Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
File:                     L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft (raw, json)
Hash identifier:          RVwEhszfMr+ea1L4SpbeLoVnFmMUSJLaI+3Epv1nw54=
Subject key identifier:   F2:BF:6F:6B:65:A7:2C:91:C1:75:EE:55:23:E9:94:D3:7A:78:E7:CA
Authority key identifier: 2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD
Certificate issuer:       /CN=2f70532664343cb3d2897023a127f60ba917a5dd
Certificate serial:       019659829EBEFF5A74976062585DE61F8967
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
Manifest number:          0AF2
Signing time:             Mon 21 Apr 2025 18:00:54 +0000
Manifest this update:     Mon 21 Apr 2025 18:00:54 +0000
Manifest next update:     Tue 22 Apr 2025 18:00:54 +0000
Files and hashes:         1: L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl (hash: JAXfOEepl2iFo/yPd4krSYLljuhkxaoXrd0Iis0gyu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 18:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:82:9e:be:ff:5a:74:97:60:62:58:5d:e6:1f:89:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f70532664343cb3d2897023a127f60ba917a5dd
        Validity
            Not Before: Apr 21 18:00:54 2025 GMT
            Not After : Apr 22 18:00:54 2025 GMT
        Subject: CN=f2bf6f6b65a72c91c175ee5523e994d37a78e7ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:54:30:51:53:4d:49:c3:bc:80:34:23:f0:77:
                    e8:6a:59:f0:6c:a6:32:4a:53:92:9d:3d:5f:b7:43:
                    e4:cd:f3:8e:01:72:5b:8c:1d:16:c8:a6:27:18:fa:
                    bf:e1:c6:34:41:32:fa:4d:0d:22:b9:d3:93:aa:e1:
                    29:17:6e:ce:a4:17:c0:5a:bb:4a:ce:78:11:fa:f8:
                    82:67:9f:a7:87:57:3a:fc:9d:fd:79:2c:a1:6b:c4:
                    fb:cb:da:4d:bc:83:55:8b:32:f5:b8:61:c2:df:1a:
                    c7:4e:00:54:24:f4:54:38:73:54:f1:0b:d5:3a:f5:
                    74:97:26:5f:2e:ec:fb:8e:e6:a7:a6:ea:96:b1:8a:
                    22:37:70:ee:70:9c:9f:f8:79:a6:ef:17:fc:2f:3c:
                    ae:9f:02:4c:9a:d8:fb:b7:10:fc:4d:94:fc:35:b6:
                    be:6c:e5:2e:1c:23:06:6b:54:2f:8d:ed:a3:aa:66:
                    6c:ea:f6:62:b0:e7:56:3f:83:3b:49:6d:47:77:fc:
                    ee:02:d0:9d:ec:7e:6a:13:67:30:2b:e6:e6:a2:da:
                    68:7c:aa:6a:8a:cf:06:a4:7c:95:17:4b:e8:4e:e0:
                    38:58:5e:da:c1:e4:32:df:c0:83:d7:12:14:c8:47:
                    dd:90:cd:93:3c:e5:10:ed:91:ae:7a:4a:28:f5:5d:
                    0f:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:BF:6F:6B:65:A7:2C:91:C1:75:EE:55:23:E9:94:D3:7A:78:E7:CA
            X509v3 Authority Key Identifier:
                keyid:2F:70:53:26:64:34:3C:B3:D2:89:70:23:A1:27:F6:0B:A9:17:A5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c59c0-ecd8-4727-b1de-315a79f59e18/1/L3BTJmQ0PLPSiXAjoSf2C6kXpd0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:68:5b:d8:4d:c1:22:b6:5b:8d:4e:9f:d8:8d:f7:7b:4c:d4:
         a4:b5:50:7f:d2:32:d7:27:d5:8b:5b:e1:b2:cf:7c:03:70:1c:
         57:e4:f9:b7:36:7e:45:6e:6c:21:ef:73:73:d4:5b:2e:51:32:
         ce:8e:a1:f2:5c:6f:cd:ae:66:63:a7:75:bd:c0:04:f2:63:35:
         e7:33:8c:94:40:aa:7c:8e:50:80:1f:34:28:f0:f5:b7:8c:72:
         95:0d:60:38:93:ec:a7:a4:ef:78:ea:86:a2:e1:6b:7c:48:52:
         2c:2f:91:e2:05:4b:ac:7e:32:c4:72:50:49:34:d4:2c:2f:8a:
         4a:71:6f:31:4b:b0:fd:de:bb:a9:c5:20:8b:be:39:38:4d:8e:
         23:50:a6:07:27:cc:1f:bd:5d:64:48:d0:ac:f9:dd:8e:57:e4:
         30:29:a3:85:6c:ef:6f:92:24:d8:0a:54:ed:1d:99:ea:94:a9:
         27:ec:3f:90:ea:45:46:ae:d5:93:8f:fe:bd:00:c8:01:fe:2f:
         d2:ef:c7:1d:eb:6c:c9:40:cc:b2:8c:04:a5:ab:34:8a:75:d3:
         32:80:ff:f7:e8:f7:51:a9:22:de:ba:10:d6:f4:14:a9:ce:2d:
         f8:11:2f:62:d2:0b:1f:f0:34:34:38:fb:f8:39:b9:7e:12:d0:
         2f:7e:00:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZgp6+/1p0l2BiWF3mH4lnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzA1MzI2NjQzNDNjYjNkMjg5NzAyM2ExMjdmNjBiYTkx
N2E1ZGQwHhcNMjUwNDIxMTgwMDU0WhcNMjUwNDIyMTgwMDU0WjAzMTEwLwYDVQQD
EyhmMmJmNmY2YjY1YTcyYzkxYzE3NWVlNTUyM2U5OTRkMzdhNzhlN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1QwUVNNScO8gDQj8HfoalnwbKYy
SlOSnT1ft0PkzfOOAXJbjB0WyKYnGPq/4cY0QTL6TQ0iudOTquEpF27OpBfAWrtK
zngR+viCZ5+nh1c6/J39eSyha8T7y9pNvINVizL1uGHC3xrHTgBUJPRUOHNU8QvV
OvV0lyZfLuz7juanpuqWsYoiN3DucJyf+Hmm7xf8LzyunwJMmtj7txD8TZT8Nba+
bOUuHCMGa1Qvje2jqmZs6vZisOdWP4M7SW1Hd/zuAtCd7H5qE2cwK+bmotpofKpq
is8GpHyVF0voTuA4WF7aweQy38CD1xIUyEfdkM2TPOUQ7ZGuekoo9V0P9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPK/b2tlpyyRwXXuVSPplNN6eOfKMB8GA1UdIwQY
MBaAFC9wUyZkNDyz0olwI6En9gupF6XdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUt
MzE1YTc5ZjU5ZTE4LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzU5YzAtZWNkOC00NzI3LWIxZGUtMzE1YTc5ZjU5ZTE4
LzEvTDNCVEptUTBQTFBTaVhBam9TZjJDNmtYcGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWhb2E3B
IrZbjU6f2I33e0zUpLVQf9Iy1yfVi1vhss98A3AcV+T5tzZ+RW5sIe9zc9RbLlEy
zo6h8lxvza5mY6d1vcAE8mM15zOMlECqfI5QgB80KPD1t4xylQ1gOJPsp6TveOqG
ouFrfEhSLC+R4gVLrH4yxHJQSTTULC+KSnFvMUuw/d67qcUgi745OE2OI1CmByfM
H71dZEjQrPndjlfkMCmjhWzvb5Ik2ApU7R2Z6pSpJ+w/kOpFRq7Vk4/+vQDIAf4v
0u/HHetsyUDMsowEpas0inXTMoD/9+j3Uaki3roQ1vQUqc4t+BEvYtILH/A0NDj7
+Dm5fhLQL34AUQ==
-----END CERTIFICATE-----