Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          dQPo2ziqi+W7sKvf+tF7zVVrV6qAl0o0vUjToqnEeQk=
Subject key identifier:   11:8A:2C:75:E2:8F:E7:8E:A8:91:6B:11:74:84:2F:A3:C5:60:80:B6
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       01964D7E13E9315ECEFF9978B69E916A749A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          14F8
Signing time:             Sat 19 Apr 2025 10:00:30 +0000
Manifest this update:     Sat 19 Apr 2025 10:00:30 +0000
Manifest next update:     Sun 20 Apr 2025 10:00:30 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: lsCbS5vYDltpuihK6FGj1xOfyHdiZ6HIoan1ljd0Qoc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 10:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7e:13:e9:31:5e:ce:ff:99:78:b6:9e:91:6a:74:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Apr 19 10:00:30 2025 GMT
            Not After : Apr 20 10:00:30 2025 GMT
        Subject: CN=118a2c75e28fe78ea8916b1174842fa3c56080b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:bd:21:da:43:8e:18:1d:8c:0c:ad:19:b4:39:
                    a5:cb:a1:f9:fe:95:a9:f8:0a:91:85:37:8f:0b:0d:
                    ca:2e:b4:e9:e1:09:61:3c:bf:a6:56:20:b6:9c:f5:
                    f0:bb:54:9a:03:de:a9:56:a4:00:98:f6:35:e0:c3:
                    d7:61:d6:58:97:fd:4f:f3:ec:64:b7:2d:56:29:37:
                    6d:b2:87:cf:9a:71:35:29:77:2e:fc:b6:8c:70:c1:
                    10:07:30:9e:b9:7a:a4:59:03:f0:69:ca:be:29:35:
                    86:61:18:e1:28:92:57:37:e3:76:a5:c4:0d:3d:07:
                    02:f7:21:9d:04:b2:ff:37:30:b2:ef:8f:b5:68:ec:
                    cc:d0:2d:ae:8a:71:56:ff:b1:69:08:85:1d:bf:a4:
                    9c:d2:55:02:c8:0c:4a:a1:95:f1:30:ab:8f:4e:68:
                    c6:9f:49:19:aa:5e:d9:77:33:d2:c8:50:c9:6d:a7:
                    64:8f:ea:0a:47:20:99:37:6c:8a:33:87:82:e5:f2:
                    b4:a6:27:ef:91:6d:19:92:98:59:8d:85:31:1f:aa:
                    9f:68:66:17:8c:20:66:40:7a:dc:95:50:65:1a:43:
                    66:90:83:a9:cd:9b:24:10:69:e6:00:d3:b2:0e:5e:
                    c6:58:42:26:b7:65:05:a5:f3:fa:43:f1:03:d7:dc:
                    15:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:8A:2C:75:E2:8F:E7:8E:A8:91:6B:11:74:84:2F:A3:C5:60:80:B6
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:d6:47:75:8c:52:39:a9:5c:b9:62:69:4d:d2:09:95:fb:9a:
         d7:c0:4b:80:56:b1:e8:67:41:f2:b1:72:4b:7a:9c:ac:dd:8c:
         0f:bb:c0:d1:94:eb:d9:37:06:34:82:45:ae:0f:9f:fd:77:5d:
         df:5d:61:70:1d:6e:6a:fd:62:3e:45:10:0d:60:e4:e9:c2:b4:
         e1:e2:28:68:f2:d7:3f:62:06:bd:63:d7:0a:40:20:ea:c9:92:
         d6:5b:18:09:46:ea:97:9f:56:cb:12:0f:7c:c9:3a:5a:32:9c:
         7b:93:20:5a:60:d3:71:19:1a:50:8c:7d:8f:bc:1c:85:81:4f:
         5a:35:0f:31:a7:7b:b0:65:b3:4d:40:cc:b3:2a:0a:aa:fe:aa:
         79:a1:d3:d9:cc:04:6a:e9:f1:57:fa:ee:46:73:6c:7e:86:2f:
         ab:60:fa:0a:cb:cb:41:aa:21:f9:b0:ad:da:36:aa:0c:86:aa:
         92:32:63:07:22:a4:83:4d:20:65:96:06:c6:e1:dd:96:dd:07:
         37:e3:36:f3:13:35:59:65:6b:43:63:b3:a8:56:bb:54:e5:07:
         13:eb:0b:7a:6f:8e:c5:97:64:40:5f:2f:11:4e:72:e4:46:d1:
         b2:8e:22:ae:f8:53:88:6c:ad:ab:85:9c:bc:c4:d9:f3:12:92:
         04:91:4d:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfhPpMV7O/5l4tp6RanSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwNDE5MTAwMDMwWhcNMjUwNDIwMTAwMDMwWjAzMTEwLwYDVQQD
EygxMThhMmM3NWUyOGZlNzhlYTg5MTZiMTE3NDg0MmZhM2M1NjA4MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL0h2kOOGB2MDK0ZtDmly6H5/pWp
+AqRhTePCw3KLrTp4QlhPL+mViC2nPXwu1SaA96pVqQAmPY14MPXYdZYl/1P8+xk
ty1WKTdtsofPmnE1KXcu/LaMcMEQBzCeuXqkWQPwacq+KTWGYRjhKJJXN+N2pcQN
PQcC9yGdBLL/NzCy74+1aOzM0C2uinFW/7FpCIUdv6Sc0lUCyAxKoZXxMKuPTmjG
n0kZql7ZdzPSyFDJbadkj+oKRyCZN2yKM4eC5fK0pifvkW0ZkphZjYUxH6qfaGYX
jCBmQHrclVBlGkNmkIOpzZskEGnmANOyDl7GWEImt2UFpfP6Q/ED19wV5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGKLHXij+eOqJFrEXSEL6PFYIC2MB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdZHdYxS
OalcuWJpTdIJlfua18BLgFax6GdB8rFyS3qcrN2MD7vA0ZTr2TcGNIJFrg+f/Xdd
311hcB1uav1iPkUQDWDk6cK04eIoaPLXP2IGvWPXCkAg6smS1lsYCUbql59WyxIP
fMk6WjKce5MgWmDTcRkaUIx9j7wchYFPWjUPMad7sGWzTUDMsyoKqv6qeaHT2cwE
aunxV/ruRnNsfoYvq2D6CsvLQaoh+bCt2jaqDIaqkjJjByKkg00gZZYGxuHdlt0H
N+M28xM1WWVrQ2OzqFa7VOUHE+sLem+OxZdkQF8vEU5y5EbRso4irvhTiGytq4Wc
vMTZ8xKSBJFNjg==
-----END CERTIFICATE-----