Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          RTI9LimE1J7guy7WzWualJj2wOaUP5xvLxvwDz4rmHs=
Subject key identifier:   12:86:44:28:5B:5E:B0:AA:73:F0:41:18:7B:C6:D3:3F:21:C2:D0:1E
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       0197470BB5234EF5110D7A1371695F0F8569
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 21:00:38 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:38 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:38 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: 3vbbdzVcbfE116b556jKnmTlQ4Z1Zz1qNh692AK38RI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 21:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:b5:23:4e:f5:11:0d:7a:13:71:69:5f:0f:85:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Jun  6 21:00:38 2025 GMT
            Not After : Jun  7 21:00:38 2025 GMT
        Subject: CN=128644285b5eb0aa73f041187bc6d33f21c2d01e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:36:bc:24:52:59:2c:9a:cd:af:a3:c1:50:55:
                    62:67:1d:6a:29:e3:e6:fa:a3:49:a7:d9:81:e8:e2:
                    09:24:7f:fb:c5:f2:9b:bf:0e:b2:92:ee:a6:d3:3b:
                    1e:08:d9:7d:21:b3:c9:6b:7a:2c:b2:79:92:fb:c2:
                    25:4d:13:41:fe:8e:ab:74:8a:6a:0d:10:76:0a:28:
                    2d:a7:19:cf:61:7c:7f:e9:92:bc:95:52:ad:96:b5:
                    99:68:73:e8:d1:62:2c:b3:9f:df:2d:13:86:c5:2a:
                    c0:98:15:b4:4c:ad:a6:b1:68:fa:c2:10:b3:8a:20:
                    54:a3:34:25:e5:35:e9:c8:0a:28:2f:ee:9f:9b:00:
                    f7:08:b9:90:67:54:fd:78:0c:0e:af:07:48:52:82:
                    28:c5:14:2c:21:32:5c:24:7b:60:e0:04:ef:7f:82:
                    ce:d5:69:59:4c:22:0c:12:d5:18:1a:33:93:90:39:
                    b0:f0:9c:d3:30:d7:25:ae:d2:15:8e:7e:1f:80:89:
                    9b:5a:61:f6:9c:c0:1e:7d:df:58:36:94:17:3d:7c:
                    8d:ed:e5:97:75:55:36:a4:81:41:80:df:8b:6c:a8:
                    ef:8b:7e:36:ae:53:3b:9b:da:f7:03:d1:da:ae:be:
                    b5:2e:cf:92:1d:52:0c:1b:64:4f:d5:36:f0:70:59:
                    72:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:86:44:28:5B:5E:B0:AA:73:F0:41:18:7B:C6:D3:3F:21:C2:D0:1E
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:8a:2c:94:70:4d:51:94:7a:fa:c9:bc:04:a8:5e:1d:51:f5:
         b1:3f:18:6f:92:44:0b:25:ae:09:e5:d8:be:41:5e:f9:c1:63:
         1b:7b:76:5e:0f:3f:7e:66:b7:41:15:b8:f9:55:05:b2:62:e1:
         d1:f4:43:a6:96:11:78:c2:7a:7c:3d:77:be:09:1b:35:ee:9d:
         bd:dd:60:fc:c6:02:b8:0b:bb:63:07:bf:e2:93:0e:30:ef:09:
         a1:3e:d8:e5:6b:dc:60:56:c5:14:57:4c:1c:3c:15:47:10:5f:
         7f:4f:53:e7:41:a9:a1:45:a1:cd:47:45:c8:87:21:7f:22:8d:
         02:a7:99:69:ce:dd:6a:cc:b5:21:42:d8:da:0a:86:7a:72:79:
         79:cc:e7:8a:6f:9f:05:31:b8:c5:8f:31:e0:b7:ac:ee:1d:53:
         da:e7:ad:4e:86:89:b4:fe:65:9b:8c:29:ab:2c:de:33:d5:0a:
         fe:e4:34:88:ee:f0:93:5b:63:98:e0:df:6d:05:ab:db:4f:fc:
         2f:12:58:e1:6a:86:bd:90:c2:d0:a8:70:71:50:00:e7:7a:a7:
         74:fd:b6:96:c1:c4:17:35:e8:bd:e5:f8:93:7b:94:06:1c:8a:
         da:c3:de:6e:e3:55:a7:39:00:3b:0b:2f:bf:51:93:75:a3:a6:
         4b:d8:03:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC7UjTvURDXoTcWlfD4VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUwNjA2MjEwMDM4WhcNMjUwNjA3MjEwMDM4WjAzMTEwLwYDVQQD
EygxMjg2NDQyODViNWViMGFhNzNmMDQxMTg3YmM2ZDMzZjIxYzJkMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTa8JFJZLJrNr6PBUFViZx1qKePm
+qNJp9mB6OIJJH/7xfKbvw6yku6m0zseCNl9IbPJa3ossnmS+8IlTRNB/o6rdIpq
DRB2CigtpxnPYXx/6ZK8lVKtlrWZaHPo0WIss5/fLROGxSrAmBW0TK2msWj6whCz
iiBUozQl5TXpyAooL+6fmwD3CLmQZ1T9eAwOrwdIUoIoxRQsITJcJHtg4ATvf4LO
1WlZTCIMEtUYGjOTkDmw8JzTMNclrtIVjn4fgImbWmH2nMAefd9YNpQXPXyN7eWX
dVU2pIFBgN+LbKjvi342rlM7m9r3A9Harr61Ls+SHVIMG2RP1TbwcFlyLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKGRChbXrCqc/BBGHvG0z8hwtAeMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4oslHBN
UZR6+sm8BKheHVH1sT8Yb5JECyWuCeXYvkFe+cFjG3t2Xg8/fma3QRW4+VUFsmLh
0fRDppYReMJ6fD13vgkbNe6dvd1g/MYCuAu7Ywe/4pMOMO8JoT7Y5WvcYFbFFFdM
HDwVRxBff09T50GpoUWhzUdFyIchfyKNAqeZac7dasy1IULY2gqGenJ5ecznim+f
BTG4xY8x4Les7h1T2uetToaJtP5lm4wpqyzeM9UK/uQ0iO7wk1tjmODfbQWr20/8
LxJY4WqGvZDC0KhwcVAA53qndP22lsHEFzXoveX4k3uUBhyK2sPebuNVpzkAOwsv
v1GTdaOmS9gDzQ==
-----END CERTIFICATE-----