Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          Dc57CFcw+yOxMrEcPoy+pPGFrD62/L+iEoEHfZzbLCE=
Subject key identifier:   1D:42:5A:0A:E3:C7:26:4F:CC:66:A2:CA:8B:4A:3D:BD:3C:76:57:6C
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       0196B36A8EC2C9FD931A01F20D0BBC2F0B6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          02B6
Signing time:             Fri 09 May 2025 05:00:26 +0000
Manifest this update:     Fri 09 May 2025 05:00:26 +0000
Manifest next update:     Sat 10 May 2025 05:00:26 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: tyIY85uf5v4Yj0TO/58IWzPJcYCSkayRmLa7O7eVGXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 05:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:6a:8e:c2:c9:fd:93:1a:01:f2:0d:0b:bc:2f:0b:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: May  9 05:00:26 2025 GMT
            Not After : May 10 05:00:26 2025 GMT
        Subject: CN=1d425a0ae3c7264fcc66a2ca8b4a3dbd3c76576c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8a:35:b8:de:b7:77:b2:cc:4b:e9:37:ff:f4:
                    66:24:90:b8:17:58:bb:11:e9:f2:71:e1:fb:9b:41:
                    ec:f2:94:c4:c7:cd:36:fa:1d:f9:ce:80:64:35:1e:
                    23:ed:e9:ad:58:43:67:17:06:57:a3:3a:1c:ac:83:
                    9d:40:41:ef:e0:c7:fb:5f:9b:05:72:c5:fc:7c:cf:
                    20:d0:a0:d0:7d:e6:80:22:fc:e6:32:74:d3:e4:07:
                    15:bf:29:30:9b:6b:e2:f6:32:ec:89:86:d4:98:01:
                    e5:ec:26:67:e3:22:d9:0e:7a:ff:6d:17:d4:83:ca:
                    97:ad:bb:af:e2:5a:09:49:cf:3e:10:c8:35:2f:e1:
                    c4:ba:de:9d:a0:b3:40:9f:d5:29:83:c3:af:c3:8d:
                    17:14:3a:76:c1:b3:76:32:87:b1:8e:8e:17:6a:e7:
                    fe:7a:c8:68:cd:8d:09:a9:d8:38:a4:06:3a:65:ae:
                    3b:39:9e:f1:3d:80:ae:a4:13:df:25:62:d5:c7:cb:
                    66:81:26:28:11:07:d3:74:94:93:3c:4a:6c:e8:f0:
                    48:57:7e:b0:a4:cb:59:cf:ba:c3:a7:8d:9d:97:58:
                    e2:94:be:a0:37:42:e9:11:ca:60:8e:d0:8e:a6:49:
                    74:9e:31:71:5f:99:2f:30:64:0c:27:9c:13:b3:eb:
                    c3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:42:5A:0A:E3:C7:26:4F:CC:66:A2:CA:8B:4A:3D:BD:3C:76:57:6C
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:a6:75:c5:9a:fc:5b:84:f3:c4:3f:4f:ad:7b:f9:7d:8b:47:
         a1:8d:7d:8c:ac:ab:94:07:4d:67:e4:f8:e2:09:b6:00:20:48:
         37:e0:5c:1a:6b:60:85:e4:88:02:08:3e:f4:1f:6e:46:5b:d1:
         c1:ef:42:cd:0b:30:2e:f7:e5:6b:01:94:ec:41:e4:1b:1d:20:
         2d:a3:d8:a4:2c:a8:9f:42:f5:5d:0a:76:aa:7e:24:b6:16:95:
         bb:04:a2:5f:07:13:49:cf:3a:c1:dc:fa:6a:8c:44:b1:94:cf:
         95:db:ec:a8:b7:8a:43:69:d0:7b:51:cf:91:f1:8d:a6:32:86:
         69:5c:99:08:e7:7c:3c:31:11:41:de:ec:84:10:a6:b0:bb:bf:
         dc:3f:58:53:70:73:2b:84:3e:26:94:ba:7d:9b:df:76:75:fa:
         50:80:f1:d9:20:3b:97:e6:f9:1e:0e:43:6c:22:da:c0:10:66:
         ed:1c:6f:fb:4c:5c:af:56:22:68:b5:f7:8f:03:01:a7:06:38:
         c6:6b:5d:05:c7:b9:76:9b:c2:9c:3a:69:d1:86:8c:0a:23:37:
         1a:8a:15:97:eb:c0:5a:a2:05:93:9c:72:cb:e2:35:5c:1f:64:
         82:ae:6a:a5:1a:c8:e2:04:a8:68:93:f0:6c:1e:cb:d3:8c:22:
         97:96:2e:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZazao7Cyf2TGgHyDQu8LwttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjUwNTA5MDUwMDI2WhcNMjUwNTEwMDUwMDI2WjAzMTEwLwYDVQQD
EygxZDQyNWEwYWUzYzcyNjRmY2M2NmEyY2E4YjRhM2RiZDNjNzY1NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIo1uN63d7LMS+k3//RmJJC4F1i7
EenyceH7m0Hs8pTEx802+h35zoBkNR4j7emtWENnFwZXozocrIOdQEHv4Mf7X5sF
csX8fM8g0KDQfeaAIvzmMnTT5AcVvykwm2vi9jLsiYbUmAHl7CZn4yLZDnr/bRfU
g8qXrbuv4loJSc8+EMg1L+HEut6doLNAn9Upg8Ovw40XFDp2wbN2Moexjo4Xauf+
eshozY0Jqdg4pAY6Za47OZ7xPYCupBPfJWLVx8tmgSYoEQfTdJSTPEps6PBIV36w
pMtZz7rDp42dl1jilL6gN0LpEcpgjtCOpkl0njFxX5kvMGQMJ5wTs+vD0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1CWgrjxyZPzGaiyotKPb08dldsMB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVKZ1xZr8
W4TzxD9PrXv5fYtHoY19jKyrlAdNZ+T44gm2ACBIN+BcGmtgheSIAgg+9B9uRlvR
we9CzQswLvflawGU7EHkGx0gLaPYpCyon0L1XQp2qn4kthaVuwSiXwcTSc86wdz6
aoxEsZTPldvsqLeKQ2nQe1HPkfGNpjKGaVyZCOd8PDERQd7shBCmsLu/3D9YU3Bz
K4Q+JpS6fZvfdnX6UIDx2SA7l+b5Hg5DbCLawBBm7Rxv+0xcr1YiaLX3jwMBpwY4
xmtdBce5dpvCnDpp0YaMCiM3GooVl+vAWqIFk5xyy+I1XB9kgq5qpRrI4gSoaJPw
bB7L04wil5YuVA==
-----END CERTIFICATE-----