Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
File:                     K2s1AF0wIoBENtctw8nIZc-qoAM.mft (raw, json)
Hash identifier:          +ydbYBDCcLNbPTBffmykqze6xMGVlPl1/F2i6WZHCDs=
Subject key identifier:   5A:11:FE:8A:65:F8:6E:E4:B1:0D:68:4D:B9:A3:01:E8:89:0C:9B:32
Authority key identifier: 2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03
Certificate issuer:       /CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
Certificate serial:       0197470BE292C8E97DAB8F38EFBBFCBBF750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
Manifest number:          0AA6
Signing time:             Fri 06 Jun 2025 21:00:50 +0000
Manifest this update:     Fri 06 Jun 2025 21:00:50 +0000
Manifest next update:     Sat 07 Jun 2025 21:00:50 +0000
Files and hashes:         1: K2s1AF0wIoBENtctw8nIZc-qoAM.crl (hash: mLIbRsPaYKGjBfyZUNpx0AsxePcfSj4gvhRA1zXBj8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 21:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0b:e2:92:c8:e9:7d:ab:8f:38:ef:bb:fc:bb:f7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
        Validity
            Not Before: Jun  6 21:00:50 2025 GMT
            Not After : Jun  7 21:00:50 2025 GMT
        Subject: CN=5a11fe8a65f86ee4b10d684db9a301e8890c9b32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ae:e9:b1:a4:3c:27:39:eb:a7:d3:7e:a7:3f:
                    dc:14:ef:87:db:87:67:04:27:55:2b:82:a5:0b:a3:
                    df:20:70:f8:c3:92:61:fd:e3:1d:d2:b8:73:9f:7c:
                    28:03:92:f4:4f:75:34:5c:0a:ea:05:47:fe:3a:89:
                    63:d8:01:e6:c9:80:4e:89:fc:03:68:47:c3:e5:95:
                    4f:c5:65:dd:57:86:6e:24:bb:94:15:89:e8:e4:85:
                    7d:ab:8d:fa:cb:9c:c0:30:f6:58:0c:b4:b9:c2:f2:
                    62:aa:d8:fa:d1:97:10:f4:8d:41:fb:14:bb:f4:29:
                    a2:82:c5:02:0e:88:ae:16:dd:9c:bc:bb:89:cc:89:
                    63:d6:12:3e:a9:36:19:54:1d:23:65:94:fc:4d:d8:
                    d4:cc:6d:7e:8c:98:b2:d0:a9:b6:64:04:5b:a9:6e:
                    85:fb:75:c0:87:cc:c6:3e:ae:77:33:87:7c:08:9a:
                    b3:3b:0d:5e:31:28:fa:8b:91:b8:1a:6e:b1:c5:39:
                    83:2e:41:b1:ac:85:67:6f:00:3b:5c:cc:af:b6:0d:
                    99:f1:04:2f:28:fd:69:1b:7e:33:13:24:0d:57:5e:
                    7e:5d:83:53:ed:22:92:a0:29:27:0e:68:a9:63:0b:
                    e6:49:f1:97:8f:b3:08:c6:0d:5a:4d:32:a6:d3:ab:
                    2c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:11:FE:8A:65:F8:6E:E4:B1:0D:68:4D:B9:A3:01:E8:89:0C:9B:32
            X509v3 Authority Key Identifier:
                keyid:2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:48:d5:b6:af:fa:b9:60:a3:1c:3d:92:93:50:c3:38:c3:f6:
         23:a1:c7:fd:78:d6:94:bd:32:4b:04:04:89:eb:54:7c:15:52:
         d2:af:87:77:91:cf:53:a3:67:07:f4:8e:25:9c:73:27:f1:ab:
         d3:ca:aa:cf:cd:c5:6b:b6:57:f6:f6:f4:83:8f:dd:7d:4b:b3:
         fd:20:75:01:17:fe:71:fc:f5:5e:44:fa:cf:76:08:9d:7a:be:
         7a:45:7b:5c:8c:43:26:79:19:5c:56:69:ee:dc:29:96:50:b8:
         8c:c9:a7:fb:07:d8:9e:15:a0:f3:e8:84:6d:83:28:22:f5:7d:
         1f:c4:0c:f2:ce:b2:36:92:6e:89:95:68:a5:1d:07:5c:13:e5:
         d6:15:b4:7f:bc:25:18:f6:ff:ae:99:cc:4e:a2:91:f3:f9:10:
         71:05:71:ed:24:9f:81:30:7e:ff:11:7c:c8:88:1e:ff:d2:b5:
         00:59:58:bb:90:ec:f7:82:82:2d:d2:49:00:f4:47:8e:93:5e:
         bb:33:3e:c9:e2:ed:84:02:1e:95:b9:87:71:77:4a:b8:96:58:
         56:b7:f0:3b:46:bc:c8:05:66:43:1e:05:1b:ad:ce:42:24:1c:
         0e:b2:cc:7f:1a:f4:40:fa:7d:88:bc:b8:7d:c5:b3:c8:49:02:
         2c:86:2f:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHC+KSyOl9q48477v8u/dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmIzNTAwNWQzMDIyODA0NDM2ZDcyZGMzYzljODY1Y2Zh
YWEwMDMwHhcNMjUwNjA2MjEwMDUwWhcNMjUwNjA3MjEwMDUwWjAzMTEwLwYDVQQD
Eyg1YTExZmU4YTY1Zjg2ZWU0YjEwZDY4NGRiOWEzMDFlODg5MGM5YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK7psaQ8Jznrp9N+pz/cFO+H24dn
BCdVK4KlC6PfIHD4w5Jh/eMd0rhzn3woA5L0T3U0XArqBUf+Oolj2AHmyYBOifwD
aEfD5ZVPxWXdV4ZuJLuUFYno5IV9q436y5zAMPZYDLS5wvJiqtj60ZcQ9I1B+xS7
9CmigsUCDoiuFt2cvLuJzIlj1hI+qTYZVB0jZZT8TdjUzG1+jJiy0Km2ZARbqW6F
+3XAh8zGPq53M4d8CJqzOw1eMSj6i5G4Gm6xxTmDLkGxrIVnbwA7XMyvtg2Z8QQv
KP1pG34zEyQNV15+XYNT7SKSoCknDmipYwvmSfGXj7MIxg1aTTKm06sscQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoR/opl+G7ksQ1oTbmjAeiJDJsyMB8GA1UdIwQY
MBaAFCtrNQBdMCKARDbXLcPJyGXPqqADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgt
ZjE4ZmJmNTk2ZWJhLzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgtZjE4ZmJmNTk2ZWJh
LzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakjVtq/6
uWCjHD2Sk1DDOMP2I6HH/XjWlL0ySwQEietUfBVS0q+Hd5HPU6NnB/SOJZxzJ/Gr
08qqz83Fa7ZX9vb0g4/dfUuz/SB1ARf+cfz1XkT6z3YInXq+ekV7XIxDJnkZXFZp
7twpllC4jMmn+wfYnhWg8+iEbYMoIvV9H8QM8s6yNpJuiZVopR0HXBPl1hW0f7wl
GPb/rpnMTqKR8/kQcQVx7SSfgTB+/xF8yIge/9K1AFlYu5Ds94KCLdJJAPRHjpNe
uzM+yeLthAIelbmHcXdKuJZYVrfwO0a8yAVmQx4FG63OQiQcDrLMfxr0QPp9iLy4
fcWzyEkCLIYvsQ==
-----END CERTIFICATE-----