Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          QFTr51HM+3C6c6lZBlz+Lk5TpdG+C5/fwOkvNqlwNzQ=
Subject key identifier:   35:15:89:C4:B6:B3:3C:9E:C6:50:1C:FB:CA:60:4D:05:20:56:6B:09
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       019746D4841BC897BD9DB9227AB107C8AC8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          022A
Signing time:             Fri 06 Jun 2025 20:00:21 +0000
Manifest this update:     Fri 06 Jun 2025 20:00:21 +0000
Manifest next update:     Sat 07 Jun 2025 20:00:21 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: V3vxMA4CtGQPtvUOCQk6ai7L9GtN+WIRj/G/RbumUHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 20:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:d4:84:1b:c8:97:bd:9d:b9:22:7a:b1:07:c8:ac:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Jun  6 20:00:21 2025 GMT
            Not After : Jun  7 20:00:21 2025 GMT
        Subject: CN=351589c4b6b33c9ec6501cfbca604d0520566b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:91:42:01:e7:f5:bb:b9:54:2a:68:24:61:8f:
                    63:76:6d:d9:75:b9:5f:ed:7d:01:45:4b:28:61:b0:
                    76:86:cc:33:0f:2c:e8:c2:30:01:81:4a:bb:5c:a8:
                    38:09:19:a7:e5:8a:09:6d:c8:a1:39:8f:0c:e1:b8:
                    df:c9:f5:f5:09:46:ab:f4:7f:6a:ee:55:c8:ae:30:
                    fa:93:b4:1b:1d:c8:b0:da:b4:40:a6:7e:24:27:87:
                    68:82:6c:b1:8a:cf:f0:7f:9e:84:2b:8d:fb:12:75:
                    a6:1b:7b:5a:e1:45:28:b4:b7:f6:b3:81:bb:01:e8:
                    97:68:cb:74:da:41:07:ba:79:bd:a4:78:30:cc:cf:
                    18:37:fb:42:f6:89:85:96:fb:c9:64:fe:87:b9:be:
                    27:1b:4d:94:be:72:9d:88:1d:35:cd:7b:d1:63:ea:
                    4e:8f:c8:a7:b7:4b:05:6a:2c:1b:12:6a:86:a8:ed:
                    e8:6a:e8:27:22:05:a8:09:2a:e5:01:c3:ae:ae:82:
                    02:09:b7:b3:72:8f:4f:a7:1d:f2:3e:b9:d9:6e:36:
                    dc:fa:42:37:d9:31:e5:a2:4d:6e:66:61:0b:b5:1d:
                    b2:a7:8c:c8:f5:67:cc:62:c2:b0:5e:35:33:fe:e8:
                    03:08:76:cb:f6:e5:61:a1:4a:84:0d:00:a5:05:42:
                    ab:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:15:89:C4:B6:B3:3C:9E:C6:50:1C:FB:CA:60:4D:05:20:56:6B:09
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:03:16:ac:9c:91:d4:2f:b4:71:dc:50:15:7e:e3:01:0d:a9:
         e9:f9:2a:cc:c6:e9:fe:26:2f:b2:e5:f1:ba:aa:7d:b2:4c:06:
         55:9f:1c:4b:35:4a:92:d9:66:cb:9f:17:09:a0:22:73:0a:c5:
         ed:bb:ad:51:a3:d5:22:ff:8b:34:d7:05:b6:2a:2c:50:a0:8d:
         c9:14:0b:42:4f:81:9e:4f:c8:5c:a2:65:0b:14:fb:73:02:87:
         2c:ca:26:b5:ff:29:88:42:37:6c:a4:91:51:d9:48:5e:56:d8:
         bc:3d:2c:cf:45:65:0a:ca:a3:12:9c:9c:b1:ae:52:0e:5f:6c:
         a7:94:bd:8e:81:9e:ca:04:ff:da:97:1a:ac:be:d4:ab:af:a5:
         d8:0e:f8:31:63:e2:13:d9:15:3b:12:fc:4f:8d:40:a2:1e:4c:
         83:66:bc:e9:28:05:34:d1:ce:24:8d:5c:92:b1:78:77:c8:4a:
         2a:f1:39:ca:66:94:78:46:c2:94:84:63:5f:c3:d2:e2:e4:37:
         bb:b2:4f:4f:45:d7:96:7b:c5:06:a4:be:8e:60:a5:74:f8:14:
         0d:2f:6f:00:99:a1:82:6b:92:d7:77:d1:9c:c4:f4:72:76:ff:
         ba:be:17:b9:84:16:19:a4:77:28:e3:60:fb:10:a5:5c:67:55:
         2e:c1:a3:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdG1IQbyJe9nbkierEHyKyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUwNjA2MjAwMDIxWhcNMjUwNjA3MjAwMDIxWjAzMTEwLwYDVQQD
EygzNTE1ODljNGI2YjMzYzllYzY1MDFjZmJjYTYwNGQwNTIwNTY2YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pFCAef1u7lUKmgkYY9jdm3Zdblf
7X0BRUsoYbB2hswzDyzowjABgUq7XKg4CRmn5YoJbcihOY8M4bjfyfX1CUar9H9q
7lXIrjD6k7QbHciw2rRApn4kJ4dogmyxis/wf56EK437EnWmG3ta4UUotLf2s4G7
AeiXaMt02kEHunm9pHgwzM8YN/tC9omFlvvJZP6Hub4nG02UvnKdiB01zXvRY+pO
j8int0sFaiwbEmqGqO3oaugnIgWoCSrlAcOuroICCbezco9Ppx3yPrnZbjbc+kI3
2THlok1uZmELtR2yp4zI9WfMYsKwXjUz/ugDCHbL9uVhoUqEDQClBUKrJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUVicS2szyexlAc+8pgTQUgVmsJMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQMWrJyR
1C+0cdxQFX7jAQ2p6fkqzMbp/iYvsuXxuqp9skwGVZ8cSzVKktlmy58XCaAicwrF
7butUaPVIv+LNNcFtiosUKCNyRQLQk+Bnk/IXKJlCxT7cwKHLMomtf8piEI3bKSR
UdlIXlbYvD0sz0VlCsqjEpycsa5SDl9sp5S9joGeygT/2pcarL7Uq6+l2A74MWPi
E9kVOxL8T41Aoh5Mg2a86SgFNNHOJI1ckrF4d8hKKvE5ymaUeEbClIRjX8PS4uQ3
u7JPT0XXlnvFBqS+jmCldPgUDS9vAJmhgmuS13fRnMT0cnb/ur4XuYQWGaR3KONg
+xClXGdVLsGjnw==
-----END CERTIFICATE-----