Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          3CQYz+5WGXHIcA5enHuNHpteNgpp3kIJDdGmt6wVA2E=
Subject key identifier:   BE:98:CB:5D:EB:38:49:9B:68:DE:0A:30:A5:F3:FC:EC:CF:D5:E6:73
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       01974A0CC6960F9766B206CA55DCE0E74E5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          0203
Signing time:             Sat 07 Jun 2025 11:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 11:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 11:00:40 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: dW/V2+yhOMNnvZPorCETXSFsPHZeh+VR8LrrckOFz3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:0c:c6:96:0f:97:66:b2:06:ca:55:dc:e0:e7:4e:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Jun  7 11:00:40 2025 GMT
            Not After : Jun  8 11:00:40 2025 GMT
        Subject: CN=be98cb5deb38499b68de0a30a5f3fceccfd5e673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:0e:9c:be:30:f7:8f:25:d0:34:a7:90:10:56:
                    25:c0:06:d3:82:67:af:0e:d9:bd:a4:5b:11:8f:c3:
                    75:44:b3:f8:2c:05:a5:3a:c2:3d:9b:85:73:e3:a3:
                    ee:2f:16:b3:1c:c4:93:26:99:f6:02:39:52:da:96:
                    4d:41:78:40:2e:0a:b7:d3:6e:3f:b6:e3:9a:d7:52:
                    bb:80:70:39:98:19:df:59:bf:10:d4:24:aa:58:c1:
                    c5:ee:81:0f:fc:e8:a7:84:58:7b:ad:44:9d:91:51:
                    a5:ce:47:fd:13:c0:ca:6b:14:ec:25:6e:9a:cb:7a:
                    8a:97:e2:20:de:6b:84:37:23:2a:d6:ea:30:04:3e:
                    7d:64:39:fe:fe:42:f1:49:47:92:41:0d:f7:1a:67:
                    ec:f0:68:6f:37:bf:6b:3f:9b:69:22:45:0a:35:7e:
                    c9:c7:28:84:e2:e8:11:d1:fc:2b:d7:c1:d2:08:1e:
                    3a:68:7b:ac:34:e4:19:fb:ce:24:fb:cb:80:8f:e6:
                    36:c2:b1:74:c5:19:e9:82:ea:37:16:a3:49:18:3d:
                    d6:83:20:bc:52:5e:e5:73:9a:4d:46:cd:ed:34:de:
                    ef:a5:a3:12:f9:dd:9e:1c:1f:b6:3c:eb:c1:64:1b:
                    12:95:b9:10:19:b2:47:69:1f:d4:ff:e5:8d:d5:97:
                    4f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:98:CB:5D:EB:38:49:9B:68:DE:0A:30:A5:F3:FC:EC:CF:D5:E6:73
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:27:fb:22:10:97:c5:41:dd:ec:05:1b:a2:82:f9:d5:f8:d3:
         41:b2:ac:5a:d6:ff:f6:c6:8f:97:7c:5d:57:36:e9:95:4a:04:
         91:4e:72:c7:4e:fb:85:3f:f6:71:77:89:71:43:53:55:d0:56:
         80:5e:ea:38:2b:be:b0:30:2d:23:48:94:0f:a2:43:2a:c5:2b:
         e8:55:dd:b3:04:f0:91:c2:6b:7f:6b:2e:5d:76:64:e4:57:db:
         16:95:94:ec:eb:98:a8:f2:c7:34:35:0e:d6:24:5b:07:81:b9:
         ed:89:7e:a5:aa:d9:25:dc:3b:31:d9:9c:bb:71:38:d3:43:db:
         03:77:27:ca:e6:32:d2:7e:e9:7f:40:4d:63:b8:3e:fa:d5:50:
         18:55:90:3a:0e:cb:74:e4:29:ac:a2:0b:9d:7d:af:5c:a9:2d:
         35:23:75:28:24:79:b3:49:e4:fe:fd:23:db:75:4a:2d:fe:72:
         6e:f7:6a:c9:03:cc:f9:8d:d0:2a:e3:4e:17:13:b4:92:c3:48:
         d9:45:f2:7a:5d:40:89:62:85:cd:0d:df:1e:3a:f4:96:ee:10:
         e1:d8:8d:f7:a1:45:03:7d:e0:86:dd:e6:83:bb:b5:88:35:62:
         61:66:1b:95:3a:da:90:1b:48:47:4c:16:7a:69:7b:69:8f:3a:
         bc:8e:62:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKDMaWD5dmsgbKVdzg505fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwNjA3MTEwMDQwWhcNMjUwNjA4MTEwMDQwWjAzMTEwLwYDVQQD
EyhiZTk4Y2I1ZGViMzg0OTliNjhkZTBhMzBhNWYzZmNlY2NmZDVlNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow6cvjD3jyXQNKeQEFYlwAbTgmev
Dtm9pFsRj8N1RLP4LAWlOsI9m4Vz46PuLxazHMSTJpn2AjlS2pZNQXhALgq3024/
tuOa11K7gHA5mBnfWb8Q1CSqWMHF7oEP/OinhFh7rUSdkVGlzkf9E8DKaxTsJW6a
y3qKl+Ig3muENyMq1uowBD59ZDn+/kLxSUeSQQ33Gmfs8GhvN79rP5tpIkUKNX7J
xyiE4ugR0fwr18HSCB46aHusNOQZ+84k+8uAj+Y2wrF0xRnpguo3FqNJGD3WgyC8
Ul7lc5pNRs3tNN7vpaMS+d2eHB+2POvBZBsSlbkQGbJHaR/U/+WN1ZdPYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6Yy13rOEmbaN4KMKXz/OzP1eZzMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISf7IhCX
xUHd7AUbooL51fjTQbKsWtb/9saPl3xdVzbplUoEkU5yx077hT/2cXeJcUNTVdBW
gF7qOCu+sDAtI0iUD6JDKsUr6FXdswTwkcJrf2suXXZk5FfbFpWU7OuYqPLHNDUO
1iRbB4G57Yl+parZJdw7Mdmcu3E400PbA3cnyuYy0n7pf0BNY7g++tVQGFWQOg7L
dOQprKILnX2vXKktNSN1KCR5s0nk/v0j23VKLf5ybvdqyQPM+Y3QKuNOFxO0ksNI
2UXyel1AiWKFzQ3fHjr0lu4Q4diN96FFA33ght3mg7u1iDViYWYblTrakBtIR0wW
eml7aY86vI5izw==
-----END CERTIFICATE-----