Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          8JMFRLCnoE7DFcnVZA0SU1IAShE0YUIjmZq2w4iaDyU=
Subject key identifier:   BF:B7:79:28:5A:F4:30:91:E4:3C:02:F4:B4:80:A5:52:94:46:DC:DE
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       0196B1EA4F9FDD3DBB75F2D5F187A50708C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          152C
Signing time:             Thu 08 May 2025 22:00:44 +0000
Manifest this update:     Thu 08 May 2025 22:00:44 +0000
Manifest next update:     Fri 09 May 2025 22:00:44 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: Mb+VTfZUjVycW9XJs5Sbg2R0ECabWDDU3q55VC45hTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:4f:9f:dd:3d:bb:75:f2:d5:f1:87:a5:07:08:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: May  8 22:00:44 2025 GMT
            Not After : May  9 22:00:44 2025 GMT
        Subject: CN=bfb779285af43091e43c02f4b480a5529446dcde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:0b:8f:99:1d:2b:13:34:6b:c1:f2:f5:39:af:
                    36:44:bf:2b:30:77:38:0b:6d:a1:da:cf:80:6a:db:
                    aa:c4:ab:84:e3:97:6f:47:f8:57:db:e3:68:8b:d8:
                    d1:dd:97:fb:63:90:19:69:ad:e1:79:95:9b:ae:38:
                    5f:55:08:f8:45:8b:d2:09:cb:2f:f1:7b:a2:8f:0f:
                    8f:dd:b0:da:7c:21:7b:a6:42:4a:68:f1:39:10:7d:
                    a5:e6:00:44:df:b2:80:f9:ba:00:1e:2d:b6:6c:a9:
                    9d:36:71:93:e3:c7:c9:fa:a7:2a:a0:80:5d:1e:3f:
                    a1:6c:8d:62:29:bf:34:b4:86:d9:52:af:80:bc:03:
                    9a:ef:52:35:4a:5a:5c:81:84:fe:8f:ef:b2:c0:04:
                    99:c4:83:e6:7c:a5:f9:dd:12:56:ac:27:ad:93:d8:
                    6f:39:71:24:25:c3:08:ae:e6:c8:bb:fd:a7:7c:7d:
                    0f:cd:52:f3:32:e2:07:b2:28:d2:af:bb:38:15:26:
                    1d:e6:6c:2b:9e:cb:2d:7a:ad:ba:1d:56:dd:52:a3:
                    95:55:6f:cb:d0:6f:1c:9f:b0:f4:88:da:8d:b3:f7:
                    37:58:2c:9d:64:28:89:66:a9:2a:a6:e9:e8:d4:ff:
                    f6:fa:02:fa:7b:90:7e:c7:e1:5a:00:aa:6a:cf:2e:
                    38:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:B7:79:28:5A:F4:30:91:E4:3C:02:F4:B4:80:A5:52:94:46:DC:DE
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:dc:7f:cd:89:f9:e7:14:ba:16:f7:f0:28:d4:43:9f:ca:88:
         6c:f6:54:36:29:c8:2c:80:db:e9:99:d7:4e:16:c7:74:d1:1e:
         b3:14:b6:4c:bb:50:68:1d:88:48:e2:4e:68:50:05:b0:d6:9d:
         31:71:ed:38:60:c8:82:71:5c:50:d2:db:70:94:17:8f:42:fb:
         40:98:e4:9c:ab:17:a4:0b:dc:68:78:3f:91:7c:8e:04:c9:d6:
         3b:8a:4a:77:f7:44:2b:b1:29:b6:35:99:07:7f:0f:00:ff:1f:
         e9:b2:c3:96:1a:cc:35:99:7f:a9:68:8a:45:6d:fd:2b:a0:2e:
         ae:54:fb:eb:db:1a:0d:d7:aa:ff:da:5f:fa:d8:7c:46:c7:76:
         04:22:af:2f:bd:1c:49:ab:e0:e8:b9:1a:3d:bb:1c:54:43:d0:
         52:4f:31:a8:2c:c1:c0:93:45:b9:0b:7e:f1:ae:e4:47:79:d8:
         77:69:3f:c3:e1:3d:ef:f2:cd:9c:75:53:c8:35:b9:a6:54:c9:
         72:4d:25:f5:54:9e:7c:2f:f6:ec:b6:12:f9:a3:46:82:d5:5a:
         77:3b:0f:b8:3b:0e:f4:3c:0b:ba:66:7f:f1:90:8c:0a:94:c6:
         05:2f:e3:36:d8:d1:9f:6c:5d:9f:2a:c4:da:f6:16:a6:2a:e0:
         c1:f2:70:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6k+f3T27dfLV8YelBwjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwNTA4MjIwMDQ0WhcNMjUwNTA5MjIwMDQ0WjAzMTEwLwYDVQQD
EyhiZmI3NzkyODVhZjQzMDkxZTQzYzAyZjRiNDgwYTU1Mjk0NDZkY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AuPmR0rEzRrwfL1Oa82RL8rMHc4
C22h2s+AatuqxKuE45dvR/hX2+Noi9jR3Zf7Y5AZaa3heZWbrjhfVQj4RYvSCcsv
8Xuijw+P3bDafCF7pkJKaPE5EH2l5gBE37KA+boAHi22bKmdNnGT48fJ+qcqoIBd
Hj+hbI1iKb80tIbZUq+AvAOa71I1SlpcgYT+j++ywASZxIPmfKX53RJWrCetk9hv
OXEkJcMIrubIu/2nfH0PzVLzMuIHsijSr7s4FSYd5mwrnssteq26HVbdUqOVVW/L
0G8cn7D0iNqNs/c3WCydZCiJZqkqpuno1P/2+gL6e5B+x+FaAKpqzy44JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+3eSha9DCR5DwC9LSApVKURtzeMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAltx/zYn5
5xS6FvfwKNRDn8qIbPZUNinILIDb6ZnXThbHdNEesxS2TLtQaB2ISOJOaFAFsNad
MXHtOGDIgnFcUNLbcJQXj0L7QJjknKsXpAvcaHg/kXyOBMnWO4pKd/dEK7EptjWZ
B38PAP8f6bLDlhrMNZl/qWiKRW39K6AurlT769saDdeq/9pf+th8Rsd2BCKvL70c
Savg6LkaPbscVEPQUk8xqCzBwJNFuQt+8a7kR3nYd2k/w+E97/LNnHVTyDW5plTJ
ck0l9VSefC/27LYS+aNGgtVadzsPuDsO9DwLumZ/8ZCMCpTGBS/jNtjRn2xdnyrE
2vYWpirgwfJwTA==
-----END CERTIFICATE-----