Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          1KWh19Lh0WBxXHjvZQz/aBYy27sHckmyctCovORCK3Q=
Subject key identifier:   52:00:D3:BE:9D:C9:36:0D:E8:2E:56:D2:60:85:AA:1E:9D:A2:8E:92
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       01965236701BFAA916EF8A7699CEC8B49E0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0BCB
Signing time:             Sun 20 Apr 2025 08:00:21 +0000
Manifest this update:     Sun 20 Apr 2025 08:00:21 +0000
Manifest next update:     Mon 21 Apr 2025 08:00:21 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: Vuqzan0VleICworx2JrJxvDX8x+yF5OjtmFdnbG+088=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:36:70:1b:fa:a9:16:ef:8a:76:99:ce:c8:b4:9e:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Apr 20 08:00:21 2025 GMT
            Not After : Apr 21 08:00:21 2025 GMT
        Subject: CN=5200d3be9dc9360de82e56d26085aa1e9da28e92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:da:6f:3a:55:32:49:a5:48:98:f3:0f:f6:db:
                    dd:1c:e6:35:e8:9a:ef:8d:7e:40:3e:48:3b:48:8d:
                    b8:8a:10:11:ea:5d:93:77:68:f4:4d:5a:b4:eb:83:
                    e2:71:6f:e9:30:d8:d6:09:6f:d2:ba:36:3d:dd:47:
                    dd:c1:2f:08:ab:38:8d:8f:6c:4c:1a:6b:ac:d9:e3:
                    69:ea:3a:f1:24:92:a9:1b:c4:d6:b2:4c:01:2f:1d:
                    6b:d9:51:d0:20:54:7d:83:2b:a2:1d:a6:05:44:e3:
                    72:72:54:6c:65:bb:69:fe:92:0a:3b:32:d8:98:e8:
                    55:dd:ee:3e:4e:80:84:ea:9d:6e:e0:66:60:7e:e1:
                    84:ed:1f:d2:f1:09:82:f1:af:a1:1c:92:a5:23:a7:
                    d7:66:af:10:1d:e3:0d:d2:e8:70:b8:80:40:b8:76:
                    1b:a2:b1:e4:8b:36:ab:b1:6d:94:dd:06:aa:03:10:
                    c5:ec:cb:37:a2:5c:0e:70:31:92:e2:45:9c:e6:a5:
                    d0:35:55:bb:0f:8f:2d:b7:73:ee:7c:26:2b:38:78:
                    c9:41:71:b9:22:bb:e1:5a:72:dd:f4:18:40:a0:52:
                    cd:85:51:71:08:16:1d:91:ed:08:3b:6b:7d:4d:d6:
                    ae:81:90:3d:e1:f0:f6:1f:21:a7:c4:59:2c:0b:12:
                    8a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:00:D3:BE:9D:C9:36:0D:E8:2E:56:D2:60:85:AA:1E:9D:A2:8E:92
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:ed:e5:63:dc:ce:05:03:be:84:32:3c:ec:4c:87:2c:ad:71:
         0b:9e:b9:db:03:ba:7b:97:55:c6:1c:ab:96:ae:b6:9d:62:1e:
         d2:a9:3e:ad:14:cf:24:2d:42:a9:f8:e1:7b:22:33:74:c4:96:
         0b:ad:62:c6:df:17:3f:58:a0:7d:6f:d9:fb:1c:10:5d:b7:1d:
         80:99:08:ed:c0:cf:f5:78:b1:c9:e5:1a:fa:58:f3:2c:25:31:
         be:01:43:1d:85:05:a8:7b:ff:e5:8e:85:6d:a7:61:19:d8:98:
         ee:f6:ff:81:e3:1f:36:17:17:0c:2f:75:f0:0b:43:8a:30:f7:
         3a:2b:06:d1:dd:8f:82:be:45:37:22:7a:06:d0:58:54:39:40:
         62:f9:cb:11:ed:fa:b5:dc:fa:b1:38:2c:7d:42:f7:82:72:64:
         38:d2:4f:56:6d:cf:89:c5:55:6f:96:09:1e:14:62:85:de:cd:
         94:11:13:ed:f7:76:b6:fb:f7:c7:17:7e:3b:7b:2d:d5:68:0f:
         76:25:74:2e:84:c6:a3:ae:4d:b9:af:57:ec:15:6c:72:ab:ca:
         95:f0:db:ca:40:34:c9:95:a5:0e:35:3a:29:fd:25:d1:59:75:
         3b:ce:19:5f:f3:67:90:32:56:b0:48:38:d8:d5:6f:a2:ea:31:
         89:87:c1:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNnAb+qkW74p2mc7ItJ4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwNDIwMDgwMDIxWhcNMjUwNDIxMDgwMDIxWjAzMTEwLwYDVQQD
Eyg1MjAwZDNiZTlkYzkzNjBkZTgyZTU2ZDI2MDg1YWExZTlkYTI4ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9pvOlUySaVImPMP9tvdHOY16Jrv
jX5APkg7SI24ihAR6l2Td2j0TVq064PicW/pMNjWCW/SujY93UfdwS8IqziNj2xM
Gmus2eNp6jrxJJKpG8TWskwBLx1r2VHQIFR9gyuiHaYFRONyclRsZbtp/pIKOzLY
mOhV3e4+ToCE6p1u4GZgfuGE7R/S8QmC8a+hHJKlI6fXZq8QHeMN0uhwuIBAuHYb
orHkizarsW2U3QaqAxDF7Ms3olwOcDGS4kWc5qXQNVW7D48tt3PufCYrOHjJQXG5
IrvhWnLd9BhAoFLNhVFxCBYdke0IO2t9TdaugZA94fD2HyGnxFksCxKKhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIA076dyTYN6C5W0mCFqh6doo6SMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+3lY9zO
BQO+hDI87EyHLK1xC5652wO6e5dVxhyrlq62nWIe0qk+rRTPJC1CqfjheyIzdMSW
C61ixt8XP1igfW/Z+xwQXbcdgJkI7cDP9XixyeUa+ljzLCUxvgFDHYUFqHv/5Y6F
badhGdiY7vb/geMfNhcXDC918AtDijD3OisG0d2Pgr5FNyJ6BtBYVDlAYvnLEe36
tdz6sTgsfUL3gnJkONJPVm3PicVVb5YJHhRihd7NlBET7fd2tvv3xxd+O3st1WgP
diV0LoTGo65Nua9X7BVscqvKlfDbykA0yZWlDjU6Kf0l0Vl1O84ZX/NnkDJWsEg4
2NVvouoxiYfBvw==
-----END CERTIFICATE-----