Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          AouskU4m0DrZ8KC9e/eybvwkc8QjRQKJEs4jVDogHAM=
Subject key identifier:   2C:BE:F1:88:B4:5A:DC:41:63:47:B4:73:52:78:30:29:81:2F:EF:AE
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019921B0E7CA416FDFCF4D1522C4D551D395
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0702
Signing time:             Sun 07 Sep 2025 01:01:05 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:05 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:05 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: UH91Mw/qXlEMpDXKK5hiHRHG0Gzgr8PGtH7HNO99NOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:e7:ca:41:6f:df:cf:4d:15:22:c4:d5:51:d3:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Sep  7 01:01:05 2025 GMT
            Not After : Sep  8 01:01:05 2025 GMT
        Subject: CN=2cbef188b45adc416347b47352783029812fefae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:95:bf:d8:8b:5f:f3:90:60:5e:2c:35:4f:e2:
                    ce:dc:bb:83:a4:28:0e:3f:a6:0b:3b:fb:26:30:b7:
                    c3:f8:0a:d3:4a:97:87:53:cf:c1:d6:55:a4:91:95:
                    e8:40:ab:dc:e6:7e:8a:e7:e7:37:ab:7c:9a:36:54:
                    d6:b1:3b:2b:20:19:98:ac:cd:ec:cf:c7:6b:f2:67:
                    70:3b:23:ff:6b:cc:09:31:b3:a4:90:4e:0d:b5:f6:
                    f5:30:8d:93:34:8a:f7:ab:5a:1c:a2:5b:2f:41:a9:
                    1f:27:26:49:74:cf:c0:ab:53:8f:da:3a:09:f6:d2:
                    ec:ed:72:f2:45:db:fc:66:05:f5:1e:55:1d:46:63:
                    64:c8:b4:dc:fa:e0:b0:61:2f:a3:60:a9:fc:b0:b6:
                    8c:0b:db:05:52:b2:c5:e9:64:da:05:83:63:ce:d8:
                    da:59:6c:d9:c5:80:5c:88:fb:03:08:85:b9:21:6f:
                    14:cb:9a:71:68:30:d7:9f:dc:62:cf:e0:39:72:b1:
                    b4:fb:42:cd:ff:eb:e1:b3:fa:4b:9b:50:21:0f:a8:
                    a6:74:19:4e:cb:ab:2e:a1:98:2c:98:fe:f1:39:85:
                    63:05:c8:72:66:ed:8c:7c:22:17:d6:4e:9d:02:2e:
                    48:af:2c:15:ce:b2:f1:97:8c:ca:78:06:37:23:50:
                    0b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:BE:F1:88:B4:5A:DC:41:63:47:B4:73:52:78:30:29:81:2F:EF:AE
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:b6:4c:62:76:38:c3:03:d0:a0:86:d0:11:11:3d:8e:68:7c:
         d8:64:47:c1:81:7d:da:f4:3c:fb:69:a4:56:c5:3b:4c:b5:ae:
         7e:8d:db:8e:79:82:11:ef:df:88:d0:e1:07:9c:d1:0b:cb:83:
         32:cf:87:4e:98:f7:b3:3e:65:3c:43:e9:2d:68:59:4b:9b:45:
         ac:7d:c0:48:79:ad:51:ab:65:b3:50:af:eb:7b:16:0f:1b:0c:
         d6:39:7b:38:6e:b0:4f:8c:47:1b:3c:02:68:e5:a0:27:ae:c4:
         24:d3:c4:17:b4:89:90:84:14:df:64:ac:fa:16:19:4d:16:3a:
         96:30:f6:d3:3f:09:e6:f0:44:18:13:c6:0d:65:6e:ea:ab:53:
         45:90:88:67:cc:f8:ab:3f:4f:aa:aa:35:18:20:d2:97:ab:9f:
         1f:1b:3a:7b:df:5b:b8:a7:3d:16:98:c4:46:3d:f2:f1:3f:b5:
         fb:9a:e7:6f:bf:ab:ed:46:e6:54:4c:74:26:0f:80:13:1d:18:
         8a:dc:83:73:4f:e1:74:ec:f0:72:c0:f4:3e:e5:05:57:5d:50:
         83:5a:2f:13:03:0c:58:a4:cb:81:a3:51:be:1b:61:75:cf:6c:
         12:33:0b:21:72:f1:e4:23:ad:f5:58:e9:9a:d6:92:1e:e9:99:
         42:e2:78:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsOfKQW/fz00VIsTVUdOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUwOTA3MDEwMTA1WhcNMjUwOTA4MDEwMTA1WjAzMTEwLwYDVQQD
EygyY2JlZjE4OGI0NWFkYzQxNjM0N2I0NzM1Mjc4MzAyOTgxMmZlZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZW/2Itf85BgXiw1T+LO3LuDpCgO
P6YLO/smMLfD+ArTSpeHU8/B1lWkkZXoQKvc5n6K5+c3q3yaNlTWsTsrIBmYrM3s
z8dr8mdwOyP/a8wJMbOkkE4Ntfb1MI2TNIr3q1ocolsvQakfJyZJdM/Aq1OP2joJ
9tLs7XLyRdv8ZgX1HlUdRmNkyLTc+uCwYS+jYKn8sLaMC9sFUrLF6WTaBYNjztja
WWzZxYBciPsDCIW5IW8Uy5pxaDDXn9xiz+A5crG0+0LN/+vhs/pLm1AhD6imdBlO
y6suoZgsmP7xOYVjBchyZu2MfCIX1k6dAi5IrywVzrLxl4zKeAY3I1ALJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCy+8Yi0WtxBY0e0c1J4MCmBL++uMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7ZMYnY4
wwPQoIbQERE9jmh82GRHwYF92vQ8+2mkVsU7TLWufo3bjnmCEe/fiNDhB5zRC8uD
Ms+HTpj3sz5lPEPpLWhZS5tFrH3ASHmtUatls1Cv63sWDxsM1jl7OG6wT4xHGzwC
aOWgJ67EJNPEF7SJkIQU32Ss+hYZTRY6ljD20z8J5vBEGBPGDWVu6qtTRZCIZ8z4
qz9Pqqo1GCDSl6ufHxs6e99buKc9FpjERj3y8T+1+5rnb7+r7UbmVEx0Jg+AEx0Y
ityDc0/hdOzwcsD0PuUFV11Qg1ovEwMMWKTLgaNRvhthdc9sEjMLIXLx5COt9Vjp
mtaSHumZQuJ4xA==
-----END CERTIFICATE-----