Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          5l4MryArF1S3fGifY91SvAhqp6QuQdz3K6D1O+eLVw0=
Subject key identifier:   0A:95:E4:1D:AB:8B:C4:8F:AB:DC:63:BA:F8:49:DD:B1:AE:01:C9:34
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       0196B333FF25CD08EA0ABD623664B2CFCB07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          11C0
Signing time:             Fri 09 May 2025 04:00:51 +0000
Manifest this update:     Fri 09 May 2025 04:00:51 +0000
Manifest next update:     Sat 10 May 2025 04:00:51 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: sNHOvn1dGXbHC+NDWhJQiavDODU+5rN/0gXMQULfLtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 04:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b3:33:ff:25:cd:08:ea:0a:bd:62:36:64:b2:cf:cb:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: May  9 04:00:51 2025 GMT
            Not After : May 10 04:00:51 2025 GMT
        Subject: CN=0a95e41dab8bc48fabdc63baf849ddb1ae01c934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:46:3d:14:a0:b9:e6:eb:52:4c:af:bd:20:a4:
                    16:ec:c9:6b:b6:2c:66:18:80:1f:23:77:a1:10:92:
                    69:fd:cd:39:c4:ed:7f:3d:9d:8d:dd:2c:b2:12:37:
                    9b:47:ed:bf:ea:5b:72:a3:e9:94:f1:53:64:80:ad:
                    ee:03:2f:26:32:99:1a:76:b8:7f:76:3e:1c:ba:7a:
                    9c:ea:9c:7d:23:8b:57:a7:e2:26:0f:0f:00:46:51:
                    e3:7c:bd:76:0c:de:4b:7a:25:62:47:c4:dd:a9:56:
                    8f:ac:ab:f6:83:0f:ea:53:67:58:4a:53:e9:58:92:
                    ab:9e:62:ee:ac:c5:71:bc:36:38:db:18:ca:83:68:
                    f4:a3:0c:64:45:6b:0e:8b:f2:1c:c7:5a:d2:ca:8c:
                    65:39:36:22:ba:ea:53:35:de:bf:fe:1f:53:5d:67:
                    ff:81:9a:5c:76:54:47:2b:b1:4a:85:ae:95:93:06:
                    96:2b:08:00:38:65:3c:3a:51:10:1e:65:9c:1e:d3:
                    27:2d:d0:08:78:79:bc:05:3a:f3:84:7d:3f:62:23:
                    03:53:f9:bd:67:5f:6c:54:42:89:67:40:9c:43:88:
                    fb:91:c7:27:2d:be:7e:74:94:64:5b:20:db:a8:46:
                    5e:12:da:e2:1e:6a:b0:44:5b:07:cf:a7:9a:41:91:
                    5c:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:95:E4:1D:AB:8B:C4:8F:AB:DC:63:BA:F8:49:DD:B1:AE:01:C9:34
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:b5:34:18:bb:8a:1f:b4:76:96:38:bf:78:b1:43:c1:11:aa:
         ed:be:80:50:5d:9e:7c:37:a3:c8:47:55:88:15:a6:db:87:f9:
         c2:b0:e5:f9:0b:8f:10:c6:00:b8:c0:f0:0e:78:90:0e:74:9f:
         38:6a:12:17:a9:e7:69:e2:53:a3:4d:67:f0:83:38:61:a6:26:
         3f:2e:18:84:32:08:08:67:db:13:ac:ab:1d:4c:2b:76:64:2d:
         cd:0b:d3:f3:0e:d2:a5:1c:55:91:58:f1:5f:02:84:da:2b:07:
         63:0c:13:9d:e3:8a:17:c8:f9:05:67:8a:76:e7:6c:5e:7e:40:
         06:ce:13:fb:84:2d:03:07:c7:c2:cf:13:75:ac:bb:b4:c3:6a:
         28:4e:76:80:be:42:6a:a5:52:4d:e7:a5:af:ac:26:b2:da:e0:
         31:f1:7e:d5:02:09:50:b8:b9:94:e9:aa:57:98:65:25:74:a8:
         40:a0:d4:ea:b5:4f:d6:40:ca:32:5a:df:b7:39:6d:8d:7c:c9:
         05:3f:5e:3c:b8:c3:d3:f5:8d:16:79:aa:28:a2:79:42:61:2b:
         04:27:f5:f9:95:2b:9f:d1:b9:5e:d9:35:88:3d:47:61:85:29:
         fd:90:26:c7:a5:dc:f7:52:8a:dd:b0:15:f5:61:ba:95:1a:16:
         51:3e:5b:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZazM/8lzQjqCr1iNmSyz8sHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUwNTA5MDQwMDUxWhcNMjUwNTEwMDQwMDUxWjAzMTEwLwYDVQQD
EygwYTk1ZTQxZGFiOGJjNDhmYWJkYzYzYmFmODQ5ZGRiMWFlMDFjOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UY9FKC55utSTK+9IKQW7Mlrtixm
GIAfI3ehEJJp/c05xO1/PZ2N3SyyEjebR+2/6ltyo+mU8VNkgK3uAy8mMpkadrh/
dj4cunqc6px9I4tXp+ImDw8ARlHjfL12DN5LeiViR8TdqVaPrKv2gw/qU2dYSlPp
WJKrnmLurMVxvDY42xjKg2j0owxkRWsOi/Icx1rSyoxlOTYiuupTNd6//h9TXWf/
gZpcdlRHK7FKha6VkwaWKwgAOGU8OlEQHmWcHtMnLdAIeHm8BTrzhH0/YiMDU/m9
Z19sVEKJZ0CcQ4j7kccnLb5+dJRkWyDbqEZeEtriHmqwRFsHz6eaQZFc9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqV5B2ri8SPq9xjuvhJ3bGuAck0MB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJbU0GLuK
H7R2lji/eLFDwRGq7b6AUF2efDejyEdViBWm24f5wrDl+QuPEMYAuMDwDniQDnSf
OGoSF6nnaeJTo01n8IM4YaYmPy4YhDIICGfbE6yrHUwrdmQtzQvT8w7SpRxVkVjx
XwKE2isHYwwTneOKF8j5BWeKdudsXn5ABs4T+4QtAwfHws8Tday7tMNqKE52gL5C
aqVSTeelr6wmstrgMfF+1QIJULi5lOmqV5hlJXSoQKDU6rVP1kDKMlrftzltjXzJ
BT9ePLjD0/WNFnmqKKJ5QmErBCf1+ZUrn9G5Xtk1iD1HYYUp/ZAmx6Xc91KK3bAV
9WG6lRoWUT5bPQ==
-----END CERTIFICATE-----