Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          5P6qmVUOLMSE/DI4P6HjYsGCIASos3DN0aZgKdFUfmc=
Subject key identifier:   EC:80:BB:8F:94:FD:76:BB:A0:39:11:7B:93:D7:06:BF:F1:9D:D0:9C
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       019650ED1A76AE6D09467B671BBD62C65411
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          0283
Signing time:             Sun 20 Apr 2025 02:00:38 +0000
Manifest this update:     Sun 20 Apr 2025 02:00:38 +0000
Manifest next update:     Mon 21 Apr 2025 02:00:38 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: Ftvn0E1v2hgB4hgxs65Ccw23IRPshdrgJTHzc4i66Uc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:ed:1a:76:ae:6d:09:46:7b:67:1b:bd:62:c6:54:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: Apr 20 02:00:38 2025 GMT
            Not After : Apr 21 02:00:38 2025 GMT
        Subject: CN=ec80bb8f94fd76bba039117b93d706bff19dd09c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6d:11:cd:4d:53:75:2a:48:51:1d:ee:c5:10:
                    90:d4:a9:13:67:c6:1b:10:7a:c6:c5:72:21:2a:4b:
                    52:71:a9:1c:aa:ef:bc:b9:d6:d1:09:0f:b2:d2:01:
                    26:b1:32:f3:ef:e7:43:d3:1f:f4:29:fd:4e:bc:eb:
                    ea:b2:9e:6d:b1:bf:73:3a:63:b6:e2:1f:66:d4:ab:
                    a3:3b:ea:c0:3c:d8:82:c8:08:db:8e:91:88:17:28:
                    1c:f1:66:92:6a:d3:1c:c0:57:da:8c:1c:68:7d:fd:
                    79:e2:1f:b9:a8:e4:62:44:0a:a0:d6:8a:00:d3:1f:
                    b8:8c:3d:b5:5e:e8:93:06:2a:36:9d:e3:90:c1:f6:
                    3b:f7:c6:b5:2e:49:b7:51:5c:b8:27:00:19:5f:3a:
                    e4:c8:27:fb:64:78:ca:3f:b6:2e:bb:20:7d:73:c7:
                    74:8f:72:3b:05:5e:44:c2:93:fe:dd:57:c0:99:0e:
                    95:fc:fe:e7:ec:85:8e:0a:0b:c8:ca:b4:f8:a8:c5:
                    86:06:28:70:9f:00:74:b4:ad:af:e3:53:78:76:46:
                    05:8e:3f:5d:d1:36:00:8e:44:22:b4:fd:93:cb:f4:
                    9a:59:6e:aa:2a:7c:84:c2:25:10:75:78:c4:f6:32:
                    1a:d8:3a:ae:59:6f:b5:58:de:d2:35:59:89:92:79:
                    61:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:80:BB:8F:94:FD:76:BB:A0:39:11:7B:93:D7:06:BF:F1:9D:D0:9C
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:e3:dd:2a:c9:81:ef:9d:79:9b:c2:ec:a1:16:bd:cd:16:62:
         e3:b2:dd:07:bd:c3:92:93:8a:7d:d0:47:54:74:cc:88:d8:99:
         b5:59:ff:06:f4:56:91:33:23:53:c6:f6:64:70:39:37:b4:bc:
         30:00:65:ba:94:a4:b3:35:bb:4b:69:ab:38:ff:ae:11:c0:c8:
         26:a2:73:3d:0f:2d:74:c3:2d:44:94:9e:fd:2f:4a:cc:33:0b:
         6b:db:a9:29:cf:98:93:b6:8a:46:0c:b9:4b:f8:f1:7f:40:ac:
         ab:d6:f0:c6:12:e5:0b:77:d2:be:c2:a6:d4:01:af:f1:ba:e6:
         52:42:0d:53:bf:50:8a:0e:18:71:12:7d:cc:72:85:07:1f:81:
         80:9b:6c:8d:92:42:70:80:56:4e:aa:3f:41:e2:59:cd:d5:a3:
         22:2a:7f:39:93:c4:8e:39:45:2d:1e:2b:11:3b:c7:22:19:84:
         d3:2c:d0:cb:8b:0c:73:b1:80:09:5a:bd:22:9d:33:b8:79:81:
         59:6d:bc:e3:48:3e:5d:b7:5f:e4:d4:ed:da:44:18:22:5c:b0:
         6c:d9:de:45:b5:0e:99:69:7f:b0:5b:95:54:aa:63:ff:f2:84:
         43:23:c4:d5:a6:61:f3:bd:55:5b:e3:8b:d7:f3:47:02:de:94:
         39:0f:bf:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQ7Rp2rm0JRntnG71ixlQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjUwNDIwMDIwMDM4WhcNMjUwNDIxMDIwMDM4WjAzMTEwLwYDVQQD
EyhlYzgwYmI4Zjk0ZmQ3NmJiYTAzOTExN2I5M2Q3MDZiZmYxOWRkMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG0RzU1TdSpIUR3uxRCQ1KkTZ8Yb
EHrGxXIhKktScakcqu+8udbRCQ+y0gEmsTLz7+dD0x/0Kf1OvOvqsp5tsb9zOmO2
4h9m1KujO+rAPNiCyAjbjpGIFygc8WaSatMcwFfajBxoff154h+5qORiRAqg1ooA
0x+4jD21XuiTBio2neOQwfY798a1Lkm3UVy4JwAZXzrkyCf7ZHjKP7YuuyB9c8d0
j3I7BV5EwpP+3VfAmQ6V/P7n7IWOCgvIyrT4qMWGBihwnwB0tK2v41N4dkYFjj9d
0TYAjkQitP2Ty/SaWW6qKnyEwiUQdXjE9jIa2DquWW+1WN7SNVmJknlhOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyAu4+U/Xa7oDkRe5PXBr/xndCcMB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOPdKsmB
7515m8LsoRa9zRZi47LdB73DkpOKfdBHVHTMiNiZtVn/BvRWkTMjU8b2ZHA5N7S8
MABlupSkszW7S2mrOP+uEcDIJqJzPQ8tdMMtRJSe/S9KzDMLa9upKc+Yk7aKRgy5
S/jxf0Csq9bwxhLlC3fSvsKm1AGv8brmUkINU79Qig4YcRJ9zHKFBx+BgJtsjZJC
cIBWTqo/QeJZzdWjIip/OZPEjjlFLR4rETvHIhmE0yzQy4sMc7GACVq9Ip0zuHmB
WW2840g+Xbdf5NTt2kQYIlywbNneRbUOmWl/sFuVVKpj//KEQyPE1aZh871VW+OL
1/NHAt6UOQ+/Xw==
-----END CERTIFICATE-----