Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          0dxl0CaktFPypftLC2orJ3tjoQImWUr5jQdk0DR1ZIs=
Subject key identifier:   C9:2C:A1:6E:34:E4:B1:42:A8:EB:D5:F2:64:03:5B:BA:C8:D5:97:E0
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019656EF504603E17448D541B4E3414E0904
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0BE0
Signing time:             Mon 21 Apr 2025 06:00:46 +0000
Manifest this update:     Mon 21 Apr 2025 06:00:46 +0000
Manifest next update:     Tue 22 Apr 2025 06:00:46 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: RWyMuiiAuFHu/TuMqGkiuirACLZC6LxLNPyMRkHd/QI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 06:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:ef:50:46:03:e1:74:48:d5:41:b4:e3:41:4e:09:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Apr 21 06:00:46 2025 GMT
            Not After : Apr 22 06:00:46 2025 GMT
        Subject: CN=c92ca16e34e4b142a8ebd5f264035bbac8d597e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:eb:e2:45:f2:76:60:a1:da:f8:78:d3:08:88:
                    75:11:c9:ac:10:86:8a:69:68:ee:8c:52:be:9e:3c:
                    8f:e2:9c:2b:cd:6e:5f:e9:e7:53:58:dd:95:84:d5:
                    b3:ac:c5:8a:dd:1b:54:83:ae:74:8f:aa:9e:f5:2d:
                    2d:8d:c4:5a:0b:05:03:29:fc:61:c2:75:b9:47:41:
                    9f:6b:bf:2c:72:8f:f7:07:ce:49:be:e8:b5:c8:ca:
                    4b:70:9c:38:98:dc:c6:28:9f:e4:62:13:5d:36:3e:
                    e6:60:10:db:7f:c7:ca:e2:a0:55:9f:ad:7d:de:dd:
                    a6:20:87:dc:85:9e:f4:20:b1:b8:88:65:4f:66:aa:
                    cb:15:ba:61:03:39:31:0d:4b:09:81:04:99:cf:bf:
                    1b:6e:ee:ce:68:f7:da:75:d5:f8:76:3f:04:bb:ef:
                    c0:a6:28:a7:b0:99:24:15:0c:6e:40:bd:05:c0:08:
                    00:2b:52:f0:bb:64:ec:20:fd:99:01:56:f4:16:e3:
                    e4:dc:75:17:1a:7b:91:a5:aa:73:08:34:5a:ef:c2:
                    cc:26:24:1c:52:bd:d9:42:57:fc:6d:27:c7:95:5f:
                    2f:a0:b4:7e:d5:35:ba:8f:82:5d:73:78:75:8d:f0:
                    9e:98:00:f9:cc:61:b2:2a:f4:79:ca:a3:3f:ac:3d:
                    b8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:2C:A1:6E:34:E4:B1:42:A8:EB:D5:F2:64:03:5B:BA:C8:D5:97:E0
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:47:cc:90:3c:67:6c:f0:88:46:a6:ea:c6:cd:d2:67:ff:2d:
         81:8b:f9:0b:0b:ee:85:03:4e:59:88:dd:12:a5:cf:19:9b:65:
         0d:d3:98:50:ed:3e:3b:33:dd:6d:78:47:a2:81:9a:88:b3:3c:
         0f:84:5e:43:1b:b7:42:e0:8d:5a:da:2a:ab:da:90:a6:82:ce:
         e3:d0:f5:bf:d1:e2:7a:aa:06:8d:8c:43:2b:52:ae:c5:62:1f:
         23:47:32:08:b1:c6:e5:df:68:6e:ee:3a:3a:0c:c5:c5:e2:aa:
         4a:34:c9:89:3e:80:69:21:f7:8b:0a:15:c5:50:c4:a2:ff:ee:
         43:c1:32:3c:05:8b:5d:1f:e8:86:64:45:27:7a:c1:1b:3b:f6:
         c7:fb:27:cc:b3:5f:b1:82:86:20:38:e0:d5:69:63:05:52:1e:
         91:80:77:6e:8c:26:d2:f9:59:16:a9:fd:c2:d2:a3:83:fc:2a:
         1a:0b:20:88:e0:5e:72:c0:0c:2c:bb:2a:9c:7f:79:1f:de:3a:
         a3:eb:75:a1:0b:64:a9:ca:44:74:1b:88:3c:e9:6d:bc:7a:26:
         71:19:51:01:cb:64:e6:c2:71:c6:16:1c:74:c4:97:aa:b7:b6:
         b7:90:69:8f:20:af:9e:42:57:52:92:d4:e0:2a:e2:94:e9:2d:
         cb:8b:80:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZW71BGA+F0SNVBtONBTgkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjUwNDIxMDYwMDQ2WhcNMjUwNDIyMDYwMDQ2WjAzMTEwLwYDVQQD
EyhjOTJjYTE2ZTM0ZTRiMTQyYThlYmQ1ZjI2NDAzNWJiYWM4ZDU5N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuviRfJ2YKHa+HjTCIh1EcmsEIaK
aWjujFK+njyP4pwrzW5f6edTWN2VhNWzrMWK3RtUg650j6qe9S0tjcRaCwUDKfxh
wnW5R0Gfa78sco/3B85Jvui1yMpLcJw4mNzGKJ/kYhNdNj7mYBDbf8fK4qBVn619
3t2mIIfchZ70ILG4iGVPZqrLFbphAzkxDUsJgQSZz78bbu7OaPfaddX4dj8Eu+/A
piinsJkkFQxuQL0FwAgAK1Lwu2TsIP2ZAVb0FuPk3HUXGnuRpapzCDRa78LMJiQc
Ur3ZQlf8bSfHlV8voLR+1TW6j4Jdc3h1jfCemAD5zGGyKvR5yqM/rD24pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMksoW405LFCqOvV8mQDW7rI1ZfgMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUfMkDxn
bPCIRqbqxs3SZ/8tgYv5CwvuhQNOWYjdEqXPGZtlDdOYUO0+OzPdbXhHooGaiLM8
D4ReQxu3QuCNWtoqq9qQpoLO49D1v9HieqoGjYxDK1KuxWIfI0cyCLHG5d9obu46
OgzFxeKqSjTJiT6AaSH3iwoVxVDEov/uQ8EyPAWLXR/ohmRFJ3rBGzv2x/snzLNf
sYKGIDjg1WljBVIekYB3bowm0vlZFqn9wtKjg/wqGgsgiOBecsAMLLsqnH95H946
o+t1oQtkqcpEdBuIPOltvHomcRlRActk5sJxxhYcdMSXqre2t5BpjyCvnkJXUpLU
4CrilOkty4uAVw==
-----END CERTIFICATE-----