Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
File:                     rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json)
Hash identifier:          WpvQx8z51zpEa8tjUBMqSiZYg1yw4sGT7aHb0pDR55s=
Subject key identifier:   DF:10:F5:8B:3F:46:D9:F7:C3:67:82:3B:CC:2F:4F:84:EB:59:34:CD
Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5
Certificate issuer:       /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
Certificate serial:       01964CD939327D480A4D64D37E1E971E752B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
Manifest number:          11CA
Signing time:             Sat 19 Apr 2025 07:00:26 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:26 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:26 +0000
Files and hashes:         1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: hFxrCKCrHlSA6f5NtAkU5Ova1knoON8pVIlB6cBch3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:39:32:7d:48:0a:4d:64:d3:7e:1e:97:1e:75:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
        Validity
            Not Before: Apr 19 07:00:26 2025 GMT
            Not After : Apr 20 07:00:26 2025 GMT
        Subject: CN=df10f58b3f46d9f7c367823bcc2f4f84eb5934cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:6b:b0:be:a9:13:6f:64:ac:3b:09:88:46:0d:
                    e5:63:49:9c:e3:d9:1f:b3:1d:5d:6a:8a:99:ee:09:
                    ff:fb:64:80:05:f5:6c:79:81:e7:18:45:d3:4a:c3:
                    03:8c:d2:48:e1:d9:d1:8a:56:9b:47:4f:60:eb:7c:
                    73:5f:cc:32:08:9b:33:17:46:19:fd:24:2e:9e:16:
                    02:4b:d5:22:6a:56:a9:26:ff:9e:d8:a8:14:f1:14:
                    6b:87:0f:07:6c:63:78:c0:51:a4:ce:d3:55:b6:25:
                    e3:bf:bb:cb:c8:5a:5f:18:02:2e:37:ac:a3:67:f4:
                    a0:bf:39:26:ca:8e:95:24:27:f2:64:75:f6:c1:a1:
                    a1:6f:09:27:ac:f0:8f:a5:d0:a8:5d:58:55:fe:f3:
                    c4:93:3b:72:c5:e8:9c:f8:05:03:36:93:5e:7a:fb:
                    81:ab:e4:59:4b:d8:f8:c8:93:af:c4:44:5c:d2:56:
                    e4:88:b5:0c:a5:98:18:77:33:44:92:76:bd:93:22:
                    0d:a7:fb:9a:c9:8e:fb:7d:e5:0c:83:2e:a4:f6:39:
                    2f:c0:d3:4d:dd:4f:63:45:d1:26:c1:14:24:13:d1:
                    67:3e:3c:1e:f9:89:88:b7:18:0e:39:e3:17:38:86:
                    93:89:11:89:28:de:a6:6a:28:1d:0b:cc:69:c4:c0:
                    ad:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:10:F5:8B:3F:46:D9:F7:C3:67:82:3B:CC:2F:4F:84:EB:59:34:CD
            X509v3 Authority Key Identifier:
                keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:0a:e1:f8:59:b1:8d:7f:69:30:15:69:84:ab:bf:a2:c9:84:
         3d:4c:b8:91:42:4b:60:a3:f3:b2:eb:3b:22:1a:d6:04:70:be:
         dd:ac:1b:fd:af:a9:80:54:e4:94:33:d9:c2:54:cd:85:b1:f0:
         3d:61:14:49:29:51:e5:dd:32:fb:1d:24:2b:b4:c0:60:cd:45:
         3a:1d:c6:25:b7:a0:e2:d9:6d:0b:68:d4:c0:7c:2e:9f:3d:09:
         f4:2d:35:21:2c:61:47:eb:7c:21:ef:27:0e:2d:de:a4:2f:fd:
         d7:11:db:8a:be:61:92:31:42:0f:95:e4:fc:04:22:f6:1f:7b:
         ee:5a:f6:f4:d2:cc:3e:5b:9c:28:56:ec:f8:92:02:e7:00:57:
         75:eb:65:8b:ff:01:30:ab:4c:99:50:a5:24:37:67:80:89:9e:
         bc:af:db:1a:9d:3e:a7:8a:1a:7a:b7:9b:23:14:0a:9b:35:bf:
         a3:53:19:12:a3:44:bd:39:56:37:76:c6:c5:6f:d5:d7:c9:55:
         59:57:c2:c1:17:62:f7:38:46:2f:bc:a6:c6:58:67:2d:df:dc:
         c2:25:13:b0:38:29:75:fb:44:e0:b8:ab:a6:85:ef:c0:14:4c:
         e3:d7:90:af:80:05:60:72:5c:72:16:92:db:f8:da:83:e6:63:
         1b:90:e2:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2TkyfUgKTWTTfh6XHnUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl
NzhhZjUwHhcNMjUwNDE5MDcwMDI2WhcNMjUwNDIwMDcwMDI2WjAzMTEwLwYDVQQD
EyhkZjEwZjU4YjNmNDZkOWY3YzM2NzgyM2JjYzJmNGY4NGViNTkzNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2uwvqkTb2SsOwmIRg3lY0mc49kf
sx1daoqZ7gn/+2SABfVseYHnGEXTSsMDjNJI4dnRilabR09g63xzX8wyCJszF0YZ
/SQunhYCS9UialapJv+e2KgU8RRrhw8HbGN4wFGkztNVtiXjv7vLyFpfGAIuN6yj
Z/Sgvzkmyo6VJCfyZHX2waGhbwknrPCPpdCoXVhV/vPEkztyxeic+AUDNpNeevuB
q+RZS9j4yJOvxERc0lbkiLUMpZgYdzNEkna9kyINp/uayY77feUMgy6k9jkvwNNN
3U9jRdEmwRQkE9FnPjwe+YmItxgOOeMXOIaTiRGJKN6maigdC8xpxMCtgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8Q9Ys/Rtn3w2eCO8wvT4TrWTTNMB8GA1UdIwQY
MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt
ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1
LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgrh+Fmx
jX9pMBVphKu/osmEPUy4kUJLYKPzsus7IhrWBHC+3awb/a+pgFTklDPZwlTNhbHw
PWEUSSlR5d0y+x0kK7TAYM1FOh3GJbeg4tltC2jUwHwunz0J9C01ISxhR+t8Ie8n
Di3epC/91xHbir5hkjFCD5Xk/AQi9h977lr29NLMPlucKFbs+JIC5wBXdetli/8B
MKtMmVClJDdngImevK/bGp0+p4oaerebIxQKmzW/o1MZEqNEvTlWN3bGxW/V18lV
WVfCwRdi9zhGL7ymxlhnLd/cwiUTsDgpdftE4LirpoXvwBRM49eQr4AFYHJcchaS
2/jag+ZjG5Diqw==
-----END CERTIFICATE-----