Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          XToUC8LPsZcEpjZuk5qpdjiRbaQN9tqlUvrSKe/VqOY=
Subject key identifier:   77:A9:35:77:11:61:19:CB:F6:86:0B:E5:F0:D4:51:F1:C9:22:C2:6A
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       01974AE8ADA46D984D17531764DB808A21B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          140A
Signing time:             Sat 07 Jun 2025 15:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:52 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: RQr68tCz7blgeN3jNAPMnD0YHD+wo/ohXuNa6Vnr434=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:ad:a4:6d:98:4d:17:53:17:64:db:80:8a:21:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Jun  7 15:00:52 2025 GMT
            Not After : Jun  8 15:00:52 2025 GMT
        Subject: CN=77a93577116119cbf6860be5f0d451f1c922c26a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d3:93:2c:05:2a:9f:97:24:68:63:82:8a:d2:
                    ef:2b:5c:d8:aa:2b:5a:9f:33:d3:ae:05:f3:fe:9e:
                    41:0a:dd:9f:3b:64:1f:42:fa:aa:43:0b:52:21:79:
                    35:35:d0:8f:78:9c:b9:e8:30:c3:f9:33:55:49:47:
                    3a:e5:75:7c:2f:86:f9:c6:68:70:8e:17:91:9f:0c:
                    d5:ae:a7:59:e1:7a:20:66:32:34:58:bb:d4:63:c5:
                    d9:8e:c9:24:68:3c:f7:c8:a5:c0:4e:4e:ba:ff:a3:
                    ee:d9:03:2e:af:0d:b5:d6:69:6d:83:a5:e1:2f:2d:
                    8b:10:5a:ce:57:cd:6f:1b:fa:6d:bf:85:f1:0f:cb:
                    7d:ce:84:19:a1:a8:c4:27:1c:59:ee:d7:6b:b9:6d:
                    81:93:ec:23:4b:7e:7f:c0:3f:d2:8c:ea:99:be:e3:
                    68:55:da:9f:3f:63:aa:10:7f:e8:e1:54:25:ca:ee:
                    c8:a2:53:d9:da:6e:ca:74:fd:3b:42:11:1b:14:f6:
                    5c:f8:08:fc:cc:0e:8a:8f:4c:db:bc:a7:12:c9:c0:
                    59:e0:b2:3f:8e:05:da:b3:02:0c:8f:e6:23:35:20:
                    78:45:18:28:91:3d:f1:02:14:e1:82:bf:6a:6d:40:
                    0c:37:ce:04:61:06:ed:08:77:39:e1:b7:44:a7:d3:
                    78:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:A9:35:77:11:61:19:CB:F6:86:0B:E5:F0:D4:51:F1:C9:22:C2:6A
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:47:2a:20:70:74:a6:9b:be:19:51:d6:3d:70:2b:54:fd:f7:
         68:98:09:1d:90:4f:5c:9e:23:51:b7:6c:98:f8:f5:db:57:49:
         88:46:78:87:f1:a0:09:22:d1:fc:5b:9c:ec:93:c2:4b:c0:c6:
         70:3e:ae:4c:b1:2d:9b:d4:77:fd:f5:cc:41:3f:ee:8a:0a:fe:
         0b:cf:16:a0:db:02:4c:f8:95:6d:87:d1:d3:38:7b:ec:26:c2:
         99:95:36:5b:ce:93:45:4b:ec:87:a8:89:a8:36:0c:7e:04:80:
         72:e5:d4:57:15:a4:1b:4f:87:77:95:a3:fe:e3:ce:b8:b2:30:
         4a:26:30:9a:8c:21:1d:49:1c:3a:62:d0:be:a4:74:95:2a:1e:
         b0:f9:61:f4:f5:59:f9:b2:d1:55:90:2c:17:95:05:94:0a:76:
         a0:7f:62:2c:2b:96:34:58:fb:4a:36:67:76:93:02:b5:95:b8:
         4d:2f:fb:09:bf:bf:27:02:61:75:83:58:fc:6c:32:16:3f:37:
         b6:e2:73:c3:06:66:cd:c1:d4:04:ad:c0:8e:ee:94:f1:83:df:
         80:73:a8:12:1b:a8:28:e3:26:46:e3:85:25:df:3e:12:fa:fc:
         9a:88:b8:30:54:7d:4f:ba:9b:65:8c:3b:34:03:49:9a:b6:f8:
         5f:7e:de:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6K2kbZhNF1MXZNuAiiG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUwNjA3MTUwMDUyWhcNMjUwNjA4MTUwMDUyWjAzMTEwLwYDVQQD
Eyg3N2E5MzU3NzExNjExOWNiZjY4NjBiZTVmMGQ0NTFmMWM5MjJjMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNOTLAUqn5ckaGOCitLvK1zYqita
nzPTrgXz/p5BCt2fO2QfQvqqQwtSIXk1NdCPeJy56DDD+TNVSUc65XV8L4b5xmhw
jheRnwzVrqdZ4XogZjI0WLvUY8XZjskkaDz3yKXATk66/6Pu2QMurw211mltg6Xh
Ly2LEFrOV81vG/ptv4XxD8t9zoQZoajEJxxZ7tdruW2Bk+wjS35/wD/SjOqZvuNo
VdqfP2OqEH/o4VQlyu7IolPZ2m7KdP07QhEbFPZc+Aj8zA6Kj0zbvKcSycBZ4LI/
jgXaswIMj+YjNSB4RRgokT3xAhThgr9qbUAMN84EYQbtCHc54bdEp9N4KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHepNXcRYRnL9oYL5fDUUfHJIsJqMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeEcqIHB0
ppu+GVHWPXArVP33aJgJHZBPXJ4jUbdsmPj121dJiEZ4h/GgCSLR/Fuc7JPCS8DG
cD6uTLEtm9R3/fXMQT/uigr+C88WoNsCTPiVbYfR0zh77CbCmZU2W86TRUvsh6iJ
qDYMfgSAcuXUVxWkG0+Hd5Wj/uPOuLIwSiYwmowhHUkcOmLQvqR0lSoesPlh9PVZ
+bLRVZAsF5UFlAp2oH9iLCuWNFj7SjZndpMCtZW4TS/7Cb+/JwJhdYNY/GwyFj83
tuJzwwZmzcHUBK3Aju6U8YPfgHOoEhuoKOMmRuOFJd8+Evr8moi4MFR9T7qbZYw7
NANJmrb4X37egw==
-----END CERTIFICATE-----