Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          swlq9m0tUd9lhTZBPq8ry0yxbDQDZB+luD0pesEokag=
Subject key identifier:   F2:8C:75:35:5C:35:82:D2:2D:E2:E0:0B:1F:26:01:4B:67:49:00:0C
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       01965B0374379C0916FF9AD25D5A23523475
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0D5D
Signing time:             Tue 22 Apr 2025 01:01:14 +0000
Manifest this update:     Tue 22 Apr 2025 01:01:14 +0000
Manifest next update:     Wed 23 Apr 2025 01:01:14 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: NNk1dhY8ibo5saa5qEAQfcWCalhbbD32t9RsLBtVoJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:03:74:37:9c:09:16:ff:9a:d2:5d:5a:23:52:34:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Apr 22 01:01:14 2025 GMT
            Not After : Apr 23 01:01:14 2025 GMT
        Subject: CN=f28c75355c3582d22de2e00b1f26014b6749000c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:a2:a8:de:69:8d:e7:6d:ff:f1:29:52:3c:60:
                    e8:8e:4e:18:de:f0:b9:c7:13:82:10:43:d8:2d:0c:
                    a6:00:b7:e1:84:e9:b6:63:de:3a:ca:af:5a:c2:c3:
                    09:b4:4e:bc:6e:e7:9f:a1:41:bd:a1:c7:53:d0:77:
                    07:cf:6a:0e:c1:1b:d2:e3:3a:e2:dd:17:a2:a3:08:
                    d9:5f:75:22:11:31:5d:c0:10:5a:ed:a2:c5:6f:d8:
                    0d:2a:5a:70:11:ec:c4:a9:54:31:5d:0c:d5:05:c3:
                    50:62:f9:d4:af:ef:56:4d:0f:15:74:88:42:32:7c:
                    f5:18:48:13:e7:ff:84:27:98:c2:5e:e5:c0:0f:ed:
                    69:1d:b1:58:4e:8f:42:da:a5:5d:f2:98:df:64:65:
                    86:9f:c5:20:22:b7:d5:ab:5e:a3:37:7c:a6:48:ae:
                    fb:4f:8c:90:67:b0:03:5c:1a:3b:6b:62:26:50:f8:
                    ea:d8:65:c7:70:3b:30:71:c7:23:3a:4b:09:d7:00:
                    37:e0:aa:c2:66:fa:0f:1c:63:5a:54:b9:60:34:54:
                    f3:f5:60:b0:7d:12:a5:89:30:78:0a:f0:8e:b6:90:
                    40:7a:f5:30:ac:a8:77:49:f0:d0:89:5f:2a:91:1b:
                    11:6d:5b:20:8d:f1:e3:77:77:b9:b1:e2:1e:99:05:
                    94:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:8C:75:35:5C:35:82:D2:2D:E2:E0:0B:1F:26:01:4B:67:49:00:0C
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:b6:37:02:b3:b9:c0:02:b6:62:8f:ce:bf:7e:fa:d3:03:e0:
         e0:3f:b1:f3:2f:c0:30:d2:a4:43:95:b5:d8:0d:81:12:e9:a2:
         7a:e8:55:e7:7d:a1:ed:e6:c4:3a:e0:82:01:c5:20:a2:f1:15:
         63:c4:3e:3d:08:fc:ef:6a:81:4b:80:03:90:bd:02:3d:58:e6:
         3a:05:d0:34:a2:f1:57:b7:80:67:ca:fe:55:70:00:4f:88:ba:
         ee:fc:56:98:29:e4:aa:81:42:0a:a8:c6:d3:ee:ee:a5:e0:54:
         43:ee:f8:ec:fd:d7:2a:7b:05:18:8d:70:2d:8c:0c:51:3f:03:
         1f:1d:a6:fa:53:61:4e:b9:dd:80:db:ca:3a:2f:8b:91:a6:5b:
         c0:c1:2e:db:ac:50:d8:18:95:60:16:99:1d:0a:e6:26:e1:65:
         03:d0:1b:3a:75:6f:42:8a:b5:ba:41:1f:56:c9:cf:71:21:7a:
         f5:f7:28:d2:e3:f1:95:fa:7f:95:90:d9:5b:99:86:b7:fa:ed:
         b0:ee:a3:c7:2c:5f:12:77:9a:96:fd:b8:5a:b4:86:49:b1:4f:
         a7:34:ab:2f:aa:ca:65:87:fc:a8:6c:9b:2b:a2:3b:c0:ca:81:
         46:3e:7e:3f:68:ca:22:c9:48:f9:ec:45:b7:33:be:ec:5f:a8:
         9c:a7:9d:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbA3Q3nAkW/5rSXVojUjR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwNDIyMDEwMTE0WhcNMjUwNDIzMDEwMTE0WjAzMTEwLwYDVQQD
EyhmMjhjNzUzNTVjMzU4MmQyMmRlMmUwMGIxZjI2MDE0YjY3NDkwMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqKo3mmN523/8SlSPGDojk4Y3vC5
xxOCEEPYLQymALfhhOm2Y946yq9awsMJtE68buefoUG9ocdT0HcHz2oOwRvS4zri
3ReiowjZX3UiETFdwBBa7aLFb9gNKlpwEezEqVQxXQzVBcNQYvnUr+9WTQ8VdIhC
Mnz1GEgT5/+EJ5jCXuXAD+1pHbFYTo9C2qVd8pjfZGWGn8UgIrfVq16jN3ymSK77
T4yQZ7ADXBo7a2ImUPjq2GXHcDswcccjOksJ1wA34KrCZvoPHGNaVLlgNFTz9WCw
fRKliTB4CvCOtpBAevUwrKh3SfDQiV8qkRsRbVsgjfHjd3e5seIemQWUNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKMdTVcNYLSLeLgCx8mAUtnSQAMMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABbY3ArO5
wAK2Yo/Ov3760wPg4D+x8y/AMNKkQ5W12A2BEumieuhV532h7ebEOuCCAcUgovEV
Y8Q+PQj872qBS4ADkL0CPVjmOgXQNKLxV7eAZ8r+VXAAT4i67vxWmCnkqoFCCqjG
0+7upeBUQ+747P3XKnsFGI1wLYwMUT8DHx2m+lNhTrndgNvKOi+LkaZbwMEu26xQ
2BiVYBaZHQrmJuFlA9AbOnVvQoq1ukEfVsnPcSF69fco0uPxlfp/lZDZW5mGt/rt
sO6jxyxfEnealv24WrSGSbFPpzSrL6rKZYf8qGybK6I7wMqBRj5+P2jKIslI+exF
tzO+7F+onKedTg==
-----END CERTIFICATE-----