Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          5bL6RCyEVrpKeNgi2FnyzfNsNkpjqW9jTAHRA9viEyA=
Subject key identifier:   16:5C:F4:E8:1B:5A:79:D1:5D:33:AD:87:16:50:15:D4:AA:02:77:1E
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       0196458DC2B8FEDFE7E4D4558895112CCCBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          14F2
Signing time:             Thu 17 Apr 2025 21:00:40 +0000
Manifest this update:     Thu 17 Apr 2025 21:00:40 +0000
Manifest next update:     Fri 18 Apr 2025 21:00:40 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: kwblOSOOquo42VoCpoAObq5OkPxGOOn5wWa4kJj3EJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:8d:c2:b8:fe:df:e7:e4:d4:55:88:95:11:2c:cc:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: Apr 17 21:00:40 2025 GMT
            Not After : Apr 18 21:00:40 2025 GMT
        Subject: CN=165cf4e81b5a79d15d33ad87165015d4aa02771e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2d:da:13:9d:73:a8:0c:04:b1:52:43:68:50:
                    0d:bb:d0:b7:55:8e:c2:52:fa:cc:e4:0c:1d:07:83:
                    a2:a5:c4:04:ca:c7:b1:b1:a5:88:54:e3:87:60:dc:
                    bd:7a:ca:25:fe:82:6c:86:0c:e6:c0:ad:80:44:2c:
                    79:30:47:ae:8b:b7:b5:4c:db:bb:79:96:30:16:29:
                    17:99:87:82:6b:b0:9a:b2:73:d3:e2:8c:22:a2:a3:
                    03:d9:f5:2c:69:62:6d:21:a6:c7:11:e4:a9:78:c7:
                    05:9b:75:90:ba:ec:be:78:1f:00:e1:59:01:1d:00:
                    64:4b:fa:cd:73:a1:d5:4a:ed:30:ef:04:9a:44:e9:
                    ab:1b:91:c6:e0:b3:bf:29:58:31:39:3d:2a:18:7f:
                    db:39:6c:13:0c:4e:01:7f:e1:92:58:46:ea:d3:52:
                    43:7b:50:b3:36:6c:7b:4d:ae:a6:b8:be:b8:46:13:
                    56:43:3c:10:fb:a7:61:3c:04:a0:41:4d:5e:c1:69:
                    84:67:1e:f1:5c:8f:ad:a3:ee:5d:63:d9:96:f2:54:
                    88:ab:d4:67:62:9b:43:ac:aa:f4:02:8c:23:d1:b3:
                    c4:c8:dc:12:95:e8:81:c5:23:44:0c:7c:40:fd:6a:
                    ac:ee:8b:58:4c:5e:36:5c:f4:9a:13:77:f5:20:2f:
                    0a:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:5C:F4:E8:1B:5A:79:D1:5D:33:AD:87:16:50:15:D4:AA:02:77:1E
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:52:cc:16:fa:95:3c:92:67:ad:a4:5e:6c:92:96:82:7a:6a:
         41:91:32:be:32:25:37:54:87:bf:57:45:0f:b1:19:69:ce:4c:
         1e:03:46:d2:f8:87:1d:db:92:8b:81:8d:88:cd:06:3c:76:2d:
         ae:75:96:67:59:cd:d7:87:1f:48:64:45:88:98:85:b4:70:c7:
         b2:52:af:db:84:66:93:9f:10:37:bd:36:85:4f:91:c0:00:05:
         0a:1b:04:a5:e1:03:3e:c0:8b:28:f0:06:a3:36:e5:5a:09:f7:
         86:3b:f8:b4:75:36:80:87:ef:22:66:f0:d7:90:7e:cd:07:0c:
         21:ba:6a:c5:b0:2b:59:58:11:89:ce:00:69:54:73:99:32:30:
         6f:36:1f:bc:b7:a2:1d:87:f5:67:bb:d4:5d:d9:83:44:71:fa:
         14:f7:4d:8e:0a:e8:7f:7a:7b:f3:3f:82:48:09:1d:20:66:ad:
         c3:94:3d:f4:ff:2f:3a:9a:b7:8f:32:7f:0e:b6:b5:ee:d2:e4:
         3a:db:2c:d3:51:da:30:4a:24:f1:86:39:97:4d:dd:be:4f:98:
         a0:fe:85:c7:58:51:61:b0:ac:82:3b:1d:50:f3:c7:1c:7a:85:
         7d:83:e7:d2:05:19:19:7e:01:2d:65:75:b6:a4:61:7e:78:2b:
         66:a3:c5:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFjcK4/t/n5NRViJURLMy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjUwNDE3MjEwMDQwWhcNMjUwNDE4MjEwMDQwWjAzMTEwLwYDVQQD
EygxNjVjZjRlODFiNWE3OWQxNWQzM2FkODcxNjUwMTVkNGFhMDI3NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS3aE51zqAwEsVJDaFANu9C3VY7C
UvrM5AwdB4OipcQEysexsaWIVOOHYNy9esol/oJshgzmwK2ARCx5MEeui7e1TNu7
eZYwFikXmYeCa7CasnPT4owioqMD2fUsaWJtIabHEeSpeMcFm3WQuuy+eB8A4VkB
HQBkS/rNc6HVSu0w7wSaROmrG5HG4LO/KVgxOT0qGH/bOWwTDE4Bf+GSWEbq01JD
e1CzNmx7Ta6muL64RhNWQzwQ+6dhPASgQU1ewWmEZx7xXI+to+5dY9mW8lSIq9Rn
YptDrKr0Aowj0bPEyNwSleiBxSNEDHxA/Wqs7otYTF42XPSaE3f1IC8KfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZc9OgbWnnRXTOthxZQFdSqAnceMB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlLMFvqV
PJJnraRebJKWgnpqQZEyvjIlN1SHv1dFD7EZac5MHgNG0viHHduSi4GNiM0GPHYt
rnWWZ1nN14cfSGRFiJiFtHDHslKv24Rmk58QN702hU+RwAAFChsEpeEDPsCLKPAG
ozblWgn3hjv4tHU2gIfvImbw15B+zQcMIbpqxbArWVgRic4AaVRzmTIwbzYfvLei
HYf1Z7vUXdmDRHH6FPdNjgrof3p78z+CSAkdIGatw5Q99P8vOpq3jzJ/Dra17tLk
Otss01HaMEok8YY5l03dvk+YoP6Fx1hRYbCsgjsdUPPHHHqFfYPn0gUZGX4BLWV1
tqRhfngrZqPF5A==
-----END CERTIFICATE-----