Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          BNeInQpf4efvp3zzUoFP6rGCFt4BHHwHTQSV4zAqebA=
Subject key identifier:   85:1C:47:1A:A9:0C:D6:24:3F:64:8E:B7:1F:0B:DE:7F:B4:1D:8B:24
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       0196B6A24B1A32ADD2DAF9BC3B2888864E1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          1252
Signing time:             Fri 09 May 2025 20:00:11 +0000
Manifest this update:     Fri 09 May 2025 20:00:11 +0000
Manifest next update:     Sat 10 May 2025 20:00:11 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: omON9tgUnwsP9m5DgVUGO+lxMBhP3guclECPePW9OBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b6:a2:4b:1a:32:ad:d2:da:f9:bc:3b:28:88:86:4e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: May  9 20:00:11 2025 GMT
            Not After : May 10 20:00:11 2025 GMT
        Subject: CN=851c471aa90cd6243f648eb71f0bde7fb41d8b24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:45:e7:24:b8:e1:19:29:2c:87:ac:ef:0d:cc:
                    3f:46:7a:26:eb:ce:76:16:11:b2:55:8a:73:95:49:
                    a7:f9:73:30:95:40:07:65:a7:a1:2c:3c:74:f9:65:
                    c7:b6:99:b5:cf:3b:30:bf:07:e6:0a:6d:bc:cf:4f:
                    4c:79:16:29:6a:2c:5e:b2:04:5a:d1:63:12:56:08:
                    4e:3b:d9:7a:3a:7e:f4:4e:39:f2:8c:d5:13:9c:54:
                    e3:07:a7:53:3d:a8:b9:e1:16:5d:5c:b5:db:bf:58:
                    b8:cb:4d:64:8c:e3:3c:a0:34:c2:6d:28:8e:c1:b7:
                    e2:22:1b:da:c1:16:b6:3e:31:1e:8c:8b:71:d2:0a:
                    d3:28:5d:07:44:ff:d1:29:0b:03:7f:61:fb:6b:48:
                    89:ee:2d:29:36:3a:be:0c:a8:bf:f7:cb:f9:a6:aa:
                    3e:f4:3b:bc:e9:9d:81:35:f0:51:53:02:f1:e4:6c:
                    4c:27:c7:e0:83:04:c7:2f:ae:38:4c:db:ca:95:ba:
                    50:18:78:b7:cd:1b:2a:12:ca:55:ef:a5:dc:96:2e:
                    cf:f3:f6:dc:a7:f6:ca:f7:9d:92:8b:86:6d:2e:99:
                    05:cb:38:91:36:64:3a:61:1f:23:48:c6:2f:3a:29:
                    a7:45:de:91:9b:27:dd:dc:e6:97:31:11:c6:82:d9:
                    6d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:1C:47:1A:A9:0C:D6:24:3F:64:8E:B7:1F:0B:DE:7F:B4:1D:8B:24
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:31:f8:a5:2f:ff:ae:86:b6:ad:dc:b1:89:6d:4a:27:bf:ac:
         b2:39:02:57:8d:11:df:dd:44:a1:00:0f:6b:8b:a2:46:58:eb:
         33:2e:7f:e0:98:49:b0:fb:3a:69:e7:52:b2:c1:a6:3a:4f:67:
         e6:99:10:cb:3e:a9:db:13:83:6e:37:b1:b0:29:8d:84:e0:e1:
         01:bc:43:e9:4d:ab:da:01:95:58:83:e9:14:ae:08:af:7d:d4:
         f6:ec:55:c3:57:bf:33:31:ac:00:6a:d0:f1:5a:af:2d:de:e7:
         0e:49:02:ce:04:5d:84:57:5e:f4:8d:f0:30:be:96:85:d5:a3:
         ca:d8:5d:6c:83:56:82:72:b4:e8:29:f9:f0:69:e3:6e:4b:8d:
         78:2b:8d:e2:dd:c3:ad:d4:5c:eb:ee:67:68:5f:52:96:c9:43:
         22:f8:d5:1f:72:3d:7e:76:13:05:ea:43:a3:5c:a5:0a:3e:09:
         ca:a8:b1:b2:b0:17:11:9c:61:ba:54:32:52:2f:30:ca:94:de:
         7c:5a:0e:ce:21:01:23:09:15:7f:d1:06:ff:db:d2:96:06:f8:
         d5:a1:a4:57:22:1a:4d:c5:bc:09:b5:b5:9e:8d:cd:09:a2:08:
         20:1d:e6:3d:aa:67:6e:69:5c:03:99:0a:dd:f4:aa:59:3f:d9:
         21:a1:dd:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa2oksaMq3S2vm8OyiIhk4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjUwNTA5MjAwMDExWhcNMjUwNTEwMjAwMDExWjAzMTEwLwYDVQQD
Eyg4NTFjNDcxYWE5MGNkNjI0M2Y2NDhlYjcxZjBiZGU3ZmI0MWQ4YjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXnJLjhGSksh6zvDcw/Rnom6852
FhGyVYpzlUmn+XMwlUAHZaehLDx0+WXHtpm1zzswvwfmCm28z09MeRYpaixesgRa
0WMSVghOO9l6On70TjnyjNUTnFTjB6dTPai54RZdXLXbv1i4y01kjOM8oDTCbSiO
wbfiIhvawRa2PjEejItx0grTKF0HRP/RKQsDf2H7a0iJ7i0pNjq+DKi/98v5pqo+
9Du86Z2BNfBRUwLx5GxMJ8fggwTHL644TNvKlbpQGHi3zRsqEspV76Xcli7P8/bc
p/bK952Si4ZtLpkFyziRNmQ6YR8jSMYvOimnRd6Rmyfd3OaXMRHGgtltjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIUcRxqpDNYkP2SOtx8L3n+0HYskMB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADzH4pS//
roa2rdyxiW1KJ7+ssjkCV40R391EoQAPa4uiRljrMy5/4JhJsPs6aedSssGmOk9n
5pkQyz6p2xODbjexsCmNhODhAbxD6U2r2gGVWIPpFK4Ir33U9uxVw1e/MzGsAGrQ
8VqvLd7nDkkCzgRdhFde9I3wML6WhdWjythdbINWgnK06Cn58GnjbkuNeCuN4t3D
rdRc6+5naF9SlslDIvjVH3I9fnYTBepDo1ylCj4JyqixsrAXEZxhulQyUi8wypTe
fFoOziEBIwkVf9EG/9vSlgb41aGkVyIaTcW8CbW1no3NCaIIIB3mPapnbmlcA5kK
3fSqWT/ZIaHdqQ==
-----END CERTIFICATE-----