Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          lwE9plnXW9wBLXn6qefKhl4/nYoskt5SJqW/C3OdNwU=
Subject key identifier:   4B:9B:D1:F5:35:1A:79:BE:D5:F5:C6:89:C5:11:B5:F5:46:43:C4:70
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019650487E40759747A29492DDBDD37C90AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0305
Signing time:             Sat 19 Apr 2025 23:00:50 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:50 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:50 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: MpM0SS/HuSesOUQKt7AeBu6pWKa97EW5dWAFFSWCX3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:7e:40:75:97:47:a2:94:92:dd:bd:d3:7c:90:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Apr 19 23:00:50 2025 GMT
            Not After : Apr 20 23:00:50 2025 GMT
        Subject: CN=4b9bd1f5351a79bed5f5c689c511b5f54643c470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:33:18:d1:ee:ab:02:72:81:09:f1:9b:15:ec:
                    a1:55:c4:31:8e:b6:eb:aa:68:8d:5a:1c:e7:37:9d:
                    9a:4e:c2:11:7b:a5:55:9e:cd:e2:08:84:11:04:20:
                    0e:97:ea:38:66:a6:57:49:34:28:b6:dd:e3:f3:fc:
                    82:bf:44:2f:40:17:f3:25:4f:60:36:f6:e3:1e:77:
                    61:be:bd:49:6d:1c:d4:3d:44:1b:20:9d:85:ce:ad:
                    15:dd:ae:d9:2b:2a:c6:2c:ab:76:7e:dd:0b:7a:ed:
                    ec:ce:f2:7d:74:23:76:a0:bd:88:60:4e:7a:5b:03:
                    3e:c6:4d:41:98:66:82:e5:50:10:eb:2c:69:9c:87:
                    21:09:b8:21:24:15:fc:9d:d7:ee:e8:ea:98:50:19:
                    d8:db:ea:f6:82:5d:6c:19:ac:08:3f:b3:50:11:9d:
                    26:cc:38:53:03:e2:ef:25:26:e1:9b:d1:41:c2:0d:
                    43:45:7d:99:85:3d:72:11:5a:96:fc:b1:a8:49:f3:
                    54:fe:95:e4:5b:1b:fd:c5:29:bb:6b:8e:eb:80:33:
                    a0:8b:4f:ad:d1:9e:96:4a:76:01:d7:0b:bd:f6:cb:
                    68:fc:c1:34:02:16:ca:3c:b5:d3:c6:cb:9d:22:e8:
                    0d:67:f9:55:85:1a:c7:5e:da:57:fa:bc:9f:43:7e:
                    f5:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9B:D1:F5:35:1A:79:BE:D5:F5:C6:89:C5:11:B5:F5:46:43:C4:70
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:dd:c0:d5:99:0a:c9:3a:cb:8b:63:e9:4d:f1:f5:50:b1:e1:
         9e:e1:08:d9:0f:ae:b9:45:36:db:4c:98:7f:c3:dd:d4:56:6e:
         81:03:26:ee:f8:0d:ea:0f:b6:76:c7:1f:ae:f1:d2:99:0c:1a:
         49:17:b5:78:43:a7:7c:82:cd:4f:2a:2a:78:e3:11:6b:d3:61:
         d4:bc:4c:8b:e2:30:59:a9:f5:af:d6:94:b8:8a:37:fb:98:c1:
         2c:c4:50:4d:e5:d1:b8:13:0c:05:c1:bf:33:43:9a:21:4b:fb:
         f1:94:ec:af:95:2e:91:e3:52:b3:b0:16:a1:e1:62:5d:c8:58:
         65:15:56:ec:e8:04:d0:3b:51:26:1b:d0:97:2d:91:e7:37:fd:
         3f:38:79:10:1f:2d:bc:59:ec:6a:b8:98:00:8d:5d:43:c4:06:
         18:50:52:4f:d7:29:00:6e:d6:88:41:97:a1:b3:fb:e5:9f:47:
         01:0e:25:79:6b:25:b1:13:33:fb:a4:9a:e6:4b:12:ee:11:63:
         78:30:27:40:a9:8a:1d:1b:a3:43:a9:bd:42:e6:0b:2c:a2:cb:
         06:0e:54:b8:c1:72:8c:3b:92:6b:5c:de:b1:a6:6e:20:10:99:
         78:12:45:d7:f2:2b:0a:0f:4d:e6:f0:47:97:1d:52:fb:70:3f:
         37:53:d6:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSH5AdZdHopSS3b3TfJCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwNDE5MjMwMDUwWhcNMjUwNDIwMjMwMDUwWjAzMTEwLwYDVQQD
Eyg0YjliZDFmNTM1MWE3OWJlZDVmNWM2ODljNTExYjVmNTQ2NDNjNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TMY0e6rAnKBCfGbFeyhVcQxjrbr
qmiNWhznN52aTsIRe6VVns3iCIQRBCAOl+o4ZqZXSTQott3j8/yCv0QvQBfzJU9g
NvbjHndhvr1JbRzUPUQbIJ2Fzq0V3a7ZKyrGLKt2ft0Leu3szvJ9dCN2oL2IYE56
WwM+xk1BmGaC5VAQ6yxpnIchCbghJBX8ndfu6OqYUBnY2+r2gl1sGawIP7NQEZ0m
zDhTA+LvJSbhm9FBwg1DRX2ZhT1yEVqW/LGoSfNU/pXkWxv9xSm7a47rgDOgi0+t
0Z6WSnYB1wu99sto/ME0AhbKPLXTxsudIugNZ/lVhRrHXtpX+ryfQ371lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEub0fU1Gnm+1fXGicURtfVGQ8RwMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEt3A1ZkK
yTrLi2PpTfH1ULHhnuEI2Q+uuUU220yYf8Pd1FZugQMm7vgN6g+2dscfrvHSmQwa
SRe1eEOnfILNTyoqeOMRa9Nh1LxMi+IwWan1r9aUuIo3+5jBLMRQTeXRuBMMBcG/
M0OaIUv78ZTsr5UukeNSs7AWoeFiXchYZRVW7OgE0DtRJhvQly2R5zf9Pzh5EB8t
vFnsariYAI1dQ8QGGFBST9cpAG7WiEGXobP75Z9HAQ4leWslsRMz+6Sa5ksS7hFj
eDAnQKmKHRujQ6m9QuYLLKLLBg5UuMFyjDuSa1zesaZuIBCZeBJF1/IrCg9N5vBH
lx1S+3A/N1PWLg==
-----END CERTIFICATE-----