Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          BvZybJxPHKRZLLSrUe/CAAdJZQIm47qBSz9U0hC1pn4=
Subject key identifier:   67:66:63:B9:23:AF:B4:C5:C0:38:7A:59:6C:15:E8:41:B2:10:43:B7
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0196C1CAE49EDCE9E0262C1CBEAE2883B83E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          080D
Signing time:             Mon 12 May 2025 00:00:21 +0000
Manifest this update:     Mon 12 May 2025 00:00:21 +0000
Manifest next update:     Tue 13 May 2025 00:00:21 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: laehhtddpOPwr9EzrFaGzLo/lS0ooWJG/tScYPdL0PY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:ca:e4:9e:dc:e9:e0:26:2c:1c:be:ae:28:83:b8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: May 12 00:00:21 2025 GMT
            Not After : May 13 00:00:21 2025 GMT
        Subject: CN=676663b923afb4c5c0387a596c15e841b21043b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5b:13:28:ff:67:d8:4e:44:02:4b:63:80:16:
                    fe:b1:49:36:ae:d9:95:00:2f:19:8e:b0:cc:7c:b8:
                    63:1c:a5:07:2b:ff:e5:4a:96:6e:76:79:c8:04:ec:
                    72:ac:56:62:79:c8:d1:12:85:d4:34:8b:07:1f:37:
                    ce:0b:0a:f6:76:67:d1:12:f7:8d:a7:8e:c8:fe:92:
                    ee:26:f3:51:c1:00:44:db:7b:55:52:58:fe:ff:dc:
                    5b:a0:65:7f:70:6e:47:bb:78:44:1e:fd:89:bc:3c:
                    8c:f1:31:db:cb:43:8f:a0:ba:ec:3c:a6:94:ff:2e:
                    51:11:74:d2:96:8e:d9:b9:28:0d:24:72:41:23:19:
                    8c:58:1e:00:33:7e:7e:0f:b8:2c:b6:89:33:43:24:
                    b9:32:5e:8f:dc:97:21:1b:1b:49:41:1c:76:f1:80:
                    bb:93:46:03:ef:6c:73:fc:a9:6a:cf:ac:0c:24:d9:
                    2a:8e:90:c3:41:03:c8:85:90:e4:76:4d:33:5d:2a:
                    65:55:d7:8e:42:60:c8:72:95:75:01:04:d0:33:0c:
                    70:d9:eb:ea:2f:84:f5:f3:ad:e6:18:97:c1:54:c0:
                    18:fc:c6:f6:c0:68:5b:bc:f5:83:a1:6a:e7:fa:fd:
                    1e:e9:e8:f4:96:01:1b:a5:a1:be:45:5b:d4:61:b3:
                    a2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:66:63:B9:23:AF:B4:C5:C0:38:7A:59:6C:15:E8:41:B2:10:43:B7
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:e7:17:60:3d:20:ca:0e:f5:a9:00:75:88:da:3b:8a:49:fd:
         d9:d5:dc:e8:ea:d0:8d:fc:08:d6:8d:e8:39:80:db:58:ae:15:
         9a:08:5a:f8:7f:41:fc:59:19:47:e3:3e:2b:a9:aa:76:4c:15:
         91:6a:fb:02:5a:54:be:0b:93:34:9d:30:1f:87:c8:0b:ee:47:
         88:32:a6:66:d3:65:9d:ca:2d:12:57:2e:9b:ae:2d:63:a0:8e:
         d9:8a:0e:31:fd:4f:0a:b4:27:b3:3f:d2:e1:1c:bc:46:31:53:
         2d:fc:5c:8e:99:c9:25:56:b0:ea:48:7f:92:b5:1f:63:f6:7c:
         b3:b7:60:2c:23:bb:02:45:54:72:be:21:26:a1:f1:8c:2e:11:
         47:a3:7e:20:3e:59:d4:31:a6:5d:bc:9f:d9:ad:99:65:c4:73:
         e6:59:ca:73:31:a0:a0:dc:c4:0c:2b:3d:44:82:02:f8:71:20:
         bc:ec:1f:fe:7e:dc:bd:e2:32:f7:ad:9e:0c:34:48:c3:17:eb:
         a8:99:86:3c:9f:1e:8b:10:91:a3:17:cf:a6:df:89:c3:41:a2:
         d5:d1:17:14:61:22:9c:69:d7:fa:84:21:58:5b:45:ca:bb:e5:
         10:58:16:da:a2:96:12:b2:0b:ab:89:23:a0:ce:24:08:52:5c:
         c1:bc:48:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbByuSe3OngJiwcvq4og7g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwNTEyMDAwMDIxWhcNMjUwNTEzMDAwMDIxWjAzMTEwLwYDVQQD
Eyg2NzY2NjNiOTIzYWZiNGM1YzAzODdhNTk2YzE1ZTg0MWIyMTA0M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklsTKP9n2E5EAktjgBb+sUk2rtmV
AC8ZjrDMfLhjHKUHK//lSpZudnnIBOxyrFZiecjREoXUNIsHHzfOCwr2dmfREveN
p47I/pLuJvNRwQBE23tVUlj+/9xboGV/cG5Hu3hEHv2JvDyM8THby0OPoLrsPKaU
/y5REXTSlo7ZuSgNJHJBIxmMWB4AM35+D7gstokzQyS5Ml6P3JchGxtJQRx28YC7
k0YD72xz/Klqz6wMJNkqjpDDQQPIhZDkdk0zXSplVdeOQmDIcpV1AQTQMwxw2evq
L4T1863mGJfBVMAY/Mb2wGhbvPWDoWrn+v0e6ej0lgEbpaG+RVvUYbOiZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdmY7kjr7TFwDh6WWwV6EGyEEO3MB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIucXYD0g
yg71qQB1iNo7ikn92dXc6OrQjfwI1o3oOYDbWK4Vmgha+H9B/FkZR+M+K6mqdkwV
kWr7AlpUvguTNJ0wH4fIC+5HiDKmZtNlncotElcum64tY6CO2YoOMf1PCrQnsz/S
4Ry8RjFTLfxcjpnJJVaw6kh/krUfY/Z8s7dgLCO7AkVUcr4hJqHxjC4RR6N+ID5Z
1DGmXbyf2a2ZZcRz5lnKczGgoNzEDCs9RIIC+HEgvOwf/n7cveIy962eDDRIwxfr
qJmGPJ8eixCRoxfPpt+Jw0Gi1dEXFGEinGnX+oQhWFtFyrvlEFgW2qKWErILq4kj
oM4kCFJcwbxIcA==
-----END CERTIFICATE-----