df:2a:ec:6d:cd:77:e9:84:c4:cb:98:
         62:44:60:11:f0:03:ff:a8:2f:4d:62:d8:b1:96:de:6a:bf:2b:
         c4:91:0f:6a:3d:8b:b3:dc:fd:13:a0:23:66:ec:a3:50:fb:a1:
         53:3c:32:b6:18:28:b1:52:7b:6c:78:10:37:67:e9:d3:93:1b:
         9b:b0:74:22:a2:cc:44:f4:8b:f0:4b:95:85:45:5d:5a:43:60:
         d1:b6:08:eb:a3:66:40:e3:0a:82:32:97:58:ea:9a:ff:07:94:
         1d:0c:7f:c6:59:e5:63:4b:a7:91:4d:db:85:ea:9e:85:16:20:
         ac:ef:69:1d:39:3c:e4:5b:b9:f6:3e:52:99:db:33:19:f9:95:
         a0:7c:a7:a2:7d:51:f5:5e:9f:03:19:6e:ab:d5:a2:6c:3f:52:
         83:c5:12:5a:24:9c:ef:ba:8d:a8:52:48:0e:3c:37:40:1f:88:
         bc:68:73:3a:9a:07:77:3b:9d:18:6c:ea:df:ae:9d:35:47:73:
         b5:d8:f9:74:01:14:d0:7d:b4:af:6c:cf:4e:9d:59:41:37:c0:
         36:84:79:23:a7:da:d0:07:33:a2:c7:f1:bb:56:4a:d6:23:e9:
         d5:a8:07:4a:11:1f:59:65:4b:0b:19:d0:ce:36:87:13:b8:bb:
         92:78:8e:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7yTcDEGsAwpUde5szSiPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUwNTEwMjAwMDQ4WhcNMjUwNTExMjAwMDQ4WjAzMTEwLwYDVQQD
Eyg0YjMwZjM2NWE0ODIxZjFlZGJlM2Q5ZGM1ZjRiMGVkY2UyMWJmZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaDK9xIMvcv9bRogsqVkgerxJlkg
I6BUo+BVp5bk0omjuzxQD8GdXiQq/YunCpSdeAT6mA9kcjB5Epclo+yI+2MTCizI
0dToKHRPAmAmAcXX7+JyDKzsJBhltARv42XgjhsXyKsyF8Hh7zTtS+GTVHK5wpTD
6Ly6ZwbSHGh8Cvu5UhlDkW5jdr5OY1wZaZywOEbMINp9uVcNMR9UD/aOBM/C/2nw
CeWdiD/X5ChVsjqBCSwkyTw8nVOrhrMbppFIv5uK8ny6YdSMI51hp1rBfuPWKMv9
RQvzznt0daBpDDVHdwwUu5Prtvoghe2HNAsDVKxapOtxXWjitm76AunMnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsw82Wkgh8e2+PZ3F9LDtziG/17MB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4DlW38H
WN8q7G3Nd+mExMuYYkRgEfAD/6gvTWLYsZbear8rxJEPaj2Ls9z9E6AjZuyjUPuh
UzwythgosVJ7bHgQN2fp05Mbm7B0IqLMRPSL8EuVhUVdWkNg0bYI66NmQOMKgjKX
WOqa/weUHQx/xlnlY0unkU3bheqehRYgrO9pHTk85Fu59j5SmdszGfmVoHynon1R
9V6fAxluq9WibD9Sg8USWiSc77qNqFJIDjw3QB+IvGhzOpoHdzudGGzq366dNUdz
tdj5dAEU0H20r2zPTp1ZQTfANoR5I6fa0Aczosfxu1ZK1iPp1agHShEfWWVLCxnQ
zjaHE7i7kniOYA==
-----END CERTIFICATE-----