Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          qIL6xNhASqMVqQG5CnzVMWRfUgg1nodW8V7Txes2Rms=
Subject key identifier:   1D:74:C9:59:D7:83:1C:39:88:87:9A:35:9F:79:1D:32:73:A0:B5:5D
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       01964AEB09FBE27A3ABBAADC76F78AF36E17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0459
Signing time:             Fri 18 Apr 2025 22:00:39 +0000
Manifest this update:     Fri 18 Apr 2025 22:00:39 +0000
Manifest next update:     Sat 19 Apr 2025 22:00:39 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: aDmXxco5qjmwFbF328hiAnigzHYrqgs7zmsJazTvKi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:eb:09:fb:e2:7a:3a:bb:aa:dc:76:f7:8a:f3:6e:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Apr 18 22:00:39 2025 GMT
            Not After : Apr 19 22:00:39 2025 GMT
        Subject: CN=1d74c959d7831c3988879a359f791d3273a0b55d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:74:db:fd:3e:a5:e7:b6:ff:65:ba:b4:1b:eb:
                    b8:ea:8a:5b:e6:03:40:9d:c4:04:6b:83:58:8a:a7:
                    65:3c:c5:32:fe:f8:f0:63:cb:28:7d:35:be:c8:3a:
                    7f:86:87:40:91:02:8e:af:d2:fd:84:3b:90:ca:b8:
                    ff:e3:46:84:d1:94:18:39:93:12:c2:46:33:f3:30:
                    73:02:04:50:7d:81:23:82:bb:7c:e5:ff:50:e0:fc:
                    d5:51:3a:36:6a:27:12:18:69:8b:41:73:93:c7:a6:
                    18:ae:bb:11:e8:b7:2a:a1:a3:5d:7a:20:c6:a8:69:
                    d8:31:55:75:b9:dd:e5:ba:fc:89:69:57:04:63:e4:
                    fa:37:74:12:6d:e4:b2:b3:7b:94:9e:be:df:9d:cc:
                    4f:57:78:58:6e:c8:0a:8f:4f:ba:90:3e:d8:13:7d:
                    c1:62:4c:45:a3:f7:91:ad:97:03:ab:b3:06:05:ef:
                    c6:ff:f5:2e:31:71:b3:bb:d7:72:c0:16:7a:f2:b6:
                    13:ff:b8:27:ee:68:e9:da:f7:cb:04:91:be:be:ce:
                    d3:34:98:3d:2c:00:cd:73:13:03:7e:da:19:73:50:
                    00:1a:73:96:ad:34:bb:4f:6f:14:37:61:64:a1:e3:
                    dd:92:5b:b2:45:10:84:56:b0:d9:e2:bf:d9:7e:a6:
                    9b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:74:C9:59:D7:83:1C:39:88:87:9A:35:9F:79:1D:32:73:A0:B5:5D
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:c9:b6:43:a0:4e:49:b5:33:20:be:a0:ae:54:22:6b:88:06:
         ad:e4:e9:a8:b5:25:8b:e0:e0:3b:db:2a:9f:7e:d7:0c:97:f3:
         64:87:9e:c0:db:dd:f0:97:67:2e:69:2e:43:0f:f8:77:25:0c:
         ae:4d:84:35:99:8f:3f:27:b9:74:04:5e:01:09:dd:65:95:f0:
         0f:8d:f4:6e:4f:11:65:13:7a:42:df:82:4c:ac:42:88:6f:66:
         59:d6:45:d8:73:1f:61:01:94:30:cf:ec:ee:df:18:1c:8b:5a:
         59:78:e4:a9:b4:91:76:3d:b6:40:b1:b4:47:e3:10:3e:c3:f5:
         7c:07:96:18:d8:f6:d7:34:85:c1:63:c8:6b:63:3c:97:1c:a1:
         45:29:be:ce:37:8c:53:d1:51:86:3e:a0:0f:50:c1:b8:9f:a9:
         a1:27:2b:a5:8c:6c:fe:6c:07:0d:56:87:ab:73:51:5e:e1:1f:
         47:74:66:a7:f3:af:2c:a4:31:4d:ce:23:a4:83:72:01:5d:b9:
         bf:ba:31:f3:05:58:4d:7d:53:14:ca:40:4d:0e:90:9f:12:e6:
         bb:62:fd:9a:81:57:8c:7f:59:e4:b8:f2:52:6d:8c:02:77:30:
         dc:79:6f:52:ed:01:70:a7:84:f9:14:10:41:81:08:11:e5:4f:
         69:3e:20:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZK6wn74no6u6rcdveK824XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwNDE4MjIwMDM5WhcNMjUwNDE5MjIwMDM5WjAzMTEwLwYDVQQD
EygxZDc0Yzk1OWQ3ODMxYzM5ODg4NzlhMzU5Zjc5MWQzMjczYTBiNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33Tb/T6l57b/Zbq0G+u46opb5gNA
ncQEa4NYiqdlPMUy/vjwY8sofTW+yDp/hodAkQKOr9L9hDuQyrj/40aE0ZQYOZMS
wkYz8zBzAgRQfYEjgrt85f9Q4PzVUTo2aicSGGmLQXOTx6YYrrsR6LcqoaNdeiDG
qGnYMVV1ud3luvyJaVcEY+T6N3QSbeSys3uUnr7fncxPV3hYbsgKj0+6kD7YE33B
YkxFo/eRrZcDq7MGBe/G//UuMXGzu9dywBZ68rYT/7gn7mjp2vfLBJG+vs7TNJg9
LADNcxMDftoZc1AAGnOWrTS7T28UN2FkoePdkluyRRCEVrDZ4r/ZfqabMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB10yVnXgxw5iIeaNZ95HTJzoLVdMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8m2Q6BO
SbUzIL6grlQia4gGreTpqLUli+DgO9sqn37XDJfzZIeewNvd8JdnLmkuQw/4dyUM
rk2ENZmPPye5dAReAQndZZXwD430bk8RZRN6Qt+CTKxCiG9mWdZF2HMfYQGUMM/s
7t8YHItaWXjkqbSRdj22QLG0R+MQPsP1fAeWGNj21zSFwWPIa2M8lxyhRSm+zjeM
U9FRhj6gD1DBuJ+poScrpYxs/mwHDVaHq3NRXuEfR3Rmp/OvLKQxTc4jpINyAV25
v7ox8wVYTX1TFMpATQ6QnxLmu2L9moFXjH9Z5LjyUm2MAncw3HlvUu0BcKeE+RQQ
QYEIEeVPaT4g7g==
-----END CERTIFICATE-----