Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          zBDT0Ld4ZpRxj1uL8sFfPPtjSDhmYG2zDO9Q4nt3YiI=
Subject key identifier:   3E:CF:50:A5:AE:63:69:E8:07:D4:6A:3C:3B:2A:DC:3B:0E:CA:F1:55
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       0196BCDBB959F4B1C653F2399ABC1073FB76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          1530
Signing time:             Sun 11 May 2025 01:00:38 +0000
Manifest this update:     Sun 11 May 2025 01:00:38 +0000
Manifest next update:     Mon 12 May 2025 01:00:38 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: 2xp9cheZqCbymSCvxm+sxyN0rFRDW81HaEUw/XzA1yg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 01:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bc:db:b9:59:f4:b1:c6:53:f2:39:9a:bc:10:73:fb:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: May 11 01:00:38 2025 GMT
            Not After : May 12 01:00:38 2025 GMT
        Subject: CN=3ecf50a5ae6369e807d46a3c3b2adc3b0ecaf155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:c9:5a:f7:5a:92:d7:a7:f0:ac:b2:66:e5:41:
                    4c:77:92:bb:b3:d9:11:e0:f5:3c:1f:14:1a:78:71:
                    f0:f5:b3:fc:bb:fc:3a:93:ee:a3:25:87:3e:04:d4:
                    4b:cb:35:ff:37:f4:29:99:19:71:24:a5:c5:e9:9b:
                    86:c4:92:89:6b:92:63:94:a2:1c:58:59:52:17:ed:
                    66:ba:78:be:86:e0:14:a3:65:ee:b4:bf:3d:39:c1:
                    87:f1:a1:f7:4c:06:bd:a4:b0:e1:5d:43:8c:d9:35:
                    a2:c9:cb:5e:87:eb:79:23:79:21:44:f3:92:12:71:
                    9d:1d:cf:52:a4:a6:84:fa:d3:87:5e:0b:58:a7:5a:
                    45:12:18:ae:80:6f:b8:fa:11:84:2e:97:65:bc:4a:
                    bc:28:30:5e:48:19:15:69:db:73:44:58:1f:58:a4:
                    38:e9:47:f9:1d:4e:49:e3:bf:5e:52:4c:fc:43:bb:
                    79:5f:86:23:44:af:eb:d8:57:14:5e:0d:bb:1a:9d:
                    c3:8d:c0:f4:25:c1:ad:4a:b3:ec:46:39:1f:ae:05:
                    fc:17:5f:8f:21:c6:f5:db:cd:05:94:ec:ea:f7:05:
                    fe:d1:88:e8:54:1b:e0:e1:f5:88:e7:a0:76:75:0e:
                    44:8b:1d:f9:ec:87:67:26:83:6c:ca:ba:d7:1b:f3:
                    b1:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:CF:50:A5:AE:63:69:E8:07:D4:6A:3C:3B:2A:DC:3B:0E:CA:F1:55
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:a2:5e:be:30:95:b9:37:1d:e2:9a:80:4e:cf:82:dd:14:d5:
         b7:0b:1a:93:8a:85:96:41:a9:76:7f:33:07:af:b1:de:11:7a:
         b1:0a:f1:d0:d1:f2:d2:61:db:8b:22:f4:53:fe:76:75:57:43:
         65:ed:55:9c:65:69:83:66:a8:76:7e:9d:5b:76:3a:7f:66:b8:
         f1:df:72:29:d2:dd:63:e9:d3:48:2e:2d:8a:4c:df:66:59:d6:
         88:83:c7:a1:0a:cf:e1:cf:03:67:64:b8:b9:ba:48:cb:94:d3:
         7f:9b:b0:b5:1c:09:29:b2:13:bc:73:a3:3c:09:18:90:00:5c:
         73:69:3d:cd:ab:53:53:be:0f:36:4a:5b:a9:cc:a5:de:49:e4:
         6e:31:d5:a3:d7:41:c0:9c:70:da:ae:6b:b9:b6:a2:fb:0f:89:
         39:d8:36:31:55:58:6c:ba:06:0d:49:0b:b8:fa:3c:dc:99:5e:
         26:81:2f:04:fc:d6:ee:69:c4:05:9e:ca:35:98:2d:2c:94:35:
         8d:9f:66:3b:bf:81:04:ee:7f:fb:e9:18:56:8f:39:7d:e8:40:
         97:ff:c9:2a:a7:59:19:85:47:e5:96:58:27:c6:a0:c9:14:5e:
         7b:e8:07:d4:58:ba:0e:89:82:e4:d2:1f:58:58:4e:e3:4c:c2:
         6f:94:ce:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa827lZ9LHGU/I5mrwQc/t2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUwNTExMDEwMDM4WhcNMjUwNTEyMDEwMDM4WjAzMTEwLwYDVQQD
EygzZWNmNTBhNWFlNjM2OWU4MDdkNDZhM2MzYjJhZGMzYjBlY2FmMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68la91qS16fwrLJm5UFMd5K7s9kR
4PU8HxQaeHHw9bP8u/w6k+6jJYc+BNRLyzX/N/QpmRlxJKXF6ZuGxJKJa5JjlKIc
WFlSF+1muni+huAUo2XutL89OcGH8aH3TAa9pLDhXUOM2TWiycteh+t5I3khRPOS
EnGdHc9SpKaE+tOHXgtYp1pFEhiugG+4+hGELpdlvEq8KDBeSBkVadtzRFgfWKQ4
6Uf5HU5J479eUkz8Q7t5X4YjRK/r2FcUXg27Gp3DjcD0JcGtSrPsRjkfrgX8F1+P
Icb1280FlOzq9wX+0YjoVBvg4fWI56B2dQ5Eix357IdnJoNsyrrXG/OxEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7PUKWuY2noB9RqPDsq3DsOyvFVMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKJevjCV
uTcd4pqATs+C3RTVtwsak4qFlkGpdn8zB6+x3hF6sQrx0NHy0mHbiyL0U/52dVdD
Ze1VnGVpg2aodn6dW3Y6f2a48d9yKdLdY+nTSC4tikzfZlnWiIPHoQrP4c8DZ2S4
ubpIy5TTf5uwtRwJKbITvHOjPAkYkABcc2k9zatTU74PNkpbqcyl3knkbjHVo9dB
wJxw2q5rubai+w+JOdg2MVVYbLoGDUkLuPo83JleJoEvBPzW7mnEBZ7KNZgtLJQ1
jZ9mO7+BBO5/++kYVo85fehAl//JKqdZGYVH5ZZYJ8agyRRee+gH1Fi6DomC5NIf
WFhO40zCb5TOcA==
-----END CERTIFICATE-----