Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          0h+roaKsOUHWjaPNm9I5mXAJH6JNo0VlaT5zBA5aM/M=
Subject key identifier:   E6:F5:53:E0:B3:BB:4F:10:68:45:D0:6A:25:D5:76:6A:B9:8C:7B:E3
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       01974C69609ED73D1A77E25036E049662482
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0E83
Signing time:             Sat 07 Jun 2025 22:01:03 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:03 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:03 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: saFHOndWG1uaPhaR9nkLQzSH1Q2xi8uRqv/XfFnwjWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:60:9e:d7:3d:1a:77:e2:50:36:e0:49:66:24:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Jun  7 22:01:03 2025 GMT
            Not After : Jun  8 22:01:03 2025 GMT
        Subject: CN=e6f553e0b3bb4f106845d06a25d5766ab98c7be3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6a:be:5e:6f:39:74:45:ed:97:92:f7:48:ff:
                    e6:6a:cb:f5:c4:b1:b3:5d:e7:92:78:fc:ad:a0:5d:
                    8c:5c:82:51:a5:77:3d:fb:d6:7a:e5:6a:65:9d:7b:
                    1c:36:10:a1:c7:39:10:c1:a4:89:22:b0:39:3e:7c:
                    82:8b:62:ce:b0:8c:39:93:ad:2a:50:f5:96:0d:1c:
                    80:e1:1b:cc:43:82:74:ca:9f:4e:06:02:d2:ae:3e:
                    10:f4:06:39:1c:1f:ae:50:8f:ea:bc:fb:50:e4:ca:
                    ab:94:b5:19:62:81:4f:bf:18:91:0d:b3:d9:ea:30:
                    da:ff:1d:93:49:d7:b7:85:4e:68:b5:97:06:8d:0c:
                    c5:81:2b:be:c8:e2:a0:a6:70:16:3d:8f:6b:6a:0f:
                    e3:77:34:1f:21:e1:4b:cc:c2:20:b8:0f:4a:75:c3:
                    43:f1:d0:8f:9f:da:44:ba:b3:40:3a:77:2e:26:47:
                    2e:bd:00:05:5e:46:44:46:da:48:70:91:47:b4:f4:
                    0f:d7:6c:2b:82:d0:a6:57:54:19:40:bb:15:2d:03:
                    8e:49:ae:59:18:a2:df:d3:51:a7:81:a7:d8:28:2c:
                    14:be:fb:25:00:6f:71:25:1f:6c:00:df:51:30:23:
                    23:cd:1d:12:36:4e:d2:f7:57:7c:e5:e8:3c:34:78:
                    db:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:F5:53:E0:B3:BB:4F:10:68:45:D0:6A:25:D5:76:6A:B9:8C:7B:E3
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:1e:3c:f5:71:fc:a4:48:11:23:f2:68:50:d5:36:6b:a9:e0:
         29:d5:70:61:e2:04:26:73:82:53:97:05:0b:dc:29:1c:f1:c3:
         89:4d:75:51:db:2d:e0:22:2a:85:cf:4b:1f:e4:cb:8a:a6:a5:
         37:f7:b9:da:1f:93:43:01:d5:e0:61:89:c4:de:18:4c:cc:7f:
         3a:10:7f:da:03:ab:4b:2d:45:e8:0b:ef:fe:5c:b1:fb:08:9b:
         96:84:79:b3:4b:af:0f:d7:cc:2e:51:1d:97:38:61:97:93:65:
         8d:4b:7b:d2:d3:d3:57:65:db:90:2a:d6:27:97:ef:7a:e3:6f:
         de:9f:e8:70:a4:57:e2:9c:a9:ea:1a:51:d1:28:97:e1:d4:25:
         5b:96:ed:2d:73:f4:30:43:f6:ce:8f:7a:30:93:d6:0e:5e:f8:
         4e:16:bc:a4:71:5d:db:ed:49:c5:b8:6d:35:9d:63:2a:bc:50:
         66:1e:89:d9:88:80:05:6b:fc:79:12:de:77:55:9e:ea:6e:ef:
         82:23:c5:d9:c8:01:2b:b1:f8:48:70:e9:d9:31:83:14:5a:e2:
         f9:4f:f9:24:b5:ee:f3:d3:82:86:e3:0c:64:95:14:4f:95:d0:
         26:1f:d4:b9:0d:7d:f9:c0:46:d9:03:b3:ab:8b:b1:5b:df:c0:
         5f:4a:fd:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaWCe1z0ad+JQNuBJZiSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUwNjA3MjIwMTAzWhcNMjUwNjA4MjIwMTAzWjAzMTEwLwYDVQQD
EyhlNmY1NTNlMGIzYmI0ZjEwNjg0NWQwNmEyNWQ1NzY2YWI5OGM3YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWq+Xm85dEXtl5L3SP/masv1xLGz
XeeSePytoF2MXIJRpXc9+9Z65WplnXscNhChxzkQwaSJIrA5PnyCi2LOsIw5k60q
UPWWDRyA4RvMQ4J0yp9OBgLSrj4Q9AY5HB+uUI/qvPtQ5MqrlLUZYoFPvxiRDbPZ
6jDa/x2TSde3hU5otZcGjQzFgSu+yOKgpnAWPY9rag/jdzQfIeFLzMIguA9KdcND
8dCPn9pEurNAOncuJkcuvQAFXkZERtpIcJFHtPQP12wrgtCmV1QZQLsVLQOOSa5Z
GKLf01GngafYKCwUvvslAG9xJR9sAN9RMCMjzR0SNk7S91d85eg8NHjbtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOb1U+Czu08QaEXQaiXVdmq5jHvjMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsx489XH8
pEgRI/JoUNU2a6ngKdVwYeIEJnOCU5cFC9wpHPHDiU11Udst4CIqhc9LH+TLiqal
N/e52h+TQwHV4GGJxN4YTMx/OhB/2gOrSy1F6Avv/lyx+wibloR5s0uvD9fMLlEd
lzhhl5NljUt70tPTV2XbkCrWJ5fveuNv3p/ocKRX4pyp6hpR0SiX4dQlW5btLXP0
MEP2zo96MJPWDl74Tha8pHFd2+1JxbhtNZ1jKrxQZh6J2YiABWv8eRLed1We6m7v
giPF2cgBK7H4SHDp2TGDFFri+U/5JLXu89OChuMMZJUUT5XQJh/UuQ19+cBG2QOz
q4uxW9/AX0r9xA==
-----END CERTIFICATE-----