Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          vCFp2d56kMtBoER5L8kNJJlgjQYgkx5Sif3iNRFSapU=
Subject key identifier:   D3:B1:47:F2:45:2D:81:B1:90:D3:5A:2F:E6:C8:1E:8E:0B:33:B1:59
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       01984A416C1C1A3A396BF101B7DCB01380DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0A0E
Signing time:             Sun 27 Jul 2025 05:00:58 +0000
Manifest this update:     Sun 27 Jul 2025 05:00:58 +0000
Manifest next update:     Mon 28 Jul 2025 05:00:58 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: GgleHrkS6hySBWoVw3V49OHZ8wvo2rxvLsq1MjvIPSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:41:6c:1c:1a:3a:39:6b:f1:01:b7:dc:b0:13:80:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Jul 27 05:00:58 2025 GMT
            Not After : Jul 28 05:00:58 2025 GMT
        Subject: CN=d3b147f2452d81b190d35a2fe6c81e8e0b33b159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e6:28:e8:5e:36:30:36:c7:6d:6b:c3:79:84:
                    9f:6e:10:93:82:ce:1b:ce:ad:0c:dc:18:33:dd:af:
                    5e:d4:c7:e2:c4:da:e1:55:0f:9f:46:fd:53:e9:99:
                    60:e7:82:15:97:5d:91:b7:ca:65:f8:4b:43:50:ee:
                    4e:5b:53:53:48:23:4c:29:33:c3:8c:ee:9c:4d:d1:
                    ac:c6:f8:11:b3:db:68:e9:20:19:25:1b:1c:73:52:
                    1f:fe:46:29:b7:16:01:39:12:07:71:03:b6:4f:75:
                    19:c7:a9:08:88:f8:ac:10:dd:e9:ec:52:72:5e:5a:
                    9c:8b:78:1e:d0:39:9d:8b:f0:2d:89:41:9b:9f:2a:
                    25:45:ec:ad:e7:d8:73:ef:6a:98:47:3f:15:7f:a3:
                    5d:13:2b:aa:78:bf:8b:a3:29:66:1b:1f:ca:e6:b1:
                    bf:53:ae:60:a1:58:63:1e:91:3e:d2:ba:63:b9:32:
                    ca:6e:63:aa:09:56:19:35:33:82:78:05:09:8e:77:
                    c2:dc:6c:ba:96:e2:a4:ae:85:25:3f:cc:2c:f5:11:
                    bb:79:2d:f6:af:aa:3c:05:2d:9e:74:fd:83:d8:2c:
                    d4:68:bd:be:f2:1e:7e:cd:f7:94:6f:25:a9:29:1b:
                    88:b7:0b:d1:88:3d:8c:6f:86:6e:6a:23:28:8f:d4:
                    6b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:B1:47:F2:45:2D:81:B1:90:D3:5A:2F:E6:C8:1E:8E:0B:33:B1:59
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:f3:db:9a:b4:a4:08:3e:dc:b0:6d:8e:5e:2b:c6:6e:38:a4:
         cb:69:8e:f1:8c:05:05:dd:72:25:a1:c5:90:c1:a2:80:e4:82:
         aa:90:c9:f7:29:33:ff:8a:1c:21:21:38:56:94:74:e8:94:c5:
         38:c6:f0:8b:0c:b3:2c:2f:91:89:95:d3:bf:d8:3e:5e:46:e4:
         47:c3:25:01:71:0c:8b:5e:af:de:56:92:ec:07:2a:10:32:e8:
         07:cb:17:cc:0b:c8:6b:47:e1:f9:33:5e:ed:f5:d6:23:b7:b3:
         dd:56:66:47:a9:c6:14:6c:df:cf:75:0d:96:84:27:ea:42:69:
         6a:6a:1e:e8:90:cc:3a:5c:2a:d4:c2:3a:30:01:34:54:e2:53:
         d6:a2:73:88:54:5b:50:0e:4c:cd:c0:db:bd:31:23:d3:c8:47:
         9b:6d:db:7a:65:44:c9:17:3f:87:4a:35:7f:e6:65:30:af:cd:
         6e:35:db:c3:3d:19:fc:18:a5:89:78:d5:e2:b5:5f:e3:7d:06:
         83:70:00:d9:9f:ab:2b:ae:8f:48:9e:44:66:f4:00:7a:f8:bb:
         06:28:7b:ed:91:d7:b0:fd:2b:9b:b4:55:c6:5d:05:3d:d6:3a:
         cb:eb:84:59:1c:bf:34:d4:62:c6:c9:cb:01:cb:63:02:67:d9:
         64:24:28:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQWwcGjo5a/EBt9ywE4DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUwNzI3MDUwMDU4WhcNMjUwNzI4MDUwMDU4WjAzMTEwLwYDVQQD
EyhkM2IxNDdmMjQ1MmQ4MWIxOTBkMzVhMmZlNmM4MWU4ZTBiMzNiMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOYo6F42MDbHbWvDeYSfbhCTgs4b
zq0M3Bgz3a9e1MfixNrhVQ+fRv1T6Zlg54IVl12Rt8pl+EtDUO5OW1NTSCNMKTPD
jO6cTdGsxvgRs9to6SAZJRscc1If/kYptxYBORIHcQO2T3UZx6kIiPisEN3p7FJy
Xlqci3ge0Dmdi/AtiUGbnyolReyt59hz72qYRz8Vf6NdEyuqeL+LoylmGx/K5rG/
U65goVhjHpE+0rpjuTLKbmOqCVYZNTOCeAUJjnfC3Gy6luKkroUlP8ws9RG7eS32
r6o8BS2edP2D2CzUaL2+8h5+zfeUbyWpKRuItwvRiD2Mb4ZuaiMoj9RrFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOxR/JFLYGxkNNaL+bIHo4LM7FZMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/PbmrSk
CD7csG2OXivGbjiky2mO8YwFBd1yJaHFkMGigOSCqpDJ9ykz/4ocISE4VpR06JTF
OMbwiwyzLC+RiZXTv9g+XkbkR8MlAXEMi16v3laS7AcqEDLoB8sXzAvIa0fh+TNe
7fXWI7ez3VZmR6nGFGzfz3UNloQn6kJpamoe6JDMOlwq1MI6MAE0VOJT1qJziFRb
UA5MzcDbvTEj08hHm23bemVEyRc/h0o1f+ZlMK/NbjXbwz0Z/BiliXjV4rVf430G
g3AA2Z+rK66PSJ5EZvQAevi7Bih77ZHXsP0rm7RVxl0FPdY6y+uEWRy/NNRixsnL
ActjAmfZZCQoUw==
-----END CERTIFICATE-----