Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          qJldFpYIKy9lon+z6pscLXReQwXU5qF9xmRj2DZbLgE=
Subject key identifier:   65:8C:E4:9F:AE:88:30:F3:19:31:9D:F7:FB:7C:83:57:38:BA:55:BA
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019749D62B18E1DDB677F8DF583A0FE0A8FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          04DD
Signing time:             Sat 07 Jun 2025 10:01:01 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:01 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:01 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: ImuxFWyzVFClI9yc7/lwGqk8iALc1kFaCwfi7inxmoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:2b:18:e1:dd:b6:77:f8:df:58:3a:0f:e0:a8:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Jun  7 10:01:01 2025 GMT
            Not After : Jun  8 10:01:01 2025 GMT
        Subject: CN=658ce49fae8830f319319df7fb7c835738ba55ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:f0:3b:73:2b:06:0a:0b:51:9c:f3:af:8c:77:
                    1a:bd:3b:9b:27:8a:49:fb:90:25:7f:e2:45:7b:74:
                    62:c7:5b:a4:c1:ce:ef:eb:0c:ec:cd:bd:18:53:c6:
                    60:67:17:cb:26:56:1c:cf:4b:f7:b0:5d:ba:32:98:
                    2e:2e:f5:22:32:f7:24:ca:45:d1:72:c3:92:4b:ed:
                    93:fe:a7:b3:a3:00:44:e9:17:10:a0:b6:e0:71:63:
                    db:55:dc:6a:30:9e:e4:fa:28:11:37:36:fb:0b:8d:
                    64:4e:71:6f:fc:26:4a:e1:00:10:46:9a:f5:5c:e3:
                    90:7d:d8:80:ed:8a:39:7c:c7:4b:c7:ad:8e:b7:a8:
                    4a:00:f1:68:f2:22:9f:c2:76:4c:d8:e2:c5:c6:ea:
                    5c:bb:16:ea:7a:e3:60:6f:89:8d:be:f4:bf:00:d4:
                    91:3c:f2:72:7a:d4:36:62:7b:fa:dd:3d:6a:75:cf:
                    6d:1d:8d:7a:f3:48:de:cb:c3:7e:a1:a7:ce:58:92:
                    48:80:9b:4c:76:41:57:c0:18:c4:a9:4d:56:d3:01:
                    78:12:ec:12:fd:aa:e9:14:9f:4d:9d:d6:9b:e4:e2:
                    01:7a:ba:fe:7c:44:c9:d1:e9:96:cf:81:34:17:5e:
                    26:e6:95:4a:d5:be:1a:96:ef:86:e6:d9:4a:b1:56:
                    5f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:8C:E4:9F:AE:88:30:F3:19:31:9D:F7:FB:7C:83:57:38:BA:55:BA
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:63:31:0a:ce:50:28:28:ae:ef:60:e0:be:0e:50:23:8d:48:
         1c:58:a5:9f:51:7c:22:84:11:3c:7c:9e:24:d6:37:22:b2:ff:
         85:f1:f6:7c:72:94:9a:65:58:35:3f:09:d1:b5:a4:6e:a3:f9:
         d5:ad:a6:b5:40:e0:05:a3:59:cd:39:7f:84:8d:67:1f:da:ba:
         e5:bd:09:63:c0:b3:c3:b3:fb:5c:9b:88:98:d0:f2:9b:b7:d4:
         cc:bd:de:2b:18:e6:6c:67:93:87:32:03:73:8d:b3:a3:0e:35:
         7f:12:ce:8e:db:4a:84:4b:14:02:1f:6b:56:f7:29:fa:cd:40:
         07:0d:e9:90:60:b3:92:3f:d6:b8:2a:e3:b2:be:d1:27:73:66:
         27:1b:3f:c3:fe:7d:d6:39:36:7d:c2:56:68:59:5d:14:25:91:
         7e:54:65:f2:93:a2:58:dc:be:2d:60:8b:c7:55:e9:68:f8:40:
         90:76:7d:9d:cd:fd:93:a8:68:e4:4f:ce:57:b2:f0:21:15:10:
         f2:2b:53:d9:42:03:f4:bf:1e:f9:6d:b7:7d:2c:51:db:86:b2:
         4c:12:66:bf:2a:38:90:6b:68:ee:b9:12:03:7b:98:c3:a0:60:
         ae:02:40:d9:20:02:7b:66:11:8d:23:aa:d9:b4:a8:b8:b5:8d:
         53:16:50:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1isY4d22d/jfWDoP4Kj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwNjA3MTAwMTAxWhcNMjUwNjA4MTAwMTAxWjAzMTEwLwYDVQQD
Eyg2NThjZTQ5ZmFlODgzMGYzMTkzMTlkZjdmYjdjODM1NzM4YmE1NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPA7cysGCgtRnPOvjHcavTubJ4pJ
+5Alf+JFe3Rix1ukwc7v6wzszb0YU8ZgZxfLJlYcz0v3sF26MpguLvUiMvckykXR
csOSS+2T/qezowBE6RcQoLbgcWPbVdxqMJ7k+igRNzb7C41kTnFv/CZK4QAQRpr1
XOOQfdiA7Yo5fMdLx62Ot6hKAPFo8iKfwnZM2OLFxupcuxbqeuNgb4mNvvS/ANSR
PPJyetQ2Ynv63T1qdc9tHY1680jey8N+oafOWJJIgJtMdkFXwBjEqU1W0wF4EuwS
/arpFJ9Nndab5OIBerr+fETJ0emWz4E0F14m5pVK1b4alu+G5tlKsVZfqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWM5J+uiDDzGTGd9/t8g1c4ulW6MB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2MxCs5Q
KCiu72Dgvg5QI41IHFiln1F8IoQRPHyeJNY3IrL/hfH2fHKUmmVYNT8J0bWkbqP5
1a2mtUDgBaNZzTl/hI1nH9q65b0JY8Czw7P7XJuImNDym7fUzL3eKxjmbGeThzID
c42zow41fxLOjttKhEsUAh9rVvcp+s1ABw3pkGCzkj/WuCrjsr7RJ3NmJxs/w/59
1jk2fcJWaFldFCWRflRl8pOiWNy+LWCLx1XpaPhAkHZ9nc39k6ho5E/OV7LwIRUQ
8itT2UID9L8e+W23fSxR24ayTBJmvyo4kGto7rkSA3uYw6BgrgJA2SACe2YRjSOq
2bSouLWNUxZQ0Q==
-----END CERTIFICATE-----