Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          8F5j4nOGqxbzeAru4F6kHsu+IR36sByzE+30pfxfIO8=
Subject key identifier:   A8:AF:99:A8:BC:47:4D:0E:E9:77:13:B0:F9:C4:0B:A9:E2:4D:0B:80
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019748FA945091F1BC960482F7E554D4DAE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          05C2
Signing time:             Sat 07 Jun 2025 06:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:10 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: l/8XsOxs4f6KmtJvkEOK/zwReWZorrTBO9+9zhOVLOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:94:50:91:f1:bc:96:04:82:f7:e5:54:d4:da:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Jun  7 06:01:10 2025 GMT
            Not After : Jun  8 06:01:10 2025 GMT
        Subject: CN=a8af99a8bc474d0ee97713b0f9c40ba9e24d0b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ef:ed:09:b8:d7:85:80:86:70:a6:64:70:49:
                    f9:2c:34:26:58:f3:8e:e7:b5:2f:b4:05:d1:56:ed:
                    ec:34:b0:3f:63:c0:79:1e:78:1d:6f:86:8e:77:14:
                    f6:9c:6d:9f:74:80:1b:a2:f0:57:c9:a7:51:a9:af:
                    8d:de:fb:05:64:3d:0c:d5:d8:7d:fc:69:85:0c:b7:
                    56:00:f0:de:d6:34:3f:e6:7e:d5:aa:23:f8:78:f0:
                    a4:5b:b8:54:03:22:1f:ee:48:50:1e:55:b7:42:2a:
                    8c:2c:f5:8f:fc:86:63:5e:e6:84:cb:ee:d4:04:19:
                    e7:a9:4b:e3:86:e5:eb:18:15:9d:40:e1:a3:dd:a8:
                    a7:05:5f:ca:8b:4f:78:6a:67:81:b3:29:2f:81:24:
                    c3:53:46:3e:fc:21:27:96:6c:24:d9:25:c3:8a:c7:
                    ff:4e:bf:c2:71:ca:5b:ff:28:5f:d2:34:34:c4:63:
                    53:c0:13:a7:c3:75:ca:9e:03:55:6a:96:87:21:cd:
                    87:ac:53:16:75:e7:02:87:94:46:4f:93:22:67:95:
                    8c:3a:a9:81:6a:e6:92:00:c9:ea:56:c7:33:de:62:
                    13:c2:d4:4d:34:36:5e:95:7e:d5:4d:d2:9b:51:9d:
                    5e:6c:9e:1c:b1:86:98:6b:02:9f:9e:38:f4:8d:e1:
                    cc:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:AF:99:A8:BC:47:4D:0E:E9:77:13:B0:F9:C4:0B:A9:E2:4D:0B:80
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:24:4f:c7:f2:2a:65:83:03:ab:c5:06:a2:ee:d5:f4:e2:da:
         3a:d7:e7:b8:3b:01:29:f4:7c:1e:fc:02:71:6f:72:b7:d6:48:
         36:37:e9:99:59:a6:b8:60:2e:91:49:a4:6e:f8:da:dd:a5:67:
         ad:84:26:21:4f:88:8d:96:cd:96:12:2e:a6:b5:da:28:ce:e3:
         ea:02:64:7d:54:1d:9c:d1:98:ab:36:ed:18:49:bb:51:66:cb:
         ab:e1:b6:49:b4:88:2e:b1:b0:ed:9a:d5:9c:8e:fa:00:bd:5b:
         ee:df:19:1f:a9:b9:13:d8:36:4b:0d:a9:e8:bf:6e:62:72:dc:
         af:de:07:ff:b8:16:da:39:01:6e:8b:37:6d:cc:35:e9:67:5d:
         73:10:4a:9f:8d:a6:46:eb:e5:3c:58:61:80:d6:3d:e8:b4:ba:
         e9:69:b3:d1:b0:95:64:3f:45:e2:8d:78:7e:d5:2f:02:53:53:
         8d:c7:44:44:29:ba:ec:37:5a:97:62:82:7c:8f:c2:15:0c:5b:
         47:2f:f2:aa:4f:13:96:cf:8a:ce:74:88:20:12:31:91:9a:64:
         18:18:42:86:69:ea:45:8c:c6:37:87:6e:3c:e1:82:5d:4c:d5:
         93:c0:51:81:d4:1b:e3:44:55:51:37:6b:f0:8e:41:53:81:de:
         27:d5:d3:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+pRQkfG8lgSC9+VU1NrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUwNjA3MDYwMTEwWhcNMjUwNjA4MDYwMTEwWjAzMTEwLwYDVQQD
EyhhOGFmOTlhOGJjNDc0ZDBlZTk3NzEzYjBmOWM0MGJhOWUyNGQwYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre/tCbjXhYCGcKZkcEn5LDQmWPOO
57UvtAXRVu3sNLA/Y8B5Hngdb4aOdxT2nG2fdIAbovBXyadRqa+N3vsFZD0M1dh9
/GmFDLdWAPDe1jQ/5n7VqiP4ePCkW7hUAyIf7khQHlW3QiqMLPWP/IZjXuaEy+7U
BBnnqUvjhuXrGBWdQOGj3ainBV/Ki094ameBsykvgSTDU0Y+/CEnlmwk2SXDisf/
Tr/Cccpb/yhf0jQ0xGNTwBOnw3XKngNVapaHIc2HrFMWdecCh5RGT5MiZ5WMOqmB
auaSAMnqVscz3mITwtRNNDZelX7VTdKbUZ1ebJ4csYaYawKfnjj0jeHMywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKivmai8R00O6XcTsPnEC6niTQuAMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaCRPx/Iq
ZYMDq8UGou7V9OLaOtfnuDsBKfR8HvwCcW9yt9ZINjfpmVmmuGAukUmkbvja3aVn
rYQmIU+IjZbNlhIuprXaKM7j6gJkfVQdnNGYqzbtGEm7UWbLq+G2SbSILrGw7ZrV
nI76AL1b7t8ZH6m5E9g2Sw2p6L9uYnLcr94H/7gW2jkBbos3bcw16WddcxBKn42m
RuvlPFhhgNY96LS66Wmz0bCVZD9F4o14ftUvAlNTjcdERCm67Ddal2KCfI/CFQxb
Ry/yqk8Tls+KznSIIBIxkZpkGBhChmnqRYzGN4duPOGCXUzVk8BRgdQb40RVUTdr
8I5BU4HeJ9XTow==
-----END CERTIFICATE-----