Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          XIFSjql3QxQXw33rzdHct6oQLN+w+p+9ul2R78Ro2z0=
Subject key identifier:   A2:CB:C2:A0:E8:AE:08:9E:19:A5:48:8E:0D:5A:ED:AA:46:55:C8:EA
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       0196CB0593861A258D8B324698603681D2AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          05BF
Signing time:             Tue 13 May 2025 19:01:02 +0000
Manifest this update:     Tue 13 May 2025 19:01:02 +0000
Manifest next update:     Wed 14 May 2025 19:01:02 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: BZhOTSxOHV2hx/XvWlzxb+byQ4JxMQIHgKWkKE8iIhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:93:86:1a:25:8d:8b:32:46:98:60:36:81:d2:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: May 13 19:01:02 2025 GMT
            Not After : May 14 19:01:02 2025 GMT
        Subject: CN=a2cbc2a0e8ae089e19a5488e0d5aedaa4655c8ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d9:93:66:65:39:c6:24:45:ee:21:7a:ac:f7:
                    32:6f:e1:84:9f:7f:b0:b2:0a:7a:ef:5a:53:6d:45:
                    af:19:85:8f:b9:50:64:03:a1:dc:5c:65:23:1c:e4:
                    e3:0d:80:26:ca:d6:f1:a5:d8:95:9d:d8:2e:7c:32:
                    f6:ea:fa:6e:13:5d:90:96:3c:ee:c6:ba:56:62:87:
                    84:c8:e1:28:bd:cb:00:57:2b:b7:91:e5:3f:44:d6:
                    9a:76:60:68:31:f0:a8:45:1a:87:8e:4f:3e:cf:56:
                    ab:0f:e2:78:ad:b3:ad:06:4d:c1:ae:06:66:6b:21:
                    25:ce:77:7e:08:57:f7:19:67:25:0b:2e:56:1c:e2:
                    e6:67:fb:ff:2e:d9:a9:22:f0:6b:68:cc:8f:16:5d:
                    1a:ab:5d:c6:93:09:c2:d5:d0:e8:53:d3:4e:62:65:
                    01:7f:97:84:72:ed:39:f9:f3:99:55:b6:7f:9b:4f:
                    6b:2a:d1:dd:fd:3e:1b:67:9c:54:00:e7:12:77:ae:
                    d8:19:cb:32:c3:b6:8e:fd:25:20:b6:74:1c:7a:57:
                    dd:f5:c2:08:5a:0d:27:d1:39:01:7e:9c:a8:e5:a4:
                    80:a0:c3:4d:5f:05:fc:35:96:ae:a7:ce:21:e3:63:
                    16:80:bf:ac:aa:62:5c:44:f7:7f:3e:55:41:31:6b:
                    a8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:CB:C2:A0:E8:AE:08:9E:19:A5:48:8E:0D:5A:ED:AA:46:55:C8:EA
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:be:f1:76:d0:05:b9:3f:28:fe:0b:6b:8d:3d:a1:98:81:37:
         f5:f9:4c:2e:d5:6d:28:83:1b:95:c2:0f:2b:57:22:cd:38:6e:
         d2:90:56:43:78:4d:3d:f0:01:47:25:43:2b:d8:74:cc:e5:c8:
         92:24:e6:e6:ac:fc:0b:fc:26:13:0c:ae:47:21:be:31:f5:10:
         ff:30:69:c6:77:ec:18:44:c0:5e:6a:48:54:b1:91:4e:a5:d6:
         ab:3b:55:9a:69:2b:a0:13:73:83:1f:cb:1f:0f:99:88:d5:f6:
         25:e3:de:57:21:17:84:52:0f:02:bc:ad:a3:2a:6e:a6:f1:c8:
         d3:a2:b9:22:d7:6a:33:5b:e2:bb:e8:53:97:e9:35:1e:60:4b:
         f7:ae:57:d4:fe:f5:59:d4:d6:71:bd:e1:c3:bf:41:bb:78:f0:
         c5:6e:ae:14:37:f7:d9:8d:9e:ec:f1:a8:c0:a8:53:15:30:62:
         fa:7e:09:c0:19:60:e7:be:99:1d:b2:b5:68:1f:a8:da:16:5e:
         14:88:3c:b4:83:42:5c:a6:07:03:0b:04:d2:7a:01:3a:16:e6:
         10:c1:42:e0:f2:b6:20:b8:9f:01:54:55:63:40:ed:fd:b9:0e:
         86:6f:fe:e7:08:e2:18:65:55:2d:9a:94:ab:97:51:ca:23:fe:
         66:46:67:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBZOGGiWNizJGmGA2gdKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUwNTEzMTkwMTAyWhcNMjUwNTE0MTkwMTAyWjAzMTEwLwYDVQQD
EyhhMmNiYzJhMGU4YWUwODllMTlhNTQ4OGUwZDVhZWRhYTQ2NTVjOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNmTZmU5xiRF7iF6rPcyb+GEn3+w
sgp671pTbUWvGYWPuVBkA6HcXGUjHOTjDYAmytbxpdiVndgufDL26vpuE12Qljzu
xrpWYoeEyOEovcsAVyu3keU/RNaadmBoMfCoRRqHjk8+z1arD+J4rbOtBk3BrgZm
ayElznd+CFf3GWclCy5WHOLmZ/v/LtmpIvBraMyPFl0aq13GkwnC1dDoU9NOYmUB
f5eEcu05+fOZVbZ/m09rKtHd/T4bZ5xUAOcSd67YGcsyw7aO/SUgtnQcelfd9cII
Wg0n0TkBfpyo5aSAoMNNXwX8NZaup84h42MWgL+sqmJcRPd/PlVBMWuo3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLLwqDorgieGaVIjg1a7apGVcjqMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADb7xdtAF
uT8o/gtrjT2hmIE39flMLtVtKIMblcIPK1cizThu0pBWQ3hNPfABRyVDK9h0zOXI
kiTm5qz8C/wmEwyuRyG+MfUQ/zBpxnfsGETAXmpIVLGRTqXWqztVmmkroBNzgx/L
Hw+ZiNX2JePeVyEXhFIPArytoypupvHI06K5ItdqM1viu+hTl+k1HmBL965X1P71
WdTWcb3hw79Bu3jwxW6uFDf32Y2e7PGowKhTFTBi+n4JwBlg576ZHbK1aB+o2hZe
FIg8tINCXKYHAwsE0noBOhbmEMFC4PK2ILifAVRVY0Dt/bkOhm/+5wjiGGVVLZqU
q5dRyiP+ZkZnHA==
-----END CERTIFICATE-----