Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          XONY7ePpF6a87PwJ8CnjD1ePs5KqceFCHjmPvC5QTXE=
Subject key identifier:   85:CA:3F:D9:72:E1:98:61:E4:EB:72:5A:F1:21:43:5C:B8:CD:53:C1
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       019646A0A71D38A178F47AE2E2B2A39D58A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          0CC0
Signing time:             Fri 18 Apr 2025 02:00:55 +0000
Manifest this update:     Fri 18 Apr 2025 02:00:55 +0000
Manifest next update:     Sat 19 Apr 2025 02:00:55 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: jYQ38u7gpkQXg/JgpGAD2HhO85ajnOUVMeAkKaAL0X8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:a0:a7:1d:38:a1:78:f4:7a:e2:e2:b2:a3:9d:58:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Apr 18 02:00:55 2025 GMT
            Not After : Apr 19 02:00:55 2025 GMT
        Subject: CN=85ca3fd972e19861e4eb725af121435cb8cd53c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:22:63:71:c4:9c:c6:ad:50:cd:e3:8f:98:16:
                    06:4b:b9:25:78:c3:da:3b:08:78:4c:14:27:e9:93:
                    1a:c7:91:a9:3d:a1:c8:24:e7:7f:2b:93:1b:7b:66:
                    88:d6:1c:17:0c:4e:5d:71:81:d4:0e:87:08:1c:64:
                    17:2c:5c:69:43:09:5c:58:d8:bb:2d:41:af:b5:59:
                    6e:45:62:e5:f2:71:aa:ed:83:64:4e:45:5f:06:8a:
                    52:d1:e5:f8:db:44:5d:5f:e5:23:eb:05:92:51:4b:
                    b8:cc:74:44:75:f5:d3:7e:21:33:b4:43:d4:b0:c8:
                    f1:b3:a2:d5:61:df:45:68:f3:66:bf:5a:1c:c8:1a:
                    bc:5a:e0:c6:d6:83:55:18:fa:43:19:69:75:f2:08:
                    da:1e:cc:fe:85:2d:e3:49:06:14:78:ca:2a:f1:df:
                    91:28:f9:a2:33:c8:d3:29:50:6d:6c:35:47:cf:9f:
                    0c:8d:3c:72:ff:a8:2d:36:a9:92:a2:95:81:65:39:
                    09:d7:ff:56:26:c3:6d:31:e9:97:f1:bf:c6:36:45:
                    14:0e:cd:87:ab:50:a7:f7:88:ac:a8:81:91:c3:d0:
                    a3:06:17:04:4f:15:ac:f7:d2:f2:58:9c:e9:ae:70:
                    01:13:bc:9e:00:3d:c6:18:bc:5c:14:0b:16:6b:f7:
                    3c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:CA:3F:D9:72:E1:98:61:E4:EB:72:5A:F1:21:43:5C:B8:CD:53:C1
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:84:a9:cf:9e:be:e5:1e:ec:df:fa:ec:99:e3:66:5d:bb:8c:
         c8:64:53:a1:53:ef:85:86:67:6d:32:69:58:39:7e:9e:ea:2c:
         1d:fb:f8:ab:e3:2e:d9:98:35:3f:60:98:3b:bb:4b:51:72:4c:
         ab:51:2b:75:18:7c:f2:0b:80:ce:af:a5:14:7f:39:c2:16:09:
         f5:1c:56:f9:ef:d9:2a:34:2b:50:b7:57:ae:da:95:b0:d8:df:
         2e:c3:41:d4:16:02:d4:71:69:f0:b7:81:12:ce:94:29:a1:64:
         33:f1:df:77:62:75:5d:65:cd:b7:96:63:21:fc:08:50:19:1e:
         bc:11:30:86:c3:0c:a3:dc:3e:2d:ea:16:14:4a:db:75:35:e9:
         ab:8a:0e:a1:77:6e:50:da:6b:24:ca:10:d5:08:1a:90:71:81:
         d4:e2:7e:b1:21:5e:c1:ca:96:b7:5f:65:9f:01:fe:74:99:c5:
         64:f0:19:73:43:21:58:d2:03:ba:08:aa:87:39:c1:12:71:32:
         5a:99:f0:8d:bd:1b:88:ab:8d:29:2d:ce:40:eb:48:3d:e3:ca:
         4e:50:a4:b2:07:b7:af:ce:0c:3a:a6:03:07:c9:f3:c8:4f:47:
         7e:a6:1d:67:17:4d:1c:49:75:e8:1a:eb:08:ea:a2:fd:62:3d:
         7e:47:79:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGoKcdOKF49Hri4rKjnVipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjUwNDE4MDIwMDU1WhcNMjUwNDE5MDIwMDU1WjAzMTEwLwYDVQQD
Eyg4NWNhM2ZkOTcyZTE5ODYxZTRlYjcyNWFmMTIxNDM1Y2I4Y2Q1M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCJjccScxq1QzeOPmBYGS7kleMPa
Owh4TBQn6ZMax5GpPaHIJOd/K5Mbe2aI1hwXDE5dcYHUDocIHGQXLFxpQwlcWNi7
LUGvtVluRWLl8nGq7YNkTkVfBopS0eX420RdX+Uj6wWSUUu4zHREdfXTfiEztEPU
sMjxs6LVYd9FaPNmv1ocyBq8WuDG1oNVGPpDGWl18gjaHsz+hS3jSQYUeMoq8d+R
KPmiM8jTKVBtbDVHz58MjTxy/6gtNqmSopWBZTkJ1/9WJsNtMemX8b/GNkUUDs2H
q1Cn94isqIGRw9CjBhcETxWs99LyWJzprnABE7yeAD3GGLxcFAsWa/c8bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXKP9ly4Zhh5OtyWvEhQ1y4zVPBMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoSpz56+
5R7s3/rsmeNmXbuMyGRToVPvhYZnbTJpWDl+nuosHfv4q+Mu2Zg1P2CYO7tLUXJM
q1ErdRh88guAzq+lFH85whYJ9RxW+e/ZKjQrULdXrtqVsNjfLsNB1BYC1HFp8LeB
Es6UKaFkM/Hfd2J1XWXNt5ZjIfwIUBkevBEwhsMMo9w+LeoWFErbdTXpq4oOoXdu
UNprJMoQ1QgakHGB1OJ+sSFewcqWt19lnwH+dJnFZPAZc0MhWNIDugiqhznBEnEy
Wpnwjb0biKuNKS3OQOtIPePKTlCksge3r84MOqYDB8nzyE9HfqYdZxdNHEl16Brr
COqi/WI9fkd5bQ==
-----END CERTIFICATE-----