Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          8J+hQrrgxBfGVuRTL2iYPA8hOtGOhNPIovOF6lnjim4=
Subject key identifier:   14:2C:88:67:0E:6C:B8:BF:00:F2:0E:F6:4F:6E:04:BB:19:03:37:C1
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019655387D002ACE6091D1D212CD167C9EF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          0582
Signing time:             Sun 20 Apr 2025 22:01:27 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:27 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:27 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: oPD9ywiGRGeMfONycpj79MLq+GTVH+jpRgNdxCValP0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:7d:00:2a:ce:60:91:d1:d2:12:cd:16:7c:9e:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Apr 20 22:01:27 2025 GMT
            Not After : Apr 21 22:01:27 2025 GMT
        Subject: CN=142c88670e6cb8bf00f20ef64f6e04bb190337c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7d:25:8e:38:4b:ff:27:3b:e5:5d:47:be:ef:
                    d1:67:71:6f:65:34:15:bf:46:96:43:2f:0e:f3:d8:
                    5c:38:3f:ab:4c:75:5a:f9:d1:0e:16:20:6f:ed:b1:
                    b1:f1:e3:d1:72:63:68:fc:3a:42:3f:ff:ac:a8:9e:
                    4a:2d:4a:c0:cb:d7:f0:a8:55:7d:4c:eb:ef:49:41:
                    9d:ea:9d:8a:a3:0b:cf:90:d5:84:ab:76:ab:ba:6b:
                    a8:ce:a2:cb:eb:ea:12:96:47:af:0d:0b:50:d7:4c:
                    f0:28:cf:94:d3:b7:f9:75:42:7c:a1:88:c5:f0:91:
                    e8:b9:34:c4:6a:cc:99:2d:e7:fa:dd:dc:36:d8:78:
                    db:2b:94:c4:19:3f:46:48:09:26:db:a7:d2:ce:0e:
                    b5:f4:12:da:38:ea:25:21:ab:e5:94:7d:0f:63:7e:
                    52:b4:44:e6:f8:16:ec:fa:8c:96:b1:70:36:9a:91:
                    b8:37:2c:95:c9:95:c6:69:8c:ab:d7:86:7f:6c:2e:
                    24:9f:8e:da:01:19:30:dd:63:ac:6b:e9:5e:c7:08:
                    42:9e:55:fe:6b:01:c3:8d:48:72:ee:14:d4:c0:e5:
                    9d:5f:90:db:36:78:c9:44:99:16:4c:5e:9e:f7:24:
                    de:b1:a8:c2:57:77:6a:19:01:30:79:5a:9c:8c:1a:
                    b9:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:2C:88:67:0E:6C:B8:BF:00:F2:0E:F6:4F:6E:04:BB:19:03:37:C1
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:73:41:4a:ff:ae:2b:8a:3c:74:40:54:41:63:5c:f9:fb:4c:
         c7:24:e2:b2:1b:3d:28:3e:8e:d4:ba:fc:67:22:be:d4:7e:95:
         77:78:2c:43:df:64:f8:37:39:d1:d8:be:c3:18:3e:99:34:26:
         f5:fe:e0:40:38:3f:47:2f:16:c3:e2:95:88:d0:13:83:41:18:
         02:51:ae:4d:4e:7e:b9:a7:9b:f2:4c:4f:ff:ea:76:86:4d:0e:
         39:86:e6:19:48:ba:03:8b:52:d6:ec:19:18:4f:dc:6a:1c:da:
         d0:2c:e9:2d:76:f3:6c:6b:17:1b:b0:5b:69:35:37:cb:26:6e:
         cf:ca:33:d8:8c:e0:e0:c8:4c:1b:89:3b:fc:6d:95:22:99:b3:
         52:bb:0a:42:45:f6:17:01:91:b7:48:03:4c:f3:3a:11:88:b9:
         18:7d:d5:fd:da:22:2f:f0:a9:60:de:83:9b:47:02:29:28:a9:
         8c:05:cb:b9:d0:b8:a2:d2:ee:44:d6:dd:cd:cb:fa:92:bd:1f:
         1e:f3:4b:48:bb:d5:83:e8:67:72:2f:da:57:12:fe:db:ed:c4:
         1d:8f:5a:55:6a:df:1d:e4:a3:81:26:18:29:25:90:40:ee:ce:
         58:8b:ee:c3:10:7b:19:e6:ea:af:11:ea:96:9a:f7:2a:3b:8e:
         f8:17:58:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOH0AKs5gkdHSEs0WfJ7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUwNDIwMjIwMTI3WhcNMjUwNDIxMjIwMTI3WjAzMTEwLwYDVQQD
EygxNDJjODg2NzBlNmNiOGJmMDBmMjBlZjY0ZjZlMDRiYjE5MDMzN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH0ljjhL/yc75V1Hvu/RZ3FvZTQV
v0aWQy8O89hcOD+rTHVa+dEOFiBv7bGx8ePRcmNo/DpCP/+sqJ5KLUrAy9fwqFV9
TOvvSUGd6p2KowvPkNWEq3arumuozqLL6+oSlkevDQtQ10zwKM+U07f5dUJ8oYjF
8JHouTTEasyZLef63dw22HjbK5TEGT9GSAkm26fSzg619BLaOOolIavllH0PY35S
tETm+Bbs+oyWsXA2mpG4NyyVyZXGaYyr14Z/bC4kn47aARkw3WOsa+lexwhCnlX+
awHDjUhy7hTUwOWdX5DbNnjJRJkWTF6e9yTesajCV3dqGQEweVqcjBq5LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQsiGcObLi/APIO9k9uBLsZAzfBMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXNBSv+u
K4o8dEBUQWNc+ftMxyTishs9KD6O1Lr8ZyK+1H6Vd3gsQ99k+Dc50di+wxg+mTQm
9f7gQDg/Ry8Ww+KViNATg0EYAlGuTU5+uaeb8kxP/+p2hk0OOYbmGUi6A4tS1uwZ
GE/cahza0CzpLXbzbGsXG7BbaTU3yyZuz8oz2Izg4MhMG4k7/G2VIpmzUrsKQkX2
FwGRt0gDTPM6EYi5GH3V/doiL/CpYN6Dm0cCKSipjAXLudC4otLuRNbdzcv6kr0f
HvNLSLvVg+hnci/aVxL+2+3EHY9aVWrfHeSjgSYYKSWQQO7OWIvuwxB7GebqrxHq
lpr3KjuO+BdYlg==
-----END CERTIFICATE-----