Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
File:                     MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft (raw, json)
Hash identifier:          ped4qPJq1LAMuZYTwzAdm1C0Lo7Tyn9e5rKcxs52SRw=
Subject key identifier:   BD:F4:17:82:03:E1:B8:61:B0:C3:AE:11:F7:70:CD:D1:B9:AA:0F:6D
Authority key identifier: 31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F
Certificate issuer:       /CN=313da19357cbc67da7d55fa35aab3695bc04d04f
Certificate serial:       019655376238F8813AB7C48EB1E00601C1B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
Manifest number:          086D
Signing time:             Sun 20 Apr 2025 22:00:15 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:15 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:15 +0000
Files and hashes:         1: MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl (hash: erUFgACYn/8HO30O+DjDFIxi3r32JPMHAFLwizfLysY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:62:38:f8:81:3a:b7:c4:8e:b1:e0:06:01:c1:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313da19357cbc67da7d55fa35aab3695bc04d04f
        Validity
            Not Before: Apr 20 22:00:15 2025 GMT
            Not After : Apr 21 22:00:15 2025 GMT
        Subject: CN=bdf4178203e1b861b0c3ae11f770cdd1b9aa0f6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:24:f9:17:7f:6b:11:05:6a:fd:e6:33:5a:e5:
                    39:08:84:b8:69:e6:93:83:e1:3f:44:ef:6a:09:05:
                    f0:e5:d0:21:b9:2b:b3:d6:02:3a:ca:80:49:ab:ee:
                    c4:3e:d4:d7:a7:7d:9b:be:d2:06:b5:be:f4:c8:24:
                    63:01:18:d4:bb:95:5b:3d:d7:b4:54:cc:0f:ff:1c:
                    96:4b:0e:4d:36:a2:d8:02:7d:ea:43:77:d7:0a:f4:
                    fd:cf:60:95:d2:ef:9b:bc:69:bd:0a:b1:99:bc:1c:
                    13:79:61:1f:b1:34:b9:59:40:5b:f3:57:8a:52:3c:
                    de:42:c0:7f:07:0d:7e:78:e3:13:14:b7:48:03:c9:
                    49:12:c6:62:0c:71:c7:f9:46:86:4f:ff:b6:74:c3:
                    fc:69:ba:ba:9b:e7:85:08:8a:1f:15:73:3f:b7:e8:
                    7a:06:6e:20:c7:14:87:7e:4e:48:f4:e8:cd:43:8e:
                    fb:c5:e3:83:4f:76:4a:d2:0f:d1:21:7f:a6:02:83:
                    f5:9d:57:f4:b6:5a:44:a3:eb:39:51:08:4a:aa:57:
                    e0:c6:4e:1a:d7:82:fc:1d:f0:8c:0d:65:f3:9a:7f:
                    94:69:99:37:30:49:1a:d2:f3:fc:59:c2:aa:9b:93:
                    03:5e:e3:10:6f:47:a1:e2:06:c9:4e:b4:50:b6:24:
                    52:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:F4:17:82:03:E1:B8:61:B0:C3:AE:11:F7:70:CD:D1:B9:AA:0F:6D
            X509v3 Authority Key Identifier:
                keyid:31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:d6:09:f4:91:0f:96:6d:ed:20:5d:cf:ee:4a:0c:be:85:77:
         82:e5:90:4b:16:15:57:d4:43:f2:cc:4a:42:6a:f4:6f:fa:93:
         81:2b:10:22:8c:90:4c:fd:27:58:bd:ec:47:16:ed:4b:81:88:
         8d:c5:8f:b1:f5:25:2b:2b:7f:28:da:40:bc:ae:d2:d2:43:ec:
         55:18:e1:de:1a:25:a3:cb:a6:ba:a5:c7:69:ed:fa:37:32:41:
         96:a1:ca:99:fd:49:b7:eb:6a:dd:05:7c:2a:e3:5a:a7:49:78:
         92:02:91:02:f1:50:0e:3c:66:fb:69:79:bb:f8:2a:a9:5d:7c:
         2e:30:bb:ba:86:7f:b9:de:75:d0:7b:22:bc:83:fa:c2:33:62:
         73:d2:34:f2:78:16:95:bc:1f:f9:0d:83:bc:74:38:c0:51:e8:
         d0:16:64:62:6f:68:27:4f:52:db:88:84:29:74:a0:05:f8:c6:
         89:ca:f3:11:39:f0:5a:8f:c6:43:7c:df:ed:2b:9c:9f:df:19:
         40:21:b3:24:cb:2c:36:a0:f6:58:cd:52:a4:60:66:bb:4a:d5:
         80:3c:af:2a:02:5f:ba:c2:0a:7c:a2:8e:23:bb:04:ef:b3:4f:
         7b:96:d2:2c:93:13:33:fb:5d:a7:8c:84:55:bd:41:c7:77:e7:
         25:69:7a:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN2I4+IE6t8SOseAGAcG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RhMTkzNTdjYmM2N2RhN2Q1NWZhMzVhYWIzNjk1YmMw
NGQwNGYwHhcNMjUwNDIwMjIwMDE1WhcNMjUwNDIxMjIwMDE1WjAzMTEwLwYDVQQD
EyhiZGY0MTc4MjAzZTFiODYxYjBjM2FlMTFmNzcwY2RkMWI5YWEwZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtST5F39rEQVq/eYzWuU5CIS4aeaT
g+E/RO9qCQXw5dAhuSuz1gI6yoBJq+7EPtTXp32bvtIGtb70yCRjARjUu5VbPde0
VMwP/xyWSw5NNqLYAn3qQ3fXCvT9z2CV0u+bvGm9CrGZvBwTeWEfsTS5WUBb81eK
UjzeQsB/Bw1+eOMTFLdIA8lJEsZiDHHH+UaGT/+2dMP8abq6m+eFCIofFXM/t+h6
Bm4gxxSHfk5I9OjNQ477xeODT3ZK0g/RIX+mAoP1nVf0tlpEo+s5UQhKqlfgxk4a
14L8HfCMDWXzmn+UaZk3MEka0vP8WcKqm5MDXuMQb0eh4gbJTrRQtiRSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL30F4ID4bhhsMOuEfdwzdG5qg9tMB8GA1UdIwQY
MBaAFDE9oZNXy8Z9p9Vfo1qrNpW8BNBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEt
ZjBiYmJlYmJkNmE5LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEtZjBiYmJlYmJkNmE5
LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAttYJ9JEP
lm3tIF3P7koMvoV3guWQSxYVV9RD8sxKQmr0b/qTgSsQIoyQTP0nWL3sRxbtS4GI
jcWPsfUlKyt/KNpAvK7S0kPsVRjh3holo8umuqXHae36NzJBlqHKmf1Jt+tq3QV8
KuNap0l4kgKRAvFQDjxm+2l5u/gqqV18LjC7uoZ/ud510HsivIP6wjNic9I08ngW
lbwf+Q2DvHQ4wFHo0BZkYm9oJ09S24iEKXSgBfjGicrzETnwWo/GQ3zf7Sucn98Z
QCGzJMssNqD2WM1SpGBmu0rVgDyvKgJfusIKfKKOI7sE77NPe5bSLJMTM/tdp4yE
Vb1Bx3fnJWl6cQ==
-----END CERTIFICATE-----