Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          y/Mdk3O7YTLh1lCgGWRtGbfgEt0wPJQjHbaHhMbQF6E=
Subject key identifier:   14:32:73:38:B1:5B:B6:9D:B6:C8:34:31:CD:76:80:67:A2:7F:80:BA
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       019654C9E78326AF28783E10F9BC2F0CC579
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          0184
Signing time:             Sun 20 Apr 2025 20:00:40 +0000
Manifest this update:     Sun 20 Apr 2025 20:00:40 +0000
Manifest next update:     Mon 21 Apr 2025 20:00:40 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: GPbjx4en186xZo6Aaiy65Kyp0WIDvxkeuQeQiaL3gQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 20:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:c9:e7:83:26:af:28:78:3e:10:f9:bc:2f:0c:c5:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Apr 20 20:00:40 2025 GMT
            Not After : Apr 21 20:00:40 2025 GMT
        Subject: CN=14327338b15bb69db6c83431cd768067a27f80ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:98:9e:98:15:e8:d9:7f:df:84:8a:c7:62:8d:
                    39:d2:e9:4b:c8:61:74:b6:37:68:34:b2:70:27:25:
                    47:9f:12:f9:26:03:eb:82:4f:63:07:08:c9:92:e0:
                    2e:a4:f8:44:67:1d:09:94:67:f0:73:a2:ca:bf:fd:
                    ad:e4:a2:5c:4f:40:74:b2:5b:70:c9:5d:88:b5:64:
                    bf:6f:12:ef:0d:3e:a1:c5:bf:e7:5e:5e:27:d4:ac:
                    eb:c5:72:0a:76:18:d1:6a:ad:2f:9e:cd:70:d3:05:
                    6f:ad:28:f0:4f:67:c8:c7:a2:a5:ce:4d:68:fa:a2:
                    a4:fd:81:43:75:e4:c7:63:91:60:94:62:b8:63:b8:
                    62:47:7f:15:d9:58:d1:5f:48:67:37:08:ef:52:79:
                    a5:d0:07:ec:27:59:d9:4a:ae:fa:e1:d0:16:fc:00:
                    99:40:da:c3:94:00:c5:d2:e0:45:34:73:cb:86:9e:
                    08:93:7d:c3:64:ec:27:87:4c:8c:d2:6f:8d:78:cd:
                    59:6c:de:c1:63:41:89:0a:52:ad:d9:04:1f:08:96:
                    d5:1f:9a:97:cc:a7:cc:b8:62:e9:7a:5f:f8:40:a6:
                    4c:ba:c4:0f:81:62:48:7a:71:63:93:3e:06:0f:34:
                    29:9a:bd:85:c3:da:9e:42:95:25:d7:ef:b9:d5:1e:
                    c9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:32:73:38:B1:5B:B6:9D:B6:C8:34:31:CD:76:80:67:A2:7F:80:BA
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:cc:c5:2e:64:2d:4c:48:02:57:e8:f9:9c:80:05:89:4c:70:
         27:f4:48:db:92:ec:f7:17:18:48:be:3a:52:34:8b:b1:ed:8f:
         c4:ea:28:4b:51:32:54:f6:8c:6c:58:1d:e6:f8:0d:8f:8c:75:
         28:2b:59:65:5e:6b:61:31:c7:b2:be:cf:b1:2d:61:ff:39:9f:
         8d:fa:9b:8e:5f:eb:c3:9d:9b:39:0c:27:2c:27:12:7e:99:d3:
         6b:4d:06:34:0c:65:a5:b4:ce:56:cd:ff:88:da:f4:b2:11:14:
         4d:a7:a2:a2:7b:9f:c4:d5:07:90:84:9a:81:25:b1:67:0f:1f:
         c5:84:50:34:b2:9e:94:52:b7:8b:22:66:03:fb:f0:6e:3b:3e:
         0c:39:73:56:c8:77:31:17:9e:08:dc:a0:b2:1d:9f:fe:dd:13:
         f6:ec:06:23:24:dd:3d:b6:11:3c:6d:de:8e:42:8e:eb:e8:96:
         bc:5b:e6:8b:0d:a8:1b:e4:f3:f6:00:80:27:90:d1:af:1d:3c:
         11:68:5e:d8:37:3c:41:1c:d7:c9:81:8b:43:6d:66:d0:a3:f1:
         81:27:7c:45:44:ae:47:44:b1:9c:ad:e6:db:a7:70:37:d6:81:
         eb:53:91:b3:59:fb:de:43:d1:99:b9:b6:72:f8:97:c4:47:d9:
         7b:63:10:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUyeeDJq8oeD4Q+bwvDMV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwNDIwMjAwMDQwWhcNMjUwNDIxMjAwMDQwWjAzMTEwLwYDVQQD
EygxNDMyNzMzOGIxNWJiNjlkYjZjODM0MzFjZDc2ODA2N2EyN2Y4MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZiemBXo2X/fhIrHYo050ulLyGF0
tjdoNLJwJyVHnxL5JgPrgk9jBwjJkuAupPhEZx0JlGfwc6LKv/2t5KJcT0B0sltw
yV2ItWS/bxLvDT6hxb/nXl4n1KzrxXIKdhjRaq0vns1w0wVvrSjwT2fIx6Klzk1o
+qKk/YFDdeTHY5FglGK4Y7hiR38V2VjRX0hnNwjvUnml0AfsJ1nZSq764dAW/ACZ
QNrDlADF0uBFNHPLhp4Ik33DZOwnh0yM0m+NeM1ZbN7BY0GJClKt2QQfCJbVH5qX
zKfMuGLpel/4QKZMusQPgWJIenFjkz4GDzQpmr2Fw9qeQpUl1++51R7JDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQyczixW7adtsg0Mc12gGeif4C6MB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMzFLmQt
TEgCV+j5nIAFiUxwJ/RI25Ls9xcYSL46UjSLse2PxOooS1EyVPaMbFgd5vgNj4x1
KCtZZV5rYTHHsr7PsS1h/zmfjfqbjl/rw52bOQwnLCcSfpnTa00GNAxlpbTOVs3/
iNr0shEUTaeionufxNUHkISagSWxZw8fxYRQNLKelFK3iyJmA/vwbjs+DDlzVsh3
MReeCNygsh2f/t0T9uwGIyTdPbYRPG3ejkKO6+iWvFvmiw2oG+Tz9gCAJ5DRrx08
EWhe2Dc8QRzXyYGLQ21m0KPxgSd8RUSuR0SxnK3m26dwN9aB61ORs1n73kPRmbm2
cviXxEfZe2MQ1Q==
-----END CERTIFICATE-----