Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          s5fEzVZtXFJ1e3Tl3oY7HoyCdh0niXLUpRC5lIQpnIM=
Subject key identifier:   BB:59:CD:93:2A:DD:B6:19:D3:1A:C1:22:8C:16:0D:01:E6:1C:48:92
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       0196C5A83E219C22CAA5A9E085BAC092DC0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          02A2
Signing time:             Mon 12 May 2025 18:00:59 +0000
Manifest this update:     Mon 12 May 2025 18:00:59 +0000
Manifest next update:     Tue 13 May 2025 18:00:59 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: +HsHzoLQt4v//WTOSUX0CIp54B8fWtc2YhUCdQGM2SE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 18:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:a8:3e:21:9c:22:ca:a5:a9:e0:85:ba:c0:92:dc:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: May 12 18:00:59 2025 GMT
            Not After : May 13 18:00:59 2025 GMT
        Subject: CN=bb59cd932addb619d31ac1228c160d01e61c4892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f2:c8:e4:35:4a:37:83:ff:6c:65:0e:28:e5:
                    ce:fc:bf:bd:a0:35:29:4e:81:55:36:93:e3:67:c8:
                    75:f2:a5:04:4c:5b:d7:eb:55:d6:b9:54:45:31:b6:
                    a0:b2:4b:03:9a:23:64:fa:1f:bf:53:78:4b:a0:85:
                    4c:93:07:02:55:df:ed:3c:cb:37:dd:fe:8d:93:b2:
                    d2:2d:48:0b:82:08:1d:91:ff:eb:a1:0a:92:80:1f:
                    8b:1b:5f:cf:8b:0c:69:33:d2:e9:c2:67:64:10:aa:
                    95:4b:37:1e:60:f6:63:b0:5b:07:22:11:15:7e:58:
                    09:7b:49:8c:f0:60:34:96:73:a6:58:04:50:9d:5e:
                    35:93:2a:17:d8:26:f6:25:ea:ea:71:c2:f7:d8:c3:
                    45:3b:31:6b:60:af:99:41:de:3e:d0:26:5a:05:9f:
                    cc:14:e3:8e:9b:4f:3b:35:8f:db:42:a2:7b:8b:40:
                    bd:8f:7f:06:a8:b8:6e:4b:ff:e5:8f:51:bd:c4:26:
                    a1:7a:d9:d9:d1:5c:9d:dd:eb:68:1c:bc:02:24:63:
                    18:17:ed:8c:ea:05:3c:47:d3:34:49:d0:90:54:2d:
                    83:43:b6:bb:44:6c:34:86:7d:49:ba:c4:36:84:69:
                    fe:34:5c:5b:92:f6:46:fd:2d:22:16:d1:09:8e:bc:
                    3f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:59:CD:93:2A:DD:B6:19:D3:1A:C1:22:8C:16:0D:01:E6:1C:48:92
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:37:62:a6:5e:f4:3a:ab:bb:0e:17:78:50:09:b9:9f:53:db:
         3d:22:ae:13:ce:f0:be:40:0e:88:91:09:d3:e2:e0:5f:33:ec:
         32:13:de:41:47:3d:5c:a0:2a:88:e1:c8:d4:f2:07:b8:89:5c:
         2e:1c:ee:30:21:23:29:0f:37:4a:a2:51:87:0e:9c:d2:5a:fb:
         27:8a:db:4d:0c:7e:40:61:35:5e:cd:87:54:4f:70:93:14:2b:
         1e:24:3d:8a:50:fa:89:2e:28:7c:c1:7f:38:a3:da:56:98:6f:
         0d:36:5f:6b:ea:e5:aa:50:ce:a0:f5:0b:da:eb:fa:15:50:33:
         cf:57:ef:6c:09:e2:af:f1:e7:2c:80:19:01:b4:fe:4b:75:a4:
         7e:56:46:6f:9b:63:9d:9d:f8:77:44:72:9c:d7:b2:f3:1d:72:
         a2:bd:73:9c:21:63:85:67:eb:c1:ca:eb:23:29:79:74:9f:6b:
         97:d2:c6:33:c0:5e:65:16:c3:9f:0a:ae:56:c4:a6:50:10:e7:
         d2:6e:b6:16:bf:5d:d6:a8:4e:57:db:06:42:2c:72:bc:03:1c:
         97:82:26:43:af:b2:ea:21:8f:cb:02:99:cc:cc:14:5a:4c:0a:
         a0:84:10:34:b1:36:eb:28:38:29:d7:3e:4c:02:4a:83:b8:8e:
         9b:93:1d:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFqD4hnCLKpanghbrAktwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwNTEyMTgwMDU5WhcNMjUwNTEzMTgwMDU5WjAzMTEwLwYDVQQD
EyhiYjU5Y2Q5MzJhZGRiNjE5ZDMxYWMxMjI4YzE2MGQwMWU2MWM0ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvLI5DVKN4P/bGUOKOXO/L+9oDUp
ToFVNpPjZ8h18qUETFvX61XWuVRFMbagsksDmiNk+h+/U3hLoIVMkwcCVd/tPMs3
3f6Nk7LSLUgLgggdkf/roQqSgB+LG1/PiwxpM9LpwmdkEKqVSzceYPZjsFsHIhEV
flgJe0mM8GA0lnOmWARQnV41kyoX2Cb2JerqccL32MNFOzFrYK+ZQd4+0CZaBZ/M
FOOOm087NY/bQqJ7i0C9j38GqLhuS//lj1G9xCahetnZ0Vyd3etoHLwCJGMYF+2M
6gU8R9M0SdCQVC2DQ7a7RGw0hn1JusQ2hGn+NFxbkvZG/S0iFtEJjrw/zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtZzZMq3bYZ0xrBIowWDQHmHEiSMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDdipl70
Oqu7Dhd4UAm5n1PbPSKuE87wvkAOiJEJ0+LgXzPsMhPeQUc9XKAqiOHI1PIHuIlc
LhzuMCEjKQ83SqJRhw6c0lr7J4rbTQx+QGE1Xs2HVE9wkxQrHiQ9ilD6iS4ofMF/
OKPaVphvDTZfa+rlqlDOoPUL2uv6FVAzz1fvbAnir/HnLIAZAbT+S3WkflZGb5tj
nZ34d0RynNey8x1yor1znCFjhWfrwcrrIyl5dJ9rl9LGM8BeZRbDnwquVsSmUBDn
0m62Fr9d1qhOV9sGQixyvAMcl4ImQ6+y6iGPywKZzMwUWkwKoIQQNLE26yg4Kdc+
TAJKg7iOm5MdDg==
-----END CERTIFICATE-----