Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          0ikbin8RpLvpHhqVkgIKBedYhux1mR+REHtqIC6mWts=
Subject key identifier:   F9:33:D0:CA:56:6E:5A:CD:9E:24:33:69:51:8A:41:BE:E9:4C:49:17
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       0196C15DFE356E14194C4CF7C44AE94925AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          09D4
Signing time:             Sun 11 May 2025 22:01:24 +0000
Manifest this update:     Sun 11 May 2025 22:01:24 +0000
Manifest next update:     Mon 12 May 2025 22:01:24 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: /4MgJMDzJzF37ImxXAOdSGlcoe65F1rAo5UFuDVgpfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5d:fe:35:6e:14:19:4c:4c:f7:c4:4a:e9:49:25:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: May 11 22:01:24 2025 GMT
            Not After : May 12 22:01:24 2025 GMT
        Subject: CN=f933d0ca566e5acd9e243369518a41bee94c4917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:a5:ab:ab:3f:e5:45:06:94:f7:fd:83:eb:
                    03:c8:d0:66:ac:42:c2:97:ce:8b:4c:30:90:74:da:
                    f6:ea:40:c7:fe:ea:ab:b4:b5:f9:ba:56:d0:2f:b3:
                    8e:c3:55:93:80:ea:77:ca:35:b5:d6:a6:69:30:43:
                    43:6d:e0:62:e4:74:6d:09:2f:68:78:e0:be:8a:24:
                    cd:ac:dd:7d:e3:59:e4:c6:b7:23:fd:92:10:67:4d:
                    13:12:ac:3a:be:32:30:9b:0d:cf:6a:1e:25:39:87:
                    be:0e:87:23:03:05:07:ec:58:2f:53:b7:24:af:88:
                    25:7d:74:03:c3:53:af:90:a4:65:c3:75:a1:9e:1f:
                    9b:6d:ce:d3:78:b7:0c:9f:1c:1e:19:bd:9d:9c:f8:
                    fa:e4:64:f5:30:c4:bd:13:a5:47:23:96:f0:c5:7d:
                    00:48:12:65:1f:63:dc:ca:10:0e:20:62:dc:4e:df:
                    d9:61:6b:39:a3:06:63:91:3f:8b:3f:da:c8:47:dd:
                    84:21:47:e2:99:5d:7f:31:24:88:b2:ad:96:2c:d6:
                    e1:ef:52:5b:ee:74:6e:d6:0e:0d:80:9f:14:e2:2f:
                    40:6a:9e:59:3a:09:31:0e:b5:98:fd:9a:0b:c3:eb:
                    63:af:18:b7:d4:c3:17:7e:88:b2:bc:de:d2:30:65:
                    b9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:33:D0:CA:56:6E:5A:CD:9E:24:33:69:51:8A:41:BE:E9:4C:49:17
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:0a:f7:b9:0c:3d:77:ed:d5:00:da:53:e8:2a:9d:86:56:6f:
         91:69:29:a3:01:80:fa:ba:de:40:c0:46:9a:03:93:c5:e5:f2:
         34:4d:d0:34:00:b5:c2:36:e9:0a:50:1c:31:00:aa:a6:00:fd:
         5c:89:cd:36:21:9a:2d:19:78:94:4b:f4:92:8e:a5:4a:24:ca:
         31:20:af:f0:f9:44:e8:4b:1d:5e:e8:55:39:38:41:9e:64:4b:
         31:86:f0:a8:fe:c0:ff:6a:11:22:7a:43:87:3b:0c:51:cf:f8:
         97:03:d3:c5:ed:f9:f4:af:34:39:ba:54:e6:fa:6a:27:52:72:
         4b:8c:7a:b8:bd:da:ee:7b:3b:2a:c3:90:ab:50:82:2c:8a:9e:
         3d:43:57:32:94:a3:0f:91:db:b4:6f:d9:12:60:17:04:2e:92:
         f1:b8:4c:ab:f6:96:aa:33:2d:6c:18:eb:c9:a1:25:c9:8d:cd:
         f7:f0:66:25:6f:01:31:38:cf:c0:5b:6c:e2:ec:28:32:54:55:
         ef:5b:b4:3a:c7:4d:d9:f4:ea:c6:a1:e2:9a:2a:33:6f:5f:4a:
         a1:72:7b:64:68:6b:14:64:3d:59:9f:80:d8:e3:c5:4b:c2:fa:
         78:5c:f1:f6:e1:69:69:2c:a9:31:63:ad:28:0b:ad:1d:84:62:
         d4:70:98:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXf41bhQZTEz3xErpSSWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjUwNTExMjIwMTI0WhcNMjUwNTEyMjIwMTI0WjAzMTEwLwYDVQQD
EyhmOTMzZDBjYTU2NmU1YWNkOWUyNDMzNjk1MThhNDFiZWU5NGM0OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2+lq6s/5UUGlPf9g+sDyNBmrELC
l86LTDCQdNr26kDH/uqrtLX5ulbQL7OOw1WTgOp3yjW11qZpMENDbeBi5HRtCS9o
eOC+iiTNrN1941nkxrcj/ZIQZ00TEqw6vjIwmw3Pah4lOYe+DocjAwUH7FgvU7ck
r4glfXQDw1OvkKRlw3Whnh+bbc7TeLcMnxweGb2dnPj65GT1MMS9E6VHI5bwxX0A
SBJlH2PcyhAOIGLcTt/ZYWs5owZjkT+LP9rIR92EIUfimV1/MSSIsq2WLNbh71Jb
7nRu1g4NgJ8U4i9Aap5ZOgkxDrWY/ZoLw+tjrxi31MMXfoiyvN7SMGW5eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkz0MpWblrNniQzaVGKQb7pTEkXMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFgr3uQw9
d+3VANpT6CqdhlZvkWkpowGA+rreQMBGmgOTxeXyNE3QNAC1wjbpClAcMQCqpgD9
XInNNiGaLRl4lEv0ko6lSiTKMSCv8PlE6EsdXuhVOThBnmRLMYbwqP7A/2oRInpD
hzsMUc/4lwPTxe359K80ObpU5vpqJ1JyS4x6uL3a7ns7KsOQq1CCLIqePUNXMpSj
D5HbtG/ZEmAXBC6S8bhMq/aWqjMtbBjryaElyY3N9/BmJW8BMTjPwFts4uwoMlRV
71u0OsdN2fTqxqHimiozb19KoXJ7ZGhrFGQ9WZ+A2OPFS8L6eFzx9uFpaSypMWOt
KAutHYRi1HCYLw==
-----END CERTIFICATE-----