Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          ASclnE314MRxnrWhxLz7KAjz47cbrKiQ9qlAQkzbjXw=
Subject key identifier:   B0:54:D1:39:7D:4D:8D:42:24:3F:F2:38:EA:E6:B6:2B:1E:05:3C:E8
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       0196BBC905B2E86B7C3F47C6990C7B617799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          013D
Signing time:             Sat 10 May 2025 20:00:35 +0000
Manifest this update:     Sat 10 May 2025 20:00:35 +0000
Manifest next update:     Sun 11 May 2025 20:00:35 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: 52hp1i+GuMLyU3uQnxaFwmH9MPBXApjs6xIfMs9osgg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 20:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:c9:05:b2:e8:6b:7c:3f:47:c6:99:0c:7b:61:77:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: May 10 20:00:35 2025 GMT
            Not After : May 11 20:00:35 2025 GMT
        Subject: CN=b054d1397d4d8d42243ff238eae6b62b1e053ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7d:ca:a9:fb:5f:e1:fb:51:95:13:be:97:67:
                    d5:e4:26:9b:6f:fb:73:de:a5:c0:8e:f4:86:7c:2a:
                    7c:7a:69:2d:ef:a5:08:20:08:30:f0:85:e1:1e:7d:
                    d3:23:85:27:6f:40:be:06:ac:63:a6:0d:cc:cf:4d:
                    76:90:2d:84:9e:f8:ad:5f:60:bd:e0:ba:e1:c1:a8:
                    9e:fc:c7:a6:23:89:85:bc:4d:7e:15:ba:79:72:cf:
                    97:6e:5c:31:be:3c:3d:01:e9:4a:60:58:57:3d:2a:
                    e6:a0:90:4e:dd:7a:1b:17:9d:33:0b:fc:86:df:d7:
                    99:f7:8c:55:80:3b:fc:48:1b:f0:10:69:7a:8e:8b:
                    ce:73:67:a9:0f:7b:9e:90:46:07:43:53:73:e7:4a:
                    7d:03:df:f8:e1:8f:23:39:f5:ac:82:d8:18:97:80:
                    1d:4f:5e:88:9b:c0:2c:e9:1d:52:68:f7:9d:5e:c4:
                    ef:cc:16:51:cb:6c:53:dd:13:65:16:df:f2:ba:7d:
                    52:86:61:db:98:1c:2f:e2:59:19:7d:19:a9:a5:f4:
                    c3:8c:1a:09:2c:2f:b1:0f:8d:aa:d8:a5:ee:0f:7e:
                    61:87:24:79:d2:f8:d8:bc:63:89:0c:d8:34:7a:63:
                    d4:6f:fa:3c:b7:00:d1:18:a1:ee:59:95:07:0f:a1:
                    93:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:54:D1:39:7D:4D:8D:42:24:3F:F2:38:EA:E6:B6:2B:1E:05:3C:E8
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:0d:ed:df:bf:02:83:91:30:da:60:c1:b3:de:18:d8:bc:34:
         f5:c6:2e:75:12:91:73:d6:21:25:b9:0c:93:c6:ac:23:ee:bd:
         c0:78:d2:b3:30:72:8b:f0:68:11:b6:15:07:8b:3e:f8:1b:f1:
         62:88:6d:0e:55:0d:76:61:fb:8c:a6:69:3d:5a:65:fb:f8:cd:
         3a:d2:fc:c9:00:fe:86:a4:fc:9a:f3:7a:ab:aa:f3:82:9c:2a:
         d1:5f:38:f6:3f:f8:a7:31:ce:72:9e:47:1d:25:04:94:66:e7:
         bb:1d:25:d7:73:e5:ff:6b:ec:3d:1f:5e:1b:d9:69:8e:aa:da:
         4b:75:22:58:e0:67:99:b2:45:36:58:8c:03:55:62:07:7f:ea:
         62:b1:77:e2:1b:b3:08:8d:0e:73:c7:06:98:78:95:4a:ba:1a:
         4c:3d:db:58:66:69:9f:49:b7:04:28:a3:8f:84:ee:d6:70:a0:
         9b:a5:f7:e4:ea:c6:26:fe:24:f0:60:eb:f8:c3:ee:da:27:97:
         ea:5e:1b:30:6d:61:e5:b0:ef:a5:a1:b3:14:15:cd:b6:7a:32:
         32:cb:d5:aa:a9:d3:ae:ff:60:c5:b2:68:2f:b7:8c:86:1e:34:
         b4:05:43:2e:d5:0c:6a:dd:79:74:21:5d:62:68:40:9c:2e:41:
         d8:ec:43:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7yQWy6Gt8P0fGmQx7YXeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjUwNTEwMjAwMDM1WhcNMjUwNTExMjAwMDM1WjAzMTEwLwYDVQQD
EyhiMDU0ZDEzOTdkNGQ4ZDQyMjQzZmYyMzhlYWU2YjYyYjFlMDUzY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx33Kqftf4ftRlRO+l2fV5Cabb/tz
3qXAjvSGfCp8emkt76UIIAgw8IXhHn3TI4Unb0C+Bqxjpg3Mz012kC2EnvitX2C9
4Lrhwaie/MemI4mFvE1+Fbp5cs+Xblwxvjw9AelKYFhXPSrmoJBO3XobF50zC/yG
39eZ94xVgDv8SBvwEGl6jovOc2epD3uekEYHQ1Nz50p9A9/44Y8jOfWsgtgYl4Ad
T16Im8As6R1SaPedXsTvzBZRy2xT3RNlFt/yun1ShmHbmBwv4lkZfRmppfTDjBoJ
LC+xD42q2KXuD35hhyR50vjYvGOJDNg0emPUb/o8twDRGKHuWZUHD6GTFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBU0Tl9TY1CJD/yOOrmtiseBTzoMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvA3t378C
g5Ew2mDBs94Y2Lw09cYudRKRc9YhJbkMk8asI+69wHjSszByi/BoEbYVB4s++Bvx
YohtDlUNdmH7jKZpPVpl+/jNOtL8yQD+hqT8mvN6q6rzgpwq0V849j/4pzHOcp5H
HSUElGbnux0l13Pl/2vsPR9eG9lpjqraS3UiWOBnmbJFNliMA1ViB3/qYrF34huz
CI0Oc8cGmHiVSroaTD3bWGZpn0m3BCijj4Tu1nCgm6X35OrGJv4k8GDr+MPu2ieX
6l4bMG1h5bDvpaGzFBXNtnoyMsvVqqnTrv9gxbJoL7eMhh40tAVDLtUMat15dCFd
YmhAnC5B2OxDoA==
-----END CERTIFICATE-----