Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
File:                     rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json)
Hash identifier:          pJJD2R5SgYFe7v266xUO6nPwwAR048gGfRAKGD2J1uo=
Subject key identifier:   8C:F9:14:00:91:EE:8E:F9:8B:AB:64:FB:EF:54:4A:36:F1:9D:06:1B
Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5
Certificate issuer:       /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
Certificate serial:       01984AAEE680C51F596453B220F6F2B5FF73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
Manifest number:          12D2
Signing time:             Sun 27 Jul 2025 07:00:32 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:32 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:32 +0000
Files and hashes:         1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: r/0AxZsbXq3JBaEqoa3rRahYdrTCpCqseOeiIiUwiIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:e6:80:c5:1f:59:64:53:b2:20:f6:f2:b5:ff:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
        Validity
            Not Before: Jul 27 07:00:32 2025 GMT
            Not After : Jul 28 07:00:32 2025 GMT
        Subject: CN=8cf9140091ee8ef98bab64fbef544a36f19d061b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e3:47:74:66:13:9a:be:21:5b:90:6c:8d:a1:
                    6d:f3:db:1d:35:01:1c:36:2f:8a:f4:d5:f6:fb:a9:
                    c7:c5:59:8b:49:31:21:40:37:b3:74:48:cc:4b:d8:
                    50:7d:5b:f3:49:0a:e6:87:62:d3:6d:73:0d:09:14:
                    92:53:cd:13:09:60:02:a6:e8:a8:7b:81:97:86:de:
                    ef:c5:1b:f5:55:8b:5c:65:85:48:04:04:90:bd:75:
                    e6:fa:5c:e5:09:b2:1f:13:7d:57:a2:f5:94:9f:7b:
                    d2:d2:ed:5a:1b:f9:b0:6f:61:8c:ba:d6:3c:60:65:
                    c9:cf:2b:f7:41:08:ee:dd:fc:56:24:de:28:22:86:
                    d1:ae:30:79:59:6f:c0:ba:a9:8b:bc:73:4f:83:cd:
                    98:15:d1:f6:8d:67:01:56:43:2e:98:20:db:36:45:
                    9c:11:88:e7:eb:03:4d:1c:e2:7f:6f:f4:cc:a7:d9:
                    31:4b:66:d8:b4:e7:30:e1:2a:00:fb:34:84:8d:c8:
                    ee:3a:09:04:a4:d8:e2:ee:67:42:52:41:df:80:1d:
                    25:90:e4:50:30:d6:85:2c:da:96:a6:20:1d:bf:9d:
                    6f:90:ec:93:be:82:b3:9c:27:7c:7a:5d:b0:d6:42:
                    97:be:9f:28:ef:51:59:d6:b6:9b:cf:58:36:57:88:
                    cc:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F9:14:00:91:EE:8E:F9:8B:AB:64:FB:EF:54:4A:36:F1:9D:06:1B
            X509v3 Authority Key Identifier:
                keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:33:03:98:61:2a:f8:8d:48:ac:82:18:f1:df:01:ba:22:d7:
         98:97:2d:85:ff:a4:b4:e5:61:ee:24:89:81:ac:a3:b9:a3:7a:
         bf:f7:bf:2f:b2:26:22:4a:1a:64:7e:ec:0f:fb:74:80:d9:1e:
         1a:3d:9b:d9:2f:95:bb:fa:68:2c:50:7b:f8:dc:4c:4a:86:86:
         c5:6e:7f:e9:a5:12:b5:67:6d:4e:1b:c3:e8:03:cf:b1:1b:b9:
         a8:c5:61:7b:32:c7:39:4c:05:66:ae:6c:63:5d:01:a5:c7:a6:
         de:19:c0:00:95:0d:91:c7:85:e5:b9:ce:75:4c:c7:53:a8:1f:
         40:44:08:76:d4:1b:3a:16:c8:be:c8:2c:e2:a3:76:d5:5b:0e:
         2a:2d:39:c2:46:54:3d:7b:8c:96:d3:bd:4f:2c:09:7d:5f:10:
         2c:35:67:ef:e3:ff:00:6c:ef:d6:b4:a1:b7:30:b4:46:88:83:
         84:c5:1b:b5:b8:74:c4:a6:a6:86:24:01:8f:55:48:01:35:f1:
         a2:57:f2:41:0f:d1:d1:c6:65:af:18:3d:e5:cb:4e:62:55:a8:
         fe:98:6a:6a:71:87:6d:66:f4:95:61:6a:15:fe:fc:27:41:99:
         33:3d:45:60:21:b2:63:80:f7:ca:48:1a:2b:91:c0:3c:99:c7:
         00:91:22:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKruaAxR9ZZFOyIPbytf9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl
NzhhZjUwHhcNMjUwNzI3MDcwMDMyWhcNMjUwNzI4MDcwMDMyWjAzMTEwLwYDVQQD
Eyg4Y2Y5MTQwMDkxZWU4ZWY5OGJhYjY0ZmJlZjU0NGEzNmYxOWQwNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uNHdGYTmr4hW5BsjaFt89sdNQEc
Ni+K9NX2+6nHxVmLSTEhQDezdEjMS9hQfVvzSQrmh2LTbXMNCRSSU80TCWACpuio
e4GXht7vxRv1VYtcZYVIBASQvXXm+lzlCbIfE31XovWUn3vS0u1aG/mwb2GMutY8
YGXJzyv3QQju3fxWJN4oIobRrjB5WW/AuqmLvHNPg82YFdH2jWcBVkMumCDbNkWc
EYjn6wNNHOJ/b/TMp9kxS2bYtOcw4SoA+zSEjcjuOgkEpNji7mdCUkHfgB0lkORQ
MNaFLNqWpiAdv51vkOyTvoKznCd8el2w1kKXvp8o71FZ1rabz1g2V4jMfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIz5FACR7o75i6tk++9USjbxnQYbMB8GA1UdIwQY
MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt
ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1
LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDMDmGEq
+I1IrIIY8d8BuiLXmJcthf+ktOVh7iSJgayjuaN6v/e/L7ImIkoaZH7sD/t0gNke
Gj2b2S+Vu/poLFB7+NxMSoaGxW5/6aUStWdtThvD6APPsRu5qMVhezLHOUwFZq5s
Y10Bpcem3hnAAJUNkceF5bnOdUzHU6gfQEQIdtQbOhbIvsgs4qN21VsOKi05wkZU
PXuMltO9TywJfV8QLDVn7+P/AGzv1rShtzC0RoiDhMUbtbh0xKamhiQBj1VIATXx
olfyQQ/R0cZlrxg95ctOYlWo/phqanGHbWb0lWFqFf78J0GZMz1FYCGyY4D3ykga
K5HAPJnHAJEioA==
-----END CERTIFICATE-----