Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          cdyyKZlwQxSKMcI3Vj/rjtHUKHrEQhdjRqfSN+h14Pc=
Subject key identifier:   4E:30:92:98:A9:53:6D:F3:43:95:2C:7D:BC:EF:47:74:05:C4:8A:0C
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0197C9F0BD7ECFF5A632B9DD6B1BFF59AA83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          09CD
Signing time:             Wed 02 Jul 2025 07:01:26 +0000
Manifest this update:     Wed 02 Jul 2025 07:01:26 +0000
Manifest next update:     Thu 03 Jul 2025 07:01:26 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: eJiKOLJTqX2+P2ue6R3QVZKJcNCCoMdrykfqD/K1hls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:bd:7e:cf:f5:a6:32:b9:dd:6b:1b:ff:59:aa:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Jul  2 07:01:26 2025 GMT
            Not After : Jul  3 07:01:26 2025 GMT
        Subject: CN=4e309298a9536df343952c7dbcef477405c48a0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ab:4d:ca:7a:b3:f6:4b:64:79:1d:c9:25:49:
                    07:6d:50:cc:a7:cd:94:cf:f4:35:01:be:d9:fa:6a:
                    1d:96:e8:e3:9e:1d:09:e4:40:a9:fb:6a:83:07:69:
                    da:82:d6:44:2b:6c:ee:ac:33:d5:6a:80:3e:01:5c:
                    15:6e:76:a7:88:92:c5:15:11:a9:46:3d:be:64:db:
                    34:09:ce:3b:32:f6:71:e7:51:14:c1:f3:4f:5a:ad:
                    0a:98:e3:15:85:19:1c:70:f2:a5:de:0b:b1:cd:52:
                    52:a8:11:33:9e:2b:63:bc:04:42:53:4f:ed:0c:1a:
                    34:f7:93:63:9c:d9:ad:39:68:5f:41:b7:ac:44:e6:
                    49:41:d0:3b:4f:88:a9:b8:e4:5d:88:77:0d:0c:99:
                    2d:f6:c0:b8:dc:7d:b9:19:68:4a:e8:6b:62:10:7d:
                    98:ee:7f:f0:21:6b:e1:f7:dd:cc:2a:25:66:94:c4:
                    11:53:02:fb:0b:92:d1:d0:21:72:67:82:9e:1e:fe:
                    31:02:20:db:86:a3:f3:10:11:df:f2:ed:dd:36:2b:
                    ee:ae:92:64:e9:40:fb:fe:7e:f0:d5:53:ab:d1:15:
                    3d:95:05:56:51:86:6e:f2:68:19:73:ba:7f:19:6b:
                    38:c8:01:c8:6d:2b:62:f7:16:86:a8:f4:d3:21:ae:
                    74:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:30:92:98:A9:53:6D:F3:43:95:2C:7D:BC:EF:47:74:05:C4:8A:0C
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:78:ba:cb:49:06:00:dd:10:05:01:ec:15:de:94:d5:9a:a5:
         91:11:49:16:e4:07:57:97:6a:39:d8:95:11:88:62:38:b4:b9:
         84:64:44:80:5e:7c:bd:5d:5e:c4:ce:b9:6f:64:a4:10:21:31:
         f7:ce:ff:69:f6:56:6a:68:75:de:c0:05:9e:04:37:e1:19:b7:
         f2:6e:57:3e:b4:48:e9:87:9a:9b:db:73:82:5e:92:98:a6:fe:
         5a:cc:04:78:c7:cf:c1:82:cb:c0:f3:e8:22:1d:5a:cf:50:91:
         4d:9a:c4:ea:49:d0:21:62:6c:a9:4c:95:cf:f7:86:01:37:87:
         11:56:94:c8:40:92:87:3b:25:d2:f7:a5:11:27:8c:a7:d5:2b:
         cc:8a:e9:22:56:28:9f:6c:18:a3:2a:02:38:9a:9b:4c:cf:f5:
         9c:24:12:0e:0d:e1:f3:dc:20:99:8f:e6:c0:62:86:d8:fe:e3:
         19:2a:ff:f2:0a:7d:ef:ee:c7:ac:14:f5:08:22:09:ca:9d:2f:
         56:61:73:ab:ee:49:b1:20:1b:8c:18:ab:45:5f:cc:96:c7:24:
         a7:87:89:b1:6a:b1:b3:57:8f:1f:57:a7:93:ed:af:14:22:78:
         67:00:b5:fc:83:f4:72:0b:2b:e9:cc:08:35:cb:68:87:96:55:
         aa:3a:09:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8L1+z/WmMrndaxv/WaqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwNzAyMDcwMTI2WhcNMjUwNzAzMDcwMTI2WjAzMTEwLwYDVQQD
Eyg0ZTMwOTI5OGE5NTM2ZGYzNDM5NTJjN2RiY2VmNDc3NDA1YzQ4YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6tNynqz9ktkeR3JJUkHbVDMp82U
z/Q1Ab7Z+modlujjnh0J5ECp+2qDB2nagtZEK2zurDPVaoA+AVwVbnaniJLFFRGp
Rj2+ZNs0Cc47MvZx51EUwfNPWq0KmOMVhRkccPKl3guxzVJSqBEznitjvARCU0/t
DBo095NjnNmtOWhfQbesROZJQdA7T4ipuORdiHcNDJkt9sC43H25GWhK6GtiEH2Y
7n/wIWvh993MKiVmlMQRUwL7C5LR0CFyZ4KeHv4xAiDbhqPzEBHf8u3dNivurpJk
6UD7/n7w1VOr0RU9lQVWUYZu8mgZc7p/GWs4yAHIbSti9xaGqPTTIa50jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4wkpipU23zQ5UsfbzvR3QFxIoMMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALni6y0kG
AN0QBQHsFd6U1ZqlkRFJFuQHV5dqOdiVEYhiOLS5hGREgF58vV1exM65b2SkECEx
987/afZWamh13sAFngQ34Rm38m5XPrRI6Yeam9tzgl6SmKb+WswEeMfPwYLLwPPo
Ih1az1CRTZrE6knQIWJsqUyVz/eGATeHEVaUyECShzsl0velESeMp9UrzIrpIlYo
n2wYoyoCOJqbTM/1nCQSDg3h89wgmY/mwGKG2P7jGSr/8gp97+7HrBT1CCIJyp0v
VmFzq+5JsSAbjBirRV/Mlsckp4eJsWqxs1ePH1enk+2vFCJ4ZwC1/IP0cgsr6cwI
Nctoh5ZVqjoJyw==
-----END CERTIFICATE-----