Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          XcZrujql0IVoy3hHMXmd0hp2QjfVqebcEJhVLRFMEQ8=
Subject key identifier:   EA:32:DB:7B:58:1F:FA:23:30:E7:85:6B:DC:5D:0E:AF:71:B7:2F:99
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       01984776F7CBED1D8716E9BF77029518DFA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          0684
Signing time:             Sat 26 Jul 2025 16:00:35 +0000
Manifest this update:     Sat 26 Jul 2025 16:00:35 +0000
Manifest next update:     Sun 27 Jul 2025 16:00:35 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: j3N46e8vmGAKab2OL4zKcAmdAa3VUOYp1LGb9b6akks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 16:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:76:f7:cb:ed:1d:87:16:e9:bf:77:02:95:18:df:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Jul 26 16:00:35 2025 GMT
            Not After : Jul 27 16:00:35 2025 GMT
        Subject: CN=ea32db7b581ffa2330e7856bdc5d0eaf71b72f99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5d:27:5c:b1:26:96:7d:31:21:be:60:b7:21:
                    a0:a3:81:96:84:86:b3:9e:d5:5c:5d:e8:6d:47:d9:
                    46:a1:90:e9:65:5a:76:aa:8c:18:fe:48:d9:a0:3e:
                    21:f1:77:0f:57:74:67:45:50:17:5e:de:2a:e7:eb:
                    1d:12:07:a8:09:d6:8f:c7:7b:4c:70:f2:4f:de:e7:
                    d0:23:91:e8:64:30:e6:e4:0d:fb:3a:7a:3f:be:40:
                    77:ab:10:8c:77:1f:fc:88:69:1e:9f:2d:94:f5:98:
                    73:9f:8c:dc:87:e0:cd:05:c4:1c:98:6a:32:2d:a6:
                    f6:65:c3:1f:73:00:61:40:e7:60:89:05:3d:22:7f:
                    15:76:f2:5e:61:d4:f1:5f:d8:dd:c9:4a:d7:a5:ab:
                    6e:f4:08:f5:82:26:72:6b:4b:9f:55:fa:6e:e0:d2:
                    1e:c1:20:18:64:b4:19:f9:55:ca:ba:ab:97:6c:a6:
                    c6:d9:ab:e0:09:6b:1f:9b:6c:07:9e:4e:4d:b5:8f:
                    31:7d:07:76:d7:59:cb:d6:fb:ab:9b:3d:7d:fc:4f:
                    5b:bc:e7:9e:76:af:c0:b2:ee:60:5e:05:c6:0b:a3:
                    3e:f7:0c:40:67:9b:da:f3:68:c0:71:32:40:5f:1f:
                    f4:57:d7:92:9c:90:bd:7d:6f:f9:15:12:e8:bd:b0:
                    73:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:32:DB:7B:58:1F:FA:23:30:E7:85:6B:DC:5D:0E:AF:71:B7:2F:99
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:84:78:0c:3a:ad:15:50:c5:af:5d:84:3f:ab:7f:d6:f7:12:
         dd:74:79:5d:93:76:f1:e9:42:a1:0e:c1:b4:6c:f3:ea:f6:83:
         30:60:57:e7:4a:73:31:6d:11:10:5b:d2:b3:4e:3e:3c:1b:82:
         29:25:03:ae:9a:4c:e5:cd:c0:e7:1f:1c:d2:13:a0:6b:f1:8f:
         87:ef:9c:0e:83:97:e8:4b:af:b1:dd:c1:27:7e:ef:45:f6:d6:
         f8:7d:f9:e4:a8:2e:10:0f:d6:3a:03:8f:c5:35:70:41:3d:a5:
         f0:50:92:d4:25:32:b9:41:8a:22:ff:00:2f:4b:1c:75:d3:15:
         8c:3a:30:da:30:a9:cd:b7:49:88:31:81:39:a0:97:c0:b6:81:
         52:83:d5:66:bb:99:eb:6b:f9:b7:bb:93:85:7a:84:98:b8:7f:
         e6:09:1e:37:84:df:9d:1e:bd:cb:12:05:4c:3b:03:91:85:4b:
         3e:23:a5:f0:85:b9:d9:39:e5:70:7a:65:81:f1:63:79:cb:e9:
         d4:ee:6c:0e:13:27:de:db:1f:46:5c:3a:d0:fc:47:44:08:6c:
         fc:c6:1d:6c:fe:b9:42:34:71:34:5f:67:c5:c5:a6:27:a9:42:
         b8:84:1d:88:86:9f:e5:ad:f3:70:07:12:0d:59:31:34:10:0b:
         4b:98:d2:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHdvfL7R2HFum/dwKVGN+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUwNzI2MTYwMDM1WhcNMjUwNzI3MTYwMDM1WjAzMTEwLwYDVQQD
EyhlYTMyZGI3YjU4MWZmYTIzMzBlNzg1NmJkYzVkMGVhZjcxYjcyZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF0nXLEmln0xIb5gtyGgo4GWhIaz
ntVcXehtR9lGoZDpZVp2qowY/kjZoD4h8XcPV3RnRVAXXt4q5+sdEgeoCdaPx3tM
cPJP3ufQI5HoZDDm5A37Ono/vkB3qxCMdx/8iGkeny2U9Zhzn4zch+DNBcQcmGoy
Lab2ZcMfcwBhQOdgiQU9In8VdvJeYdTxX9jdyUrXpatu9Aj1giZya0ufVfpu4NIe
wSAYZLQZ+VXKuquXbKbG2avgCWsfm2wHnk5NtY8xfQd211nL1vurmz19/E9bvOee
dq/Asu5gXgXGC6M+9wxAZ5va82jAcTJAXx/0V9eSnJC9fW/5FRLovbBzNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoy23tYH/ojMOeFa9xdDq9xty+ZMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGIR4DDqt
FVDFr12EP6t/1vcS3XR5XZN28elCoQ7BtGzz6vaDMGBX50pzMW0REFvSs04+PBuC
KSUDrppM5c3A5x8c0hOga/GPh++cDoOX6Euvsd3BJ37vRfbW+H355KguEA/WOgOP
xTVwQT2l8FCS1CUyuUGKIv8AL0scddMVjDow2jCpzbdJiDGBOaCXwLaBUoPVZruZ
62v5t7uThXqEmLh/5gkeN4TfnR69yxIFTDsDkYVLPiOl8IW52TnlcHplgfFjecvp
1O5sDhMn3tsfRlw60PxHRAhs/MYdbP65QjRxNF9nxcWmJ6lCuIQdiIaf5a3zcAcS
DVkxNBALS5jSvw==
-----END CERTIFICATE-----