Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          1fD+8AQ8E47J7MTwPNpVPq9EORu48S+CFd+DiDew8O8=
Subject key identifier:   94:28:33:E6:23:B3:81:0B:2D:7E:C9:F6:62:26:9D:60:10:F7:9F:71
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       01992330E83F5C80739EDEDF82BE273AB5D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          03D7
Signing time:             Sun 07 Sep 2025 08:00:31 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:31 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:31 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: L3EvAPgr8PmODZZRKiohTzLibTu2QjR3kvz/uA5f1X8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:30:e8:3f:5c:80:73:9e:de:df:82:be:27:3a:b5:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Sep  7 08:00:31 2025 GMT
            Not After : Sep  8 08:00:31 2025 GMT
        Subject: CN=942833e623b3810b2d7ec9f662269d6010f79f71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:bb:83:af:24:bc:90:fc:31:a3:d9:9c:d9:92:
                    df:56:61:d5:cf:2d:94:de:d5:f8:2e:6e:b6:e3:1f:
                    16:89:00:58:9f:1f:ce:df:e3:b3:d3:f4:7c:ac:6f:
                    b3:b2:5f:d0:94:fb:19:49:f7:7a:ee:93:e0:9e:46:
                    9d:ba:5c:fc:03:78:4d:6b:9f:1e:a5:98:0c:f4:39:
                    22:44:04:1d:c8:68:1f:fe:2b:06:76:df:08:b2:cf:
                    15:52:5d:77:9e:61:c0:79:d1:28:ec:a1:cf:59:d9:
                    a7:13:f4:8c:71:49:6e:e7:33:dd:eb:67:ab:5b:10:
                    70:2b:0c:d6:6f:a2:bb:42:31:1b:ab:91:38:ee:c4:
                    15:03:d1:3c:25:f7:31:97:cf:8d:1e:79:81:95:61:
                    1c:d4:37:61:1d:ba:08:30:17:6c:b7:88:8b:54:e6:
                    5a:32:21:cb:f1:fb:dd:e9:71:a8:35:59:5b:3f:af:
                    ae:6d:5b:1f:4f:49:01:f1:11:ed:f8:88:16:4d:be:
                    79:9d:91:10:03:53:90:c3:9a:ef:6a:f3:2e:75:08:
                    84:6c:92:ce:be:ad:de:45:a5:79:52:22:0c:77:66:
                    3c:b3:71:df:fa:00:4e:e9:e3:d0:ca:10:e5:d8:08:
                    cb:4b:26:17:9d:0e:70:f2:78:17:35:d2:d0:14:83:
                    de:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:28:33:E6:23:B3:81:0B:2D:7E:C9:F6:62:26:9D:60:10:F7:9F:71
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:00:9a:d7:fe:de:22:67:2d:97:04:42:74:f5:ea:f7:a4:62:
         f9:05:96:cd:e8:ce:da:69:32:78:cb:e1:94:d5:fd:0b:8f:30:
         5f:9d:09:9e:e0:af:4b:7d:a6:02:33:a1:a6:9a:7f:2f:f2:05:
         1d:b9:89:3b:e0:d0:8b:1f:30:e7:40:e8:da:82:25:91:f7:e2:
         cf:88:06:10:5f:7b:b3:f5:e4:08:83:5a:9b:1e:f7:46:30:ea:
         04:d0:c7:80:86:b9:b4:ae:f8:ed:0e:7a:bc:ff:03:50:be:3f:
         ff:42:ca:ec:67:c2:b6:c3:45:d4:26:77:1a:44:06:7e:d3:2a:
         7e:0f:af:b7:b1:2c:c1:db:45:8f:ca:a5:1f:b5:8b:47:29:9c:
         83:5f:11:ae:94:f6:9c:d7:81:16:c4:d6:62:28:93:1a:89:da:
         18:16:a7:de:c4:89:e2:82:8d:33:93:df:ed:42:e5:0f:c9:50:
         a5:a1:16:c3:03:68:8f:d7:62:65:9b:63:37:a9:dd:23:d1:4f:
         64:ee:f8:53:65:32:51:82:d2:cf:5f:ab:a7:9a:55:32:8c:57:
         0b:99:30:67:21:d2:0e:de:e1:29:ac:54:50:ef:d3:91:58:b7:
         b5:e8:d5:19:9d:82:02:05:83:4c:3f:17:0c:d0:1a:ff:a2:86:
         08:7a:b4:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMOg/XIBznt7fgr4nOrXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUwOTA3MDgwMDMxWhcNMjUwOTA4MDgwMDMxWjAzMTEwLwYDVQQD
Eyg5NDI4MzNlNjIzYjM4MTBiMmQ3ZWM5ZjY2MjI2OWQ2MDEwZjc5ZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzruDryS8kPwxo9mc2ZLfVmHVzy2U
3tX4Lm624x8WiQBYnx/O3+Oz0/R8rG+zsl/QlPsZSfd67pPgnkadulz8A3hNa58e
pZgM9DkiRAQdyGgf/isGdt8Iss8VUl13nmHAedEo7KHPWdmnE/SMcUlu5zPd62er
WxBwKwzWb6K7QjEbq5E47sQVA9E8Jfcxl8+NHnmBlWEc1DdhHboIMBdst4iLVOZa
MiHL8fvd6XGoNVlbP6+ubVsfT0kB8RHt+IgWTb55nZEQA1OQw5rvavMudQiEbJLO
vq3eRaV5UiIMd2Y8s3Hf+gBO6ePQyhDl2AjLSyYXnQ5w8ngXNdLQFIPe9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQoM+Yjs4ELLX7J9mImnWAQ959xMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUgCa1/7e
ImctlwRCdPXq96Ri+QWWzejO2mkyeMvhlNX9C48wX50JnuCvS32mAjOhppp/L/IF
HbmJO+DQix8w50Do2oIlkffiz4gGEF97s/XkCINamx73RjDqBNDHgIa5tK747Q56
vP8DUL4//0LK7GfCtsNF1CZ3GkQGftMqfg+vt7EswdtFj8qlH7WLRymcg18RrpT2
nNeBFsTWYiiTGonaGBan3sSJ4oKNM5Pf7ULlD8lQpaEWwwNoj9diZZtjN6ndI9FP
ZO74U2UyUYLSz1+rp5pVMoxXC5kwZyHSDt7hKaxUUO/TkVi3tejVGZ2CAgWDTD8X
DNAa/6KGCHq0jg==
-----END CERTIFICATE-----