Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
File:                     r2sB3cUdknQsPMSisx3H_Bg75X8.mft (raw, json)
Hash identifier:          tj2upY6hKkshGCVBGXxws9+4M/VZLZON1xKCJKgZYjs=
Subject key identifier:   4D:1C:92:71:F8:11:3E:15:B0:0E:66:52:8C:30:18:01:72:04:4B:DB
Authority key identifier: AF:6B:01:DD:C5:1D:92:74:2C:3C:C4:A2:B3:1D:C7:FC:18:3B:E5:7F
Certificate issuer:       /CN=af6b01ddc51d92742c3cc4a2b31dc7fc183be57f
Certificate serial:       0198526856B6CD414343B35CFE01C2FF1E24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
Manifest number:          0B5B
Signing time:             Mon 28 Jul 2025 19:00:26 +0000
Manifest this update:     Mon 28 Jul 2025 19:00:26 +0000
Manifest next update:     Tue 29 Jul 2025 19:00:26 +0000
Files and hashes:         1: r2sB3cUdknQsPMSisx3H_Bg75X8.crl (hash: JNMfB5XxNmqyLKJaYDPw6F9oEZyRFjMxRD5480fr4oo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 19:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:52:68:56:b6:cd:41:43:43:b3:5c:fe:01:c2:ff:1e:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af6b01ddc51d92742c3cc4a2b31dc7fc183be57f
        Validity
            Not Before: Jul 28 19:00:26 2025 GMT
            Not After : Jul 29 19:00:26 2025 GMT
        Subject: CN=4d1c9271f8113e15b00e66528c30180172044bdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:d6:99:94:66:47:15:28:cd:27:5e:13:4f:a9:
                    e3:ad:17:5d:c3:1d:13:6e:85:45:f0:7b:f4:7e:5d:
                    2a:06:69:e2:6e:68:38:5d:ca:f3:d1:04:4f:29:13:
                    6e:01:b6:f4:bc:e6:ae:38:85:50:22:90:07:24:fb:
                    f0:76:1f:23:b2:7c:8a:39:30:4b:56:30:9d:74:be:
                    8e:4c:fe:fa:cc:63:a2:db:2f:89:e0:5e:3c:22:e6:
                    38:96:8b:fc:b4:74:bb:b8:4e:bb:40:03:11:5c:e5:
                    2b:a4:ab:3b:10:12:e1:6c:5b:bf:9c:6d:52:24:f5:
                    95:13:62:10:19:99:c7:3f:78:ad:60:0d:2c:c8:3a:
                    b6:cd:f5:08:85:7a:f1:9a:50:f0:70:f8:6b:a7:9a:
                    e1:dc:c4:bd:49:0d:f1:c0:ce:a2:50:a1:49:54:17:
                    bf:8f:45:b1:a1:59:43:45:00:dd:ed:c7:5f:98:82:
                    19:9d:4c:22:62:69:bc:d2:27:d7:7b:23:98:d0:73:
                    cb:67:e8:e7:ff:c7:79:c1:64:f8:7f:1c:07:8d:d7:
                    76:ab:db:8c:7d:09:58:11:71:84:aa:ab:ab:95:98:
                    3f:94:52:ca:3e:ee:b2:b6:3f:8c:d4:b0:b8:15:12:
                    55:1a:60:53:e7:73:23:39:7c:7c:1c:74:43:3c:40:
                    2a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:1C:92:71:F8:11:3E:15:B0:0E:66:52:8C:30:18:01:72:04:4B:DB
            X509v3 Authority Key Identifier:
                keyid:AF:6B:01:DD:C5:1D:92:74:2C:3C:C4:A2:B3:1D:C7:FC:18:3B:E5:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2sB3cUdknQsPMSisx3H_Bg75X8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/37a002-2071-44ec-bf50-29ca16576ede/1/r2sB3cUdknQsPMSisx3H_Bg75X8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:b2:95:fe:f3:fc:cf:0b:5a:a1:dc:e1:5b:a5:8a:f2:23:96:
         c7:4e:6c:b7:cc:03:f9:7b:67:d5:99:27:9a:e6:f0:a8:b2:99:
         7a:da:e2:18:1d:87:64:ff:b6:30:37:8c:f3:b0:8f:f9:70:c7:
         37:51:45:4c:bc:fd:b2:3d:d4:04:8d:6a:48:0b:2d:8f:b4:5f:
         6a:51:95:f0:46:9f:99:b5:b7:31:9c:06:74:54:cd:95:53:fc:
         b9:88:0f:28:02:31:59:6e:11:b9:d8:50:d6:a2:c1:b7:1a:ac:
         9b:f2:eb:15:bd:1d:2d:1e:07:0d:70:71:5c:a1:3b:48:bc:cb:
         08:e8:ad:bf:07:86:a1:f8:2c:96:6a:07:ce:ab:ee:20:16:37:
         65:02:63:18:57:7d:d7:8f:94:45:f3:14:a2:a5:f8:cc:57:f8:
         2d:21:dc:39:b2:fd:69:5c:cf:e9:03:36:32:28:e5:71:0a:97:
         e2:f1:41:92:f4:c7:b7:c1:19:2c:23:f5:b4:e6:45:96:fb:52:
         17:93:e2:e1:28:a5:b8:9c:59:03:97:8a:27:67:16:15:04:83:
         7b:4d:8a:ec:18:0f:ed:2a:3f:fc:4d:31:7b:cc:b3:84:25:c9:
         e1:9f:94:e0:fd:c2:aa:a6:6f:59:3f:1c:25:02:04:58:59:d1:
         75:9b:71:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhSaFa2zUFDQ7Nc/gHC/x4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmIwMWRkYzUxZDkyNzQyYzNjYzRhMmIzMWRjN2ZjMTgz
YmU1N2YwHhcNMjUwNzI4MTkwMDI2WhcNMjUwNzI5MTkwMDI2WjAzMTEwLwYDVQQD
Eyg0ZDFjOTI3MWY4MTEzZTE1YjAwZTY2NTI4YzMwMTgwMTcyMDQ0YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NaZlGZHFSjNJ14TT6njrRddwx0T
boVF8Hv0fl0qBmnibmg4Xcrz0QRPKRNuAbb0vOauOIVQIpAHJPvwdh8jsnyKOTBL
VjCddL6OTP76zGOi2y+J4F48IuY4lov8tHS7uE67QAMRXOUrpKs7EBLhbFu/nG1S
JPWVE2IQGZnHP3itYA0syDq2zfUIhXrxmlDwcPhrp5rh3MS9SQ3xwM6iUKFJVBe/
j0WxoVlDRQDd7cdfmIIZnUwiYmm80ifXeyOY0HPLZ+jn/8d5wWT4fxwHjdd2q9uM
fQlYEXGEqqurlZg/lFLKPu6ytj+M1LC4FRJVGmBT53MjOXx8HHRDPEAqFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0cknH4ET4VsA5mUowwGAFyBEvbMB8GA1UdIwQY
MBaAFK9rAd3FHZJ0LDzEorMdx/wYO+V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8zN2EwMDItMjA3MS00NGVjLWJmNTAt
MjljYTE2NTc2ZWRlLzEvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8zN2EwMDItMjA3MS00NGVjLWJmNTAtMjljYTE2NTc2ZWRl
LzEvcjJzQjNjVWRrblFzUE1TaXN4M0hfQmc3NVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVLKV/vP8
zwtaodzhW6WK8iOWx05st8wD+Xtn1ZknmubwqLKZetriGB2HZP+2MDeM87CP+XDH
N1FFTLz9sj3UBI1qSAstj7RfalGV8EafmbW3MZwGdFTNlVP8uYgPKAIxWW4RudhQ
1qLBtxqsm/LrFb0dLR4HDXBxXKE7SLzLCOitvweGofgslmoHzqvuIBY3ZQJjGFd9
14+URfMUoqX4zFf4LSHcObL9aVzP6QM2MijlcQqX4vFBkvTHt8EZLCP1tOZFlvtS
F5Pi4SiluJxZA5eKJ2cWFQSDe02K7BgP7So//E0xe8yzhCXJ4Z+U4P3CqqZvWT8c
JQIEWFnRdZtxpQ==
-----END CERTIFICATE-----