Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
File:                     2V_Z-7sug4agu3amyEH8aKfD65g.mft (raw, json)
Hash identifier:          pRogZjmOK1Dd44oBUGlSaYhfkNziOYSePTiV0oeGd5o=
Subject key identifier:   F6:41:73:4B:E1:C0:03:E7:10:44:3D:D7:50:5B:4D:4A:26:F9:2E:AD
Authority key identifier: D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98
Certificate issuer:       /CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
Certificate serial:       0196AD31E6EBF7901FDAE153A412F1F36CBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
Manifest number:          017D
Signing time:             Thu 08 May 2025 00:00:50 +0000
Manifest this update:     Thu 08 May 2025 00:00:50 +0000
Manifest next update:     Fri 09 May 2025 00:00:50 +0000
Files and hashes:         1: 2V_Z-7sug4agu3amyEH8aKfD65g.crl (hash: pC7ayf0tvSIbiNeh4OgYBAw4TegLF4wycfIifz0R49M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ad:31:e6:eb:f7:90:1f:da:e1:53:a4:12:f1:f3:6c:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
        Validity
            Not Before: May  8 00:00:50 2025 GMT
            Not After : May  9 00:00:50 2025 GMT
        Subject: CN=f641734be1c003e710443dd7505b4d4a26f92ead
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:d0:57:e1:35:69:1c:6c:b9:f1:e0:d7:bd:49:
                    fa:0f:40:61:d7:96:7a:9a:9e:70:8c:91:1f:38:35:
                    b5:42:35:1b:65:e2:9b:ee:74:b3:9e:6a:b6:88:bb:
                    d4:a9:da:93:41:9d:c7:2a:45:c7:eb:26:94:ab:48:
                    b8:35:da:1a:d2:00:99:65:73:6f:89:c9:d0:b1:b8:
                    41:16:bc:59:39:d2:71:23:be:69:1d:ce:00:39:80:
                    7d:72:6c:fb:5a:91:67:98:a1:b9:eb:e8:ba:74:90:
                    5a:a3:ff:2f:b0:29:4e:5d:05:9f:be:91:c3:5c:ec:
                    c1:41:bd:ae:05:91:00:be:c5:0c:98:60:91:78:eb:
                    bd:49:a3:23:f6:bd:39:49:c2:65:43:1a:b0:d3:b7:
                    78:98:fa:4c:09:8d:9c:23:12:86:6b:68:56:c3:ba:
                    ce:bf:33:29:5e:39:08:37:21:6e:64:22:30:fd:c5:
                    09:6f:84:63:34:22:ff:d8:67:03:4d:aa:b8:2d:6b:
                    17:9d:3b:9c:40:a2:c5:70:c7:69:c2:fd:fd:9e:17:
                    a7:6c:37:e4:33:44:e7:99:c4:0d:8d:72:3d:75:ac:
                    7f:6d:2f:f1:31:ad:8f:ef:8d:50:1f:39:fb:cd:e6:
                    1b:4c:8b:1a:25:38:dd:05:d1:98:5a:87:f6:5a:b9:
                    a8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:41:73:4B:E1:C0:03:E7:10:44:3D:D7:50:5B:4D:4A:26:F9:2E:AD
            X509v3 Authority Key Identifier:
                keyid:D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:d5:84:3f:5e:39:8a:4a:32:3d:7f:fa:f4:e2:bb:80:ba:dd:
         ae:cc:d9:78:ce:1e:c9:b8:b5:7d:c1:34:b0:10:fa:b0:73:4f:
         22:fa:33:b8:09:4d:e4:82:c4:57:8a:b6:51:15:c2:09:75:0b:
         e1:3c:c7:ce:e0:98:ce:1d:ac:25:49:2c:d8:01:2e:08:3d:21:
         3c:13:18:e2:43:2d:62:6b:d0:bf:9c:4a:61:23:2e:ed:6b:ec:
         c1:e4:85:46:74:b2:2d:ff:7a:af:b2:90:32:9a:78:fb:61:ad:
         a0:de:e5:9e:8f:3f:cf:3e:99:bd:fd:ed:15:ae:b4:95:1c:ca:
         3b:e2:95:14:f6:93:4a:b0:b8:c9:d5:41:7d:3c:24:ba:54:0e:
         ab:9d:6b:e5:29:93:1a:0f:47:8e:0e:82:be:46:a7:e5:5b:de:
         0e:7c:66:34:20:1d:e2:56:77:61:b7:cd:0c:45:15:9f:c1:fc:
         71:e3:5d:11:4a:3e:85:49:c2:ed:dd:ff:46:0f:72:9e:2b:62:
         c6:d6:9c:08:03:9f:d0:cd:57:5c:09:98:9d:2e:3c:c4:ae:8f:
         1b:ee:dd:a5:57:d5:e7:bf:2b:16:51:2b:8f:58:d2:0e:c3:2c:
         f4:4f:51:3b:65:9f:a6:7a:20:2d:da:dc:cd:7a:d6:2b:8d:ae:
         a0:12:5c:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZatMebr95Af2uFTpBLx82y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWZkOWZiYmIyZTgzODZhMGJiNzZhNmM4NDFmYzY4YTdj
M2ViOTgwHhcNMjUwNTA4MDAwMDUwWhcNMjUwNTA5MDAwMDUwWjAzMTEwLwYDVQQD
EyhmNjQxNzM0YmUxYzAwM2U3MTA0NDNkZDc1MDViNGQ0YTI2ZjkyZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79BX4TVpHGy58eDXvUn6D0Bh15Z6
mp5wjJEfODW1QjUbZeKb7nSznmq2iLvUqdqTQZ3HKkXH6yaUq0i4Ndoa0gCZZXNv
icnQsbhBFrxZOdJxI75pHc4AOYB9cmz7WpFnmKG56+i6dJBao/8vsClOXQWfvpHD
XOzBQb2uBZEAvsUMmGCReOu9SaMj9r05ScJlQxqw07d4mPpMCY2cIxKGa2hWw7rO
vzMpXjkINyFuZCIw/cUJb4RjNCL/2GcDTaq4LWsXnTucQKLFcMdpwv39nhenbDfk
M0TnmcQNjXI9dax/bS/xMa2P741QHzn7zeYbTIsaJTjdBdGYWof2WrmooQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZBc0vhwAPnEEQ911BbTUom+S6tMB8GA1UdIwQY
MBaAFNlf2fu7LoOGoLt2pshB/Ginw+uYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgt
MzIwZGYyZWIwZmQyLzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgtMzIwZGYyZWIwZmQy
LzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAldWEP145
ikoyPX/69OK7gLrdrszZeM4eybi1fcE0sBD6sHNPIvozuAlN5ILEV4q2URXCCXUL
4TzHzuCYzh2sJUks2AEuCD0hPBMY4kMtYmvQv5xKYSMu7WvsweSFRnSyLf96r7KQ
Mpp4+2GtoN7lno8/zz6Zvf3tFa60lRzKO+KVFPaTSrC4ydVBfTwkulQOq51r5SmT
Gg9Hjg6Cvkan5VveDnxmNCAd4lZ3YbfNDEUVn8H8ceNdEUo+hUnC7d3/Rg9yniti
xtacCAOf0M1XXAmYnS48xK6PG+7dpVfV578rFlErj1jSDsMs9E9RO2WfpnogLdrc
zXrWK42uoBJc/Q==
-----END CERTIFICATE-----