Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          5b6JQysoiIciPQT/rEPI9AmMzEbYPnMsGIUdmCW+IeA=
Subject key identifier:   AD:FE:72:EE:2B:79:5E:CF:30:97:09:95:DF:FE:F4:4C:B9:CA:66:74
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       0196586FA5A1E11EA6776404FF8405705E73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 13:00:33 +0000
Manifest this update:     Mon 21 Apr 2025 13:00:33 +0000
Manifest next update:     Tue 22 Apr 2025 13:00:33 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: /BhfZzpeLa9QL3CZCIZ3I6Q9RqvBmPrHSz4rfxmmWsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:6f:a5:a1:e1:1e:a6:77:64:04:ff:84:05:70:5e:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Apr 21 13:00:33 2025 GMT
            Not After : Apr 22 13:00:33 2025 GMT
        Subject: CN=adfe72ee2b795ecf30970995dffef44cb9ca6674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:de:46:4a:be:bb:f8:70:21:31:6f:f5:ce:ec:
                    80:94:43:6f:71:9e:c3:40:98:ac:1b:ac:33:af:c4:
                    ed:d5:09:d1:8c:df:13:4d:10:a1:4a:1c:e8:f2:36:
                    15:18:79:a2:02:f2:22:5f:89:22:ca:06:19:8c:e6:
                    d2:8b:4f:2b:34:01:43:8c:dc:a5:e9:62:fe:3a:60:
                    e1:80:ee:0f:08:e3:69:d5:09:f9:65:93:32:74:40:
                    06:d8:04:20:65:8d:6e:94:a6:9e:24:c5:60:4b:0b:
                    01:cb:7d:30:fd:53:1b:44:eb:b3:6d:14:9a:d1:ef:
                    e2:22:10:ff:fb:fa:99:8e:e6:e9:f9:e4:36:8c:10:
                    21:94:4b:c3:c0:c0:bf:a4:6d:2b:f7:7e:43:96:04:
                    26:a8:08:f5:ef:4b:d4:0d:a5:e3:1f:e9:b4:15:42:
                    e6:19:42:4b:26:45:91:13:e6:58:1a:f4:aa:7b:f7:
                    d4:2c:b0:16:98:5c:04:51:d9:fd:1b:d1:b1:b0:fc:
                    51:3c:28:d2:42:96:ef:4c:e3:95:82:48:81:2d:c9:
                    cb:f0:89:31:cb:d6:31:0b:46:6f:1f:22:ae:b8:c5:
                    58:be:d1:01:95:60:50:d2:05:10:87:39:9f:e2:8d:
                    3c:be:4d:dc:9f:fb:94:66:25:4f:a5:d0:fb:93:27:
                    d9:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:FE:72:EE:2B:79:5E:CF:30:97:09:95:DF:FE:F4:4C:B9:CA:66:74
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:f2:15:17:63:eb:1e:a2:ef:57:5d:ff:62:ee:96:34:ca:a5:
         f4:0c:d1:11:13:8e:f2:b2:83:13:56:52:80:a7:d7:ec:ca:46:
         c0:3b:8f:58:a5:cb:30:20:b3:d5:b4:7e:41:bf:a1:40:b5:9a:
         8a:00:57:00:22:6f:e7:c9:51:84:43:7a:55:92:37:cf:f5:07:
         57:ef:f0:8d:e2:67:70:e5:9c:ce:84:6e:90:d5:36:07:a5:5d:
         92:7e:ba:1d:51:18:a1:07:3a:df:78:34:dd:c1:6b:4b:d7:32:
         db:70:45:24:a4:d4:69:4a:b5:3c:78:f0:9b:7c:21:62:95:f5:
         f2:d3:66:a5:28:bc:c0:2d:35:78:7e:96:18:cc:9f:a8:96:73:
         8c:23:3e:f6:6c:19:7f:a8:5a:ed:99:93:b1:ad:f8:5b:0c:97:
         5e:23:f1:85:8c:df:12:ab:a5:b9:69:4b:2e:95:5f:c0:c7:fe:
         df:57:c7:01:84:f8:5d:80:9b:67:a9:31:b2:30:5c:9e:e1:f2:
         cb:f6:99:0b:f4:4a:a5:04:eb:2f:c7:a1:30:44:9a:6c:2f:04:
         10:a7:49:9c:a6:42:0f:99:e9:99:fb:9a:b1:b8:9b:f9:c3:55:
         30:a7:57:24:2c:9e:35:c1:7f:4e:b9:bb:7a:93:19:70:47:6e:
         26:db:04:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYb6Wh4R6md2QE/4QFcF5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUwNDIxMTMwMDMzWhcNMjUwNDIyMTMwMDMzWjAzMTEwLwYDVQQD
EyhhZGZlNzJlZTJiNzk1ZWNmMzA5NzA5OTVkZmZlZjQ0Y2I5Y2E2Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot5GSr67+HAhMW/1zuyAlENvcZ7D
QJisG6wzr8Tt1QnRjN8TTRChShzo8jYVGHmiAvIiX4kiygYZjObSi08rNAFDjNyl
6WL+OmDhgO4PCONp1Qn5ZZMydEAG2AQgZY1ulKaeJMVgSwsBy30w/VMbROuzbRSa
0e/iIhD/+/qZjubp+eQ2jBAhlEvDwMC/pG0r935DlgQmqAj170vUDaXjH+m0FULm
GUJLJkWRE+ZYGvSqe/fULLAWmFwEUdn9G9GxsPxRPCjSQpbvTOOVgkiBLcnL8Ikx
y9YxC0ZvHyKuuMVYvtEBlWBQ0gUQhzmf4o08vk3cn/uUZiVPpdD7kyfZEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3+cu4reV7PMJcJld/+9Ey5ymZ0MB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlfIVF2Pr
HqLvV13/Yu6WNMql9AzREROO8rKDE1ZSgKfX7MpGwDuPWKXLMCCz1bR+Qb+hQLWa
igBXACJv58lRhEN6VZI3z/UHV+/wjeJncOWczoRukNU2B6Vdkn66HVEYoQc633g0
3cFrS9cy23BFJKTUaUq1PHjwm3whYpX18tNmpSi8wC01eH6WGMyfqJZzjCM+9mwZ
f6ha7ZmTsa34WwyXXiPxhYzfEquluWlLLpVfwMf+31fHAYT4XYCbZ6kxsjBcnuHy
y/aZC/RKpQTrL8ehMESabC8EEKdJnKZCD5npmfuasbib+cNVMKdXJCyeNcF/Trm7
epMZcEduJtsEfA==
-----END CERTIFICATE-----