Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          hs+u5FFpMc0AtPNhUrgDsNlNWw2p5f1PFD6ql6IfAdQ=
Subject key identifier:   FA:56:9C:E2:9E:9C:BB:72:42:32:B8:A4:FD:6F:E4:23:43:18:FA:55
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019610202643EC9FE178A47AE5D279C3D775
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          14D6
Signing time:             Mon 07 Apr 2025 12:01:04 +0000
Manifest this update:     Mon 07 Apr 2025 12:01:04 +0000
Manifest next update:     Tue 08 Apr 2025 12:01:04 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: hw8kK0KJ+LTRkR4uPbYSGGm6EqJXjoQdtSMPJ1f2F6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 12:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:10:20:26:43:ec:9f:e1:78:a4:7a:e5:d2:79:c3:d7:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Apr  7 12:01:04 2025 GMT
            Not After : Apr  8 12:01:04 2025 GMT
        Subject: CN=fa569ce29e9cbb724232b8a4fd6fe4234318fa55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:71:14:b0:65:12:bf:a4:2d:fc:b9:66:18:4a:
                    17:ea:9c:44:44:68:a9:10:5b:53:a7:2d:41:11:5d:
                    1f:e3:63:fd:e6:78:80:53:84:60:bc:45:7d:20:2c:
                    70:76:c8:31:24:29:64:d3:ae:59:c9:f4:42:b9:cf:
                    4c:11:82:61:54:30:f3:08:e9:4a:73:43:b4:b7:01:
                    47:2a:91:57:7c:83:8a:8d:68:d5:48:d7:80:bb:d4:
                    aa:0d:a7:5c:59:f7:b8:57:16:ab:ab:8e:2b:0c:f3:
                    de:51:7f:fd:ea:a2:1e:27:27:01:d5:a3:59:a0:b0:
                    cb:12:58:ca:2d:49:f1:e7:23:a8:54:a2:26:c7:c1:
                    39:48:e1:03:62:42:03:d4:5c:0c:21:30:a8:8c:7e:
                    d1:36:01:c1:21:cf:d7:76:2d:b0:ae:1f:97:e4:79:
                    00:0f:fe:cb:ca:77:db:f9:46:cb:1a:c9:4f:09:6c:
                    31:89:d4:52:ee:8d:81:a3:80:fa:24:61:d8:ae:69:
                    b4:31:61:58:4d:a3:06:8b:7d:c7:0d:5a:9b:2a:dd:
                    b1:28:7e:50:c7:89:42:2e:f1:ca:7b:51:a4:56:f0:
                    f0:2a:c7:86:f1:60:a7:d7:71:50:87:99:7c:9d:7b:
                    53:8e:24:69:46:f7:19:95:15:30:24:bb:47:18:1e:
                    f0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:56:9C:E2:9E:9C:BB:72:42:32:B8:A4:FD:6F:E4:23:43:18:FA:55
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:40:da:96:bc:de:5e:d4:64:7e:93:e1:80:9f:7c:d2:10:45:
         3f:9c:db:0b:22:90:44:e8:05:4b:e4:43:6d:a0:11:54:5f:ae:
         2c:41:e2:45:30:a3:31:ce:d8:1b:43:34:74:e7:29:ae:ad:ea:
         6a:27:ab:a0:32:dd:09:1d:49:08:5a:9d:5e:c1:af:5b:12:63:
         05:1f:e9:0d:38:1f:d2:a4:74:60:85:69:10:09:0e:00:68:96:
         f6:59:06:ad:2b:42:52:ca:53:8a:83:a6:d1:50:e4:8d:33:c4:
         a2:bf:a7:5e:16:ff:bf:75:6b:7b:b2:7f:22:68:6b:ae:32:dd:
         0f:91:4e:d8:d8:0b:f3:5f:f5:e7:10:9a:2f:37:ce:62:ff:86:
         87:c9:72:3b:fa:d2:0c:34:3a:37:99:fb:9c:bd:da:9f:b4:28:
         d8:7e:30:9d:7d:fd:a2:18:11:c0:bc:c5:33:b3:0b:b9:7c:5a:
         71:51:3c:a7:44:3f:b3:3e:17:42:93:7f:d2:13:15:41:78:93:
         57:09:b8:3d:14:58:64:36:3b:e4:a8:0f:fc:38:8d:fc:40:8f:
         b8:0b:1c:dc:d9:a7:20:24:a3:05:71:7b:6c:15:ac:50:f6:c2:
         e7:66:ad:67:e3:74:b3:f6:41:87:ad:a1:34:70:4f:08:ed:07:
         1e:1a:88:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYQICZD7J/heKR65dJ5w9d1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUwNDA3MTIwMTA0WhcNMjUwNDA4MTIwMTA0WjAzMTEwLwYDVQQD
EyhmYTU2OWNlMjllOWNiYjcyNDIzMmI4YTRmZDZmZTQyMzQzMThmYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3EUsGUSv6Qt/LlmGEoX6pxERGip
EFtTpy1BEV0f42P95niAU4RgvEV9ICxwdsgxJClk065ZyfRCuc9MEYJhVDDzCOlK
c0O0twFHKpFXfIOKjWjVSNeAu9SqDadcWfe4Vxarq44rDPPeUX/96qIeJycB1aNZ
oLDLEljKLUnx5yOoVKImx8E5SOEDYkID1FwMITCojH7RNgHBIc/Xdi2wrh+X5HkA
D/7Lynfb+UbLGslPCWwxidRS7o2Bo4D6JGHYrmm0MWFYTaMGi33HDVqbKt2xKH5Q
x4lCLvHKe1GkVvDwKseG8WCn13FQh5l8nXtTjiRpRvcZlRUwJLtHGB7wdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpWnOKenLtyQjK4pP1v5CNDGPpVMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUDalrze
XtRkfpPhgJ980hBFP5zbCyKQROgFS+RDbaARVF+uLEHiRTCjMc7YG0M0dOcprq3q
aieroDLdCR1JCFqdXsGvWxJjBR/pDTgf0qR0YIVpEAkOAGiW9lkGrStCUspTioOm
0VDkjTPEor+nXhb/v3Vre7J/ImhrrjLdD5FO2NgL81/15xCaLzfOYv+Gh8lyO/rS
DDQ6N5n7nL3an7Qo2H4wnX39ohgRwLzFM7MLuXxacVE8p0Q/sz4XQpN/0hMVQXiT
Vwm4PRRYZDY75KgP/DiN/ECPuAsc3NmnICSjBXF7bBWsUPbC52atZ+N0s/ZBh62h
NHBPCO0HHhqIXQ==
-----END CERTIFICATE-----