Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          +qEWCwVZDfVPTZsQucJBZskb50lAVzjLfb0+RnGIQtc=
Subject key identifier:   0A:90:21:83:C9:66:24:2E:BE:FF:00:E9:04:86:9C:CF:A0:FB:BD:2B
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       01964FDA191120AA404C64278953334A810C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          1388
Signing time:             Sat 19 Apr 2025 21:00:15 +0000
Manifest this update:     Sat 19 Apr 2025 21:00:15 +0000
Manifest next update:     Sun 20 Apr 2025 21:00:15 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: XBjHLb+ZTvsUKziM88EZGyzL2HGNrfWSViSUA35kumU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 21:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:da:19:11:20:aa:40:4c:64:27:89:53:33:4a:81:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Apr 19 21:00:15 2025 GMT
            Not After : Apr 20 21:00:15 2025 GMT
        Subject: CN=0a902183c966242ebeff00e904869ccfa0fbbd2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:85:6e:4f:94:1b:14:d0:e4:a4:76:2c:bc:4b:
                    0e:63:93:ac:bb:d4:f6:f1:70:71:19:79:10:8c:ec:
                    c9:a4:95:3e:b0:d7:16:e8:7c:05:34:95:4e:e9:1d:
                    a6:1e:4d:16:8f:ff:2c:e2:93:cd:10:38:d5:a5:60:
                    c3:67:f5:9e:1a:48:d2:1e:9a:49:9d:e2:52:97:11:
                    fe:92:23:40:20:11:ec:c0:89:2e:e7:c8:b6:ac:a0:
                    58:c7:14:c4:10:59:f4:ac:3d:22:5e:d8:de:c5:af:
                    cd:fa:fe:22:ea:2a:5a:b2:53:3f:1a:74:70:82:55:
                    b1:cd:a1:ea:52:12:7a:9c:f1:ea:39:46:a0:8f:49:
                    27:3e:4c:06:43:d9:c6:c7:2c:72:10:90:ff:38:7a:
                    af:43:3b:6b:8c:5c:2b:3f:76:f3:8f:fe:90:55:a3:
                    a7:11:8f:e0:97:f4:12:ec:78:65:b9:52:3d:d4:7d:
                    05:3a:46:56:08:6a:ad:7c:69:24:04:d1:15:48:08:
                    16:56:79:7b:06:af:09:32:a6:36:a0:f6:f8:a2:05:
                    0f:06:5c:30:e0:57:0f:42:7c:12:b5:10:0e:5f:d9:
                    b3:61:c9:c0:0e:fa:f4:e3:9f:e4:21:7f:21:d4:74:
                    ca:41:8e:91:3a:cc:33:ed:82:e1:c9:fe:2a:7f:8b:
                    31:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:90:21:83:C9:66:24:2E:BE:FF:00:E9:04:86:9C:CF:A0:FB:BD:2B
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:d6:cb:05:9c:89:3e:19:fc:35:58:b8:31:ee:3f:e0:5e:cf:
         93:3b:37:63:f5:03:59:e7:1f:0a:0d:c9:16:f9:4e:59:7c:77:
         9f:8b:b8:6f:cd:2c:67:e9:6d:be:dd:36:66:88:db:c6:66:9d:
         02:ee:64:1a:cf:01:0b:ae:32:8a:4d:e8:5e:52:39:23:aa:be:
         98:27:a6:37:22:3c:05:0e:4f:8c:14:b0:8c:d5:d9:4a:93:a7:
         52:31:3f:c0:d5:b0:83:09:94:7b:5c:98:dd:fd:f9:fd:7a:31:
         13:95:55:9a:00:71:01:f6:d5:ad:0d:5e:11:64:bb:c1:0d:24:
         c0:f3:17:c8:dd:d8:64:ab:41:a8:50:89:b1:0e:36:7d:fd:d4:
         75:d8:ce:81:11:aa:26:d9:ad:3d:05:dd:73:89:d4:8f:ec:cc:
         f7:ee:cb:b1:93:4f:f8:bc:f6:8c:e9:90:bf:44:13:41:f1:e5:
         50:e0:59:85:80:0a:69:8a:e5:27:88:1a:15:d6:3f:f5:71:f6:
         f8:a7:92:4c:6d:0d:73:ab:d1:e9:fc:66:68:d4:51:73:7b:89:
         e6:57:37:14:8b:c1:58:f2:11:4b:40:43:26:71:26:81:6f:52:
         89:1d:fc:71:5e:3b:00:90:aa:03:c7:74:b1:7a:70:a0:a3:4a:
         7f:63:6a:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2hkRIKpATGQniVMzSoEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUwNDE5MjEwMDE1WhcNMjUwNDIwMjEwMDE1WjAzMTEwLwYDVQQD
EygwYTkwMjE4M2M5NjYyNDJlYmVmZjAwZTkwNDg2OWNjZmEwZmJiZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4VuT5QbFNDkpHYsvEsOY5Osu9T2
8XBxGXkQjOzJpJU+sNcW6HwFNJVO6R2mHk0Wj/8s4pPNEDjVpWDDZ/WeGkjSHppJ
neJSlxH+kiNAIBHswIku58i2rKBYxxTEEFn0rD0iXtjexa/N+v4i6ipaslM/GnRw
glWxzaHqUhJ6nPHqOUagj0knPkwGQ9nGxyxyEJD/OHqvQztrjFwrP3bzj/6QVaOn
EY/gl/QS7HhluVI91H0FOkZWCGqtfGkkBNEVSAgWVnl7Bq8JMqY2oPb4ogUPBlww
4FcPQnwStRAOX9mzYcnADvr045/kIX8h1HTKQY6ROswz7YLhyf4qf4sxAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqQIYPJZiQuvv8A6QSGnM+g+70rMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNbLBZyJ
Phn8NVi4Me4/4F7Pkzs3Y/UDWecfCg3JFvlOWXx3n4u4b80sZ+ltvt02Zojbxmad
Au5kGs8BC64yik3oXlI5I6q+mCemNyI8BQ5PjBSwjNXZSpOnUjE/wNWwgwmUe1yY
3f35/XoxE5VVmgBxAfbVrQ1eEWS7wQ0kwPMXyN3YZKtBqFCJsQ42ff3UddjOgRGq
JtmtPQXdc4nUj+zM9+7LsZNP+Lz2jOmQv0QTQfHlUOBZhYAKaYrlJ4gaFdY/9XH2
+KeSTG0Nc6vR6fxmaNRRc3uJ5lc3FIvBWPIRS0BDJnEmgW9SiR38cV47AJCqA8d0
sXpwoKNKf2Nq7Q==
-----END CERTIFICATE-----