Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
File:                     r2sB3cUdknQsPMSisx3H_Bg75X8.mft (raw, json)
Hash identifier:          38+jX6RBLPo0c2YkUUDdjKLJE+oubNN0UptciTjhrm4=
Subject key identifier:   78:F8:F1:02:5A:BF:67:9D:A1:F6:CF:46:32:32:58:9D:CD:62:1E:99
Authority key identifier: AF:6B:01:DD:C5:1D:92:74:2C:3C:C4:A2:B3:1D:C7:FC:18:3B:E5:7F
Certificate issuer:       /CN=af6b01ddc51d92742c3cc4a2b31dc7fc183be57f
Certificate serial:       019654932D97AE0D247125D670CA10B3CD5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
Manifest number:          0A53
Signing time:             Sun 20 Apr 2025 19:00:53 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:53 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:53 +0000
Files and hashes:         1: r2sB3cUdknQsPMSisx3H_Bg75X8.crl (hash: 1epFN9SdOwwKiQOf4zPd/+4GK8qfzEeu3pqIT6u8FgM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:2d:97:ae:0d:24:71:25:d6:70:ca:10:b3:cd:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af6b01ddc51d92742c3cc4a2b31dc7fc183be57f
        Validity
            Not Before: Apr 20 19:00:53 2025 GMT
            Not After : Apr 21 19:00:53 2025 GMT
        Subject: CN=78f8f1025abf679da1f6cf463232589dcd621e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ba:de:70:16:8f:ac:cf:30:d8:3b:4e:57:87:
                    0c:21:ad:02:b2:7e:c3:17:1b:53:2a:cc:a9:1d:58:
                    0b:5a:6b:ca:7f:94:22:f9:c1:e8:5f:34:e6:f1:24:
                    3d:77:35:86:54:29:4b:a4:cc:a6:a8:2a:69:3e:04:
                    c1:98:fe:55:e5:20:d1:d4:f1:93:a7:98:0e:a2:2a:
                    2f:ec:7b:b1:ba:57:b3:02:03:09:2a:79:28:21:cd:
                    1f:43:ed:59:64:ab:ad:0d:1d:f3:59:56:ea:7d:54:
                    da:e4:42:a8:84:31:94:59:f7:a7:cc:b9:32:98:c9:
                    4b:bf:9e:bf:33:04:f7:21:b2:98:70:c8:18:78:2f:
                    76:e2:6f:4b:48:7f:96:10:18:86:31:92:51:13:45:
                    87:7f:60:79:8a:2d:50:68:78:d1:1c:b2:34:82:ba:
                    7f:07:bf:74:da:de:f0:b8:9c:1a:a3:5f:08:a4:9a:
                    ad:ae:7b:50:29:a5:ee:f6:1c:b6:1b:b2:36:06:36:
                    42:6d:32:dc:4f:3a:c3:d2:5e:ef:4c:89:f2:fc:27:
                    86:42:e9:a8:e7:18:cb:3b:3a:5a:6f:c4:1e:d1:c1:
                    45:85:3a:8f:68:9a:df:27:12:2a:90:96:19:79:ef:
                    5f:a1:1c:51:01:a4:75:e2:37:89:f2:48:fc:05:e7:
                    69:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F8:F1:02:5A:BF:67:9D:A1:F6:CF:46:32:32:58:9D:CD:62:1E:99
            X509v3 Authority Key Identifier:
                keyid:AF:6B:01:DD:C5:1D:92:74:2C:3C:C4:A2:B3:1D:C7:FC:18:3B:E5:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:88:c7:10:b9:6b:cc:bd:65:df:61:2f:00:f0:00:64:25:d3:
         4e:34:ea:c4:9b:78:0d:4f:cc:c2:cf:7e:ed:e1:4b:0c:3d:8a:
         43:58:8b:00:db:29:dd:62:9a:7a:f8:b2:3b:cb:7c:79:4f:16:
         67:97:34:47:76:47:6c:29:39:fc:58:5c:09:88:f1:1e:0c:9a:
         1f:06:72:e4:48:33:50:97:f1:49:20:cc:f9:be:33:36:ee:1e:
         2c:d5:c1:a1:7f:a6:85:77:0b:b3:78:b7:62:1b:7e:b3:4a:3c:
         8d:4e:4d:e1:22:6a:72:27:4a:90:51:87:ef:30:5d:ae:b2:30:
         85:ca:c3:bf:b2:74:e5:be:88:6f:da:fc:a5:44:0b:4e:c8:96:
         c1:06:c1:7b:b0:46:ec:d7:64:b1:37:e6:10:50:07:54:38:84:
         9e:b2:d1:13:d2:35:03:03:83:23:50:c5:f5:09:7d:eb:2b:13:
         b0:6c:52:a8:d8:07:c7:a2:e9:3e:b4:9b:0a:e4:12:f6:4b:84:
         9d:dc:3d:c5:c9:b5:c8:29:34:f1:b0:2c:c3:9f:6b:af:b7:c6:
         8e:25:b3:66:d2:9f:1a:cc:12:de:b0:95:c7:c0:e2:17:8e:d0:
         40:0e:6d:2d:9a:aa:b6:39:e0:02:c6:2a:72:14:10:90:c6:0f:
         ed:06:13:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUky2Xrg0kcSXWcMoQs81bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmIwMWRkYzUxZDkyNzQyYzNjYzRhMmIzMWRjN2ZjMTgz
YmU1N2YwHhcNMjUwNDIwMTkwMDUzWhcNMjUwNDIxMTkwMDUzWjAzMTEwLwYDVQQD
Eyg3OGY4ZjEwMjVhYmY2NzlkYTFmNmNmNDYzMjMyNTg5ZGNkNjIxZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7recBaPrM8w2DtOV4cMIa0Csn7D
FxtTKsypHVgLWmvKf5Qi+cHoXzTm8SQ9dzWGVClLpMymqCppPgTBmP5V5SDR1PGT
p5gOoiov7HuxulezAgMJKnkoIc0fQ+1ZZKutDR3zWVbqfVTa5EKohDGUWfenzLky
mMlLv56/MwT3IbKYcMgYeC924m9LSH+WEBiGMZJRE0WHf2B5ii1QaHjRHLI0grp/
B7902t7wuJwao18IpJqtrntQKaXu9hy2G7I2BjZCbTLcTzrD0l7vTIny/CeGQumo
5xjLOzpab8Qe0cFFhTqPaJrfJxIqkJYZee9foRxRAaR14jeJ8kj8Bedp8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHj48QJav2edofbPRjIyWJ3NYh6ZMB8GA1UdIwQY
MBaAFK9rAd3FHZJ0LDzEorMdx/wYO+V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8zN2EwMDItMjA3MS00NGVjLWJmNTAt
MjljYTE2NTc2ZWRlLzEvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8zN2EwMDItMjA3MS00NGVjLWJmNTAtMjljYTE2NTc2ZWRl
LzEvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4jHELlr
zL1l32EvAPAAZCXTTjTqxJt4DU/Mws9+7eFLDD2KQ1iLANsp3WKaeviyO8t8eU8W
Z5c0R3ZHbCk5/FhcCYjxHgyaHwZy5EgzUJfxSSDM+b4zNu4eLNXBoX+mhXcLs3i3
Yht+s0o8jU5N4SJqcidKkFGH7zBdrrIwhcrDv7J05b6Ib9r8pUQLTsiWwQbBe7BG
7NdksTfmEFAHVDiEnrLRE9I1AwODI1DF9Ql96ysTsGxSqNgHx6LpPrSbCuQS9kuE
ndw9xcm1yCk08bAsw59rr7fGjiWzZtKfGswS3rCVx8DiF47QQA5tLZqqtjngAsYq
chQQkMYP7QYTDw==
-----END CERTIFICATE-----