Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
File:                     2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft (raw, json)
Hash identifier:          oR08TBh0qasNbXysJV7FX1lCSddY+kFgdoJ6gc/IkgM=
Subject key identifier:   BF:99:76:80:12:B0:10:F8:4E:AD:48:54:50:01:99:1A:61:30:A4:7D
Authority key identifier: D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3
Certificate issuer:       /CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
Certificate serial:       01964F6C3E194C995A204AF60BAE7E330110
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 19:00:15 +0000
Manifest this update:     Sat 19 Apr 2025 19:00:15 +0000
Manifest next update:     Sun 20 Apr 2025 19:00:15 +0000
Files and hashes:         1: 2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl (hash: dabMcs5nJW+owTIukoxyjEmRi/sjCZ2GSFYudnZKIrU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6c:3e:19:4c:99:5a:20:4a:f6:0b:ae:7e:33:01:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
        Validity
            Not Before: Apr 19 19:00:15 2025 GMT
            Not After : Apr 20 19:00:15 2025 GMT
        Subject: CN=bf99768012b010f84ead48545001991a6130a47d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:25:f5:13:54:26:c8:1a:cd:8b:4c:ab:c7:76:
                    1f:4d:c8:75:84:4f:1c:78:66:df:c2:bd:96:55:50:
                    81:20:a8:b0:4b:af:9e:44:4e:7d:06:db:e2:48:85:
                    65:d7:0d:bd:90:b7:ca:17:93:5e:eb:b8:64:0f:ab:
                    dc:61:92:40:d5:e2:f3:e5:eb:bb:72:ef:24:72:3d:
                    f3:7f:17:81:1c:02:f4:a9:da:ef:76:78:f6:59:b7:
                    e9:af:71:a4:98:73:87:d9:94:c6:55:a2:36:9f:88:
                    24:e2:bf:3f:e8:93:f3:d6:b5:7c:1b:cc:1e:6f:87:
                    9a:84:25:f4:cf:93:41:ef:79:dc:61:63:69:67:c4:
                    0b:7b:56:f9:7f:71:dd:ab:c6:82:43:1a:0d:0d:2a:
                    be:cf:c7:5e:24:68:dc:8e:87:32:31:f8:da:c9:e4:
                    7c:6d:91:ea:40:d0:7a:be:37:e9:e2:2f:76:85:e3:
                    dd:2d:59:1c:89:a8:e2:c0:63:9e:00:da:4b:54:10:
                    5e:e7:2a:a8:33:9a:2a:8c:18:34:5e:4d:93:26:c4:
                    fe:25:66:01:34:d7:ab:74:71:8c:2d:cf:3d:f3:7c:
                    7b:f2:32:4d:63:3a:77:42:2f:03:ea:f6:14:5b:43:
                    0d:ed:3b:8a:a1:b3:06:e9:33:e3:94:54:eb:8e:ca:
                    dc:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:99:76:80:12:B0:10:F8:4E:AD:48:54:50:01:99:1A:61:30:A4:7D
            X509v3 Authority Key Identifier:
                keyid:D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:9c:59:54:f8:a1:f6:e3:87:c6:46:bd:40:49:f6:9d:ea:89:
         7c:10:cb:00:36:69:e3:7c:f8:62:22:67:4a:e1:70:e1:3d:4a:
         b8:f9:56:cd:a7:d5:f1:db:75:ad:7d:45:09:ae:11:15:58:70:
         0a:b5:d2:07:9f:70:46:a8:b8:34:ba:8c:c0:cf:d2:5a:14:1b:
         e9:50:cc:cf:65:87:a8:05:bc:4b:37:b1:2b:72:03:e1:2a:da:
         4f:b2:4a:e3:9b:30:20:83:ee:64:d1:fa:ec:ce:f1:8f:b5:04:
         0e:12:d3:7d:f7:b3:12:74:fa:ea:a1:dd:d8:7c:0f:66:f5:e9:
         05:ab:9c:57:d1:32:b4:64:c9:24:88:f7:2b:a6:a9:c5:5a:2b:
         b4:37:3e:34:e6:ad:43:54:57:e1:7f:95:d1:00:56:e2:d9:6d:
         e4:6f:2d:74:da:7e:f1:b9:8e:bb:e7:11:8d:44:cb:3e:9a:6f:
         ea:1f:d3:02:88:dd:06:50:92:75:a4:a9:8d:d7:e8:3e:99:55:
         0b:65:7d:e8:e0:ff:6a:f4:48:87:cf:17:db:f7:79:89:00:cf:
         d7:f1:ed:d3:43:2e:77:63:04:49:1b:46:30:7d:4f:11:7f:1a:
         c0:12:f5:65:75:e2:35:58:da:6b:33:65:47:66:b3:55:e3:f0:
         4d:39:5e:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbD4ZTJlaIEr2C65+MwEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDcyYjAzM2ZmNmZhMzhiZjIzNjEzOWFjZGI3N2E3YTBh
MDQ3YTMwHhcNMjUwNDE5MTkwMDE1WhcNMjUwNDIwMTkwMDE1WjAzMTEwLwYDVQQD
EyhiZjk5NzY4MDEyYjAxMGY4NGVhZDQ4NTQ1MDAxOTkxYTYxMzBhNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSX1E1QmyBrNi0yrx3YfTch1hE8c
eGbfwr2WVVCBIKiwS6+eRE59BtviSIVl1w29kLfKF5Ne67hkD6vcYZJA1eLz5eu7
cu8kcj3zfxeBHAL0qdrvdnj2Wbfpr3GkmHOH2ZTGVaI2n4gk4r8/6JPz1rV8G8we
b4eahCX0z5NB73ncYWNpZ8QLe1b5f3Hdq8aCQxoNDSq+z8deJGjcjocyMfjayeR8
bZHqQNB6vjfp4i92hePdLVkciajiwGOeANpLVBBe5yqoM5oqjBg0Xk2TJsT+JWYB
NNerdHGMLc8983x78jJNYzp3Qi8D6vYUW0MN7TuKobMG6TPjlFTrjsrcmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+ZdoASsBD4Tq1IVFABmRphMKR9MB8GA1UdIwQY
MBaAFNnXKwM/9vo4vyNhOazbd6egoEejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYt
ZjgyMWE1YTVjZjZhLzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYtZjgyMWE1YTVjZjZh
LzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS5xZVPih
9uOHxka9QEn2neqJfBDLADZp43z4YiJnSuFw4T1KuPlWzafV8dt1rX1FCa4RFVhw
CrXSB59wRqi4NLqMwM/SWhQb6VDMz2WHqAW8SzexK3ID4SraT7JK45swIIPuZNH6
7M7xj7UEDhLTffezEnT66qHd2HwPZvXpBaucV9EytGTJJIj3K6apxVortDc+NOat
Q1RX4X+V0QBW4tlt5G8tdNp+8bmOu+cRjUTLPppv6h/TAojdBlCSdaSpjdfoPplV
C2V96OD/avRIh88X2/d5iQDP1/Ht00Mud2MESRtGMH1PEX8awBL1ZXXiNVjaazNl
R2azVePwTTlekw==
-----END CERTIFICATE-----