Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File:                     G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier:          dc/0lnKzpzj2m6s93taIub+awLnHcJq9wvcw0pTdOJA=
Subject key identifier:   2C:B8:19:EB:E9:4E:3D:17:9C:9E:F9:A6:7F:0C:3D:24:CA:D8:26:23
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer:       /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial:       019752A2C85F86FF302F5004F68661ACB782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number:          0E7A
Signing time:             Mon 09 Jun 2025 03:01:29 +0000
Manifest this update:     Mon 09 Jun 2025 03:01:29 +0000
Manifest next update:     Tue 10 Jun 2025 03:01:29 +0000
Files and hashes:         1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: HOf7fBROXl+GEhZFIHs4x8K+Uh44OrO6P3qGdFYNPsQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:a2:c8:5f:86:ff:30:2f:50:04:f6:86:61:ac:b7:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
        Validity
            Not Before: Jun  9 03:01:29 2025 GMT
            Not After : Jun 10 03:01:29 2025 GMT
        Subject: CN=2cb819ebe94e3d179c9ef9a67f0c3d24cad82623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9a:b3:6f:65:24:35:a7:a9:0b:85:d1:25:12:
                    35:00:85:59:7f:1b:cd:8f:50:df:da:0d:e1:55:6a:
                    b8:36:87:6c:37:1b:69:3f:7b:0d:34:8c:cb:dd:89:
                    e7:b5:bb:a4:e2:71:9e:6f:ef:f7:ba:76:6e:29:98:
                    58:97:5e:99:d4:c5:a5:f5:76:39:13:70:41:d7:f3:
                    a9:0d:dc:7e:5a:ac:9a:59:c1:6d:0a:89:e1:bb:09:
                    5b:49:29:d7:a6:65:7e:35:aa:64:cc:f4:a7:21:92:
                    d0:ee:db:3e:f3:62:5f:f4:8d:3a:e4:93:71:95:a2:
                    52:d8:8c:1f:2f:c8:c3:de:44:05:a9:ee:f5:7d:d5:
                    4c:c5:96:2c:9c:18:da:77:c2:cf:ef:3b:eb:9f:87:
                    91:9b:c9:b3:30:e2:ab:7a:52:03:9b:6a:e1:1d:38:
                    dd:da:b0:3a:d6:6d:ea:f8:ab:57:45:1a:13:4b:90:
                    2f:6a:38:e9:da:5b:74:08:91:54:28:fd:c6:65:6c:
                    32:0e:3c:1e:94:5b:5f:bc:b3:c1:db:63:05:b4:c5:
                    bd:37:1b:06:8a:32:8f:9f:fa:33:a0:49:03:e8:41:
                    92:b8:e5:33:1c:bf:97:ce:ca:2d:17:be:7a:dd:17:
                    04:10:fc:16:d0:63:c6:86:58:26:6b:00:f4:71:1d:
                    d1:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:B8:19:EB:E9:4E:3D:17:9C:9E:F9:A6:7F:0C:3D:24:CA:D8:26:23
            X509v3 Authority Key Identifier:
                keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:55:7a:cc:25:a6:45:1a:59:89:11:ac:85:cd:ea:12:6c:4f:
         34:ad:8f:bd:55:45:cb:d7:b9:f3:7e:af:7b:ce:b9:92:2d:49:
         2c:68:23:cb:47:97:a2:89:f9:88:2a:cb:9b:f2:75:33:3b:a7:
         9c:f9:43:a8:c5:72:7a:8c:bf:5b:14:69:67:bf:44:60:e2:6e:
         1e:e8:bd:7e:3e:74:ef:3f:8a:cc:bc:33:80:c9:10:28:e5:4c:
         03:75:ad:9d:5f:d1:a7:36:a5:1a:f4:a6:69:78:81:f4:ad:6f:
         3e:82:fe:4c:0c:8c:a5:bb:49:12:ee:8c:52:03:53:76:f1:ac:
         cb:db:92:b8:cb:99:00:bb:1f:16:d4:20:1d:e0:02:f8:83:ce:
         1a:f7:21:e4:be:e8:20:4d:af:d3:5e:b8:54:7b:e4:39:3c:db:
         70:b0:71:7d:b8:31:e8:3b:dc:40:b3:a5:d4:12:7d:88:ba:b1:
         71:3a:98:06:81:93:ad:fb:18:65:bc:d8:25:3e:df:bb:0b:09:
         49:8a:66:61:d5:73:3e:9f:cc:b3:38:05:0d:42:1f:9b:76:3a:
         02:ae:8a:f7:f4:8b:2f:c9:e0:c0:2c:32:69:d3:ac:fe:5c:e0:
         99:05:b8:9a:1d:46:a9:6b:11:0a:b7:22:b9:4c:7f:45:c4:0f:
         93:4f:b9:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSoshfhv8wL1AE9oZhrLeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjUwNjA5MDMwMTI5WhcNMjUwNjEwMDMwMTI5WjAzMTEwLwYDVQQD
EygyY2I4MTllYmU5NGUzZDE3OWM5ZWY5YTY3ZjBjM2QyNGNhZDgyNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5qzb2UkNaepC4XRJRI1AIVZfxvN
j1Df2g3hVWq4NodsNxtpP3sNNIzL3Ynntbuk4nGeb+/3unZuKZhYl16Z1MWl9XY5
E3BB1/OpDdx+WqyaWcFtConhuwlbSSnXpmV+NapkzPSnIZLQ7ts+82Jf9I065JNx
laJS2IwfL8jD3kQFqe71fdVMxZYsnBjad8LP7zvrn4eRm8mzMOKrelIDm2rhHTjd
2rA61m3q+KtXRRoTS5Avajjp2lt0CJFUKP3GZWwyDjwelFtfvLPB22MFtMW9NxsG
ijKPn/ozoEkD6EGSuOUzHL+XzsotF7563RcEEPwW0GPGhlgmawD0cR3RQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCy4GevpTj0XnJ75pn8MPSTK2CYjMB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWFV6zCWm
RRpZiRGshc3qEmxPNK2PvVVFy9e5836ve865ki1JLGgjy0eXoon5iCrLm/J1Mzun
nPlDqMVyeoy/WxRpZ79EYOJuHui9fj507z+KzLwzgMkQKOVMA3WtnV/RpzalGvSm
aXiB9K1vPoL+TAyMpbtJEu6MUgNTdvGsy9uSuMuZALsfFtQgHeAC+IPOGvch5L7o
IE2v0164VHvkOTzbcLBxfbgx6DvcQLOl1BJ9iLqxcTqYBoGTrfsYZbzYJT7fuwsJ
SYpmYdVzPp/MszgFDUIfm3Y6Aq6K9/SLL8ngwCwyadOs/lzgmQW4mh1GqWsRCrci
uUx/RcQPk0+5KQ==
-----END CERTIFICATE-----