Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          TTwuMCIHj+jJoCnQCKil9xuVNa73kjBOAJq79uthSVI=
Subject key identifier:   A2:56:62:40:4E:31:66:FB:AC:58:BD:11:04:D3:23:A9:0F:41:A8:E0
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019611A085AE6C76606A340E4C3D0DF6CDEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          13D6
Signing time:             Mon 07 Apr 2025 19:00:54 +0000
Manifest this update:     Mon 07 Apr 2025 19:00:54 +0000
Manifest next update:     Tue 08 Apr 2025 19:00:54 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: qEmmp44bbKE1GjM23mCmWaTq55rabZFj9AUEMalavrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a0:85:ae:6c:76:60:6a:34:0e:4c:3d:0d:f6:cd:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Apr  7 19:00:54 2025 GMT
            Not After : Apr  8 19:00:54 2025 GMT
        Subject: CN=a25662404e3166fbac58bd1104d323a90f41a8e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:33:f9:ae:7f:5e:af:08:4a:8e:09:de:bc:92:
                    e2:95:c0:3a:45:d2:14:d9:7d:2f:89:9c:5f:af:fb:
                    04:19:46:f1:3d:db:74:c3:e5:59:19:f4:45:17:42:
                    97:cc:49:3a:a1:1b:65:99:e7:ca:46:8d:64:00:f3:
                    bf:5f:9f:a5:2c:f3:d8:7d:9f:02:29:99:32:b9:0a:
                    30:d1:bc:2c:9e:5f:93:f4:18:a1:8d:33:8d:2b:a1:
                    c7:e7:e1:e7:1d:59:c9:3e:4a:b2:39:6e:bf:16:6d:
                    27:01:e8:25:e0:f8:ca:27:ae:3c:95:8c:ed:47:60:
                    95:7d:a1:58:10:aa:11:00:88:de:3a:4d:f3:68:12:
                    4a:78:1d:23:8f:a8:81:bc:cf:8f:ff:33:d4:b5:c8:
                    bd:a4:9b:73:16:4f:a5:29:18:3c:31:01:8f:c4:e5:
                    b7:16:44:4c:3b:b8:3e:09:b2:18:af:6a:a5:e9:16:
                    52:2f:75:62:35:9b:53:29:90:85:2d:cf:74:e2:f7:
                    e2:13:53:93:16:59:9b:6e:75:7c:f9:53:8d:e7:53:
                    6e:21:b9:a8:bb:ae:78:76:51:98:a6:4a:63:fa:9f:
                    fe:eb:d3:a2:50:83:23:64:a3:ae:b8:a1:62:37:b9:
                    cd:10:fb:b4:b1:3b:57:57:c5:50:05:3e:bc:22:c1:
                    cf:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:56:62:40:4E:31:66:FB:AC:58:BD:11:04:D3:23:A9:0F:41:A8:E0
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:b9:af:6e:74:0f:10:f9:e1:b1:80:60:b9:c4:1f:8e:f1:40:
         d6:8b:3a:fc:ac:52:74:60:2d:d8:7b:13:de:ea:5c:df:e5:9f:
         6b:26:e9:f2:15:21:82:6d:6a:04:b8:48:d9:c8:46:9a:43:43:
         4b:bd:63:b4:77:8b:01:73:b9:67:c3:75:ac:da:57:0a:8e:f2:
         21:25:99:3e:dc:ac:70:9f:f3:65:ea:43:06:1b:93:e2:58:a6:
         32:f0:8e:88:a6:87:86:57:9c:9c:17:10:93:a9:a4:ab:74:43:
         b7:4b:04:25:f3:c6:56:db:5d:56:67:a2:db:95:2f:80:0d:7d:
         e2:3f:df:cf:f7:b9:59:cb:ea:dd:b4:13:c6:f6:0a:a5:ea:1c:
         9f:6a:98:6d:bd:55:c2:af:0c:5f:b7:a8:7a:b5:fb:f6:ab:53:
         8c:ac:6b:ac:34:0d:d6:16:ab:40:98:7f:2c:86:72:d5:de:df:
         a9:7d:11:bc:69:d0:dc:21:70:d5:95:c8:d7:ee:70:c0:08:fc:
         33:bb:5a:00:cd:7a:10:90:22:b6:cd:25:0b:db:bf:19:7c:a3:
         0b:ed:6e:3b:27:f4:cb:c3:7b:00:84:b9:be:f9:8d:bd:05:ad:
         83:2f:d8:27:72:7a:bc:b4:07:c8:b8:e2:9d:62:45:6b:a1:e7:
         64:65:60:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoIWubHZgajQOTD0N9s3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUwNDA3MTkwMDU0WhcNMjUwNDA4MTkwMDU0WjAzMTEwLwYDVQQD
EyhhMjU2NjI0MDRlMzE2NmZiYWM1OGJkMTEwNGQzMjNhOTBmNDFhOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jP5rn9erwhKjgnevJLilcA6RdIU
2X0viZxfr/sEGUbxPdt0w+VZGfRFF0KXzEk6oRtlmefKRo1kAPO/X5+lLPPYfZ8C
KZkyuQow0bwsnl+T9BihjTONK6HH5+HnHVnJPkqyOW6/Fm0nAegl4PjKJ648lYzt
R2CVfaFYEKoRAIjeOk3zaBJKeB0jj6iBvM+P/zPUtci9pJtzFk+lKRg8MQGPxOW3
FkRMO7g+CbIYr2ql6RZSL3ViNZtTKZCFLc904vfiE1OTFlmbbnV8+VON51NuIbmo
u654dlGYpkpj+p/+69OiUIMjZKOuuKFiN7nNEPu0sTtXV8VQBT68IsHPiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJWYkBOMWb7rFi9EQTTI6kPQajgMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbmvbnQP
EPnhsYBgucQfjvFA1os6/KxSdGAt2HsT3upc3+Wfaybp8hUhgm1qBLhI2chGmkND
S71jtHeLAXO5Z8N1rNpXCo7yISWZPtyscJ/zZepDBhuT4limMvCOiKaHhlecnBcQ
k6mkq3RDt0sEJfPGVttdVmei25UvgA194j/fz/e5Wcvq3bQTxvYKpeocn2qYbb1V
wq8MX7eoerX79qtTjKxrrDQN1harQJh/LIZy1d7fqX0RvGnQ3CFw1ZXI1+5wwAj8
M7taAM16EJAits0lC9u/GXyjC+1uOyf0y8N7AIS5vvmNvQWtgy/YJ3J6vLQHyLji
nWJFa6HnZGVgiw==
-----END CERTIFICATE-----