Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          G+aAJNqKhd1qz1KZk7GEFRNbQFIpdMbxj0vVbzgu9GM=
Subject key identifier:   A6:00:BC:28:94:7F:27:FF:75:57:70:C1:E9:1B:84:1F:FE:D2:43:AE
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       01974BFBA76E5DA9BEF2EBB1EFA0082DFC00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          0305
Signing time:             Sat 07 Jun 2025 20:01:12 +0000
Manifest this update:     Sat 07 Jun 2025 20:01:12 +0000
Manifest next update:     Sun 08 Jun 2025 20:01:12 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: 0uSuoZ4sdOnd/0EWpLmxLwPK7Eqsx7A44f3+mGt//dA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:fb:a7:6e:5d:a9:be:f2:eb:b1:ef:a0:08:2d:fc:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: Jun  7 20:01:12 2025 GMT
            Not After : Jun  8 20:01:12 2025 GMT
        Subject: CN=a600bc28947f27ff755770c1e91b841ffed243ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:4b:23:de:e8:10:07:93:ca:64:27:5a:f6:fd:
                    a3:e8:9f:44:69:59:e8:26:91:38:15:1a:cb:f0:2b:
                    1f:7c:ed:3f:24:18:e1:a0:a4:77:f9:ec:b4:95:da:
                    b5:ce:65:76:6e:59:7c:09:de:0b:c0:5e:fd:a8:54:
                    8c:92:ca:7d:75:09:30:90:6d:cd:1d:01:82:61:40:
                    07:d1:34:21:6e:c1:c2:59:86:3d:c6:8b:2f:24:0d:
                    aa:92:44:c1:a6:42:0b:7a:a7:e0:ac:98:6e:8a:c7:
                    86:5e:db:47:a4:21:13:c2:9f:5e:fb:81:89:0a:e6:
                    93:1c:2d:6a:b0:02:88:8e:56:f6:be:38:44:34:39:
                    8e:38:37:d0:a6:05:de:3f:94:23:db:89:f3:f7:e5:
                    fb:e0:5e:2c:df:61:75:0a:f3:b5:25:a4:2a:64:80:
                    5f:11:dc:fb:0e:4d:b6:b7:e6:cf:a1:2b:05:ae:a7:
                    8a:47:e2:7d:39:8d:49:8f:8f:2c:28:7d:2d:59:a5:
                    a7:68:76:5b:87:20:50:7d:20:64:1e:3f:55:7f:29:
                    e2:8d:2d:bc:cc:5b:1c:e9:8c:51:c0:1f:e3:94:91:
                    ba:70:79:36:50:f5:1c:6b:9f:1a:77:4c:9d:49:dd:
                    dc:15:c7:90:75:f6:39:89:18:bd:3b:5b:d6:e0:e4:
                    42:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:00:BC:28:94:7F:27:FF:75:57:70:C1:E9:1B:84:1F:FE:D2:43:AE
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:fc:7e:67:1e:bc:8f:ea:93:e7:b7:2d:fd:7c:3b:39:dc:1c:
         de:0b:ce:7a:1f:c0:59:2d:65:61:c0:a0:4f:9b:fa:f8:d8:02:
         5e:61:e6:17:93:a9:d8:09:98:1f:9e:fe:08:47:0b:90:55:bb:
         18:0f:18:9d:55:ba:1c:ec:5e:34:3f:b8:c2:43:e9:b5:fe:3f:
         f8:33:d6:e8:91:7c:2d:68:88:32:52:b4:42:c6:66:72:65:32:
         cd:4d:ea:71:75:8d:44:27:9f:3c:69:92:27:ef:71:09:07:cb:
         5e:ba:bc:12:4f:81:2b:58:7c:60:83:41:f4:d1:b6:85:23:ec:
         0d:9b:57:63:05:21:63:21:7b:b6:dc:b5:97:6b:dd:b3:e6:d3:
         bf:8a:1c:14:32:9f:0c:c4:36:be:a4:5d:f7:d6:1e:c6:d2:af:
         22:eb:f1:81:c0:7b:ce:5a:26:ab:d1:08:40:20:4e:25:60:d2:
         06:36:1a:b0:40:fc:be:53:72:12:8f:bf:29:46:0d:be:19:38:
         3a:ed:8f:69:78:5e:fb:65:38:d0:c7:52:71:07:a2:d0:95:f6:
         f0:83:e1:7b:6f:a5:e3:3b:e7:97:17:c9:77:4a:79:b1:89:41:
         b0:41:55:52:27:18:9c:07:ee:5b:3c:7e:44:9c:4d:e5:7d:1a:
         3b:94:64:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdL+6duXam+8uux76AILfwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjUwNjA3MjAwMTEyWhcNMjUwNjA4MjAwMTEyWjAzMTEwLwYDVQQD
EyhhNjAwYmMyODk0N2YyN2ZmNzU1NzcwYzFlOTFiODQxZmZlZDI0M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0sj3ugQB5PKZCda9v2j6J9EaVno
JpE4FRrL8CsffO0/JBjhoKR3+ey0ldq1zmV2bll8Cd4LwF79qFSMksp9dQkwkG3N
HQGCYUAH0TQhbsHCWYY9xosvJA2qkkTBpkILeqfgrJhuiseGXttHpCETwp9e+4GJ
CuaTHC1qsAKIjlb2vjhENDmOODfQpgXeP5Qj24nz9+X74F4s32F1CvO1JaQqZIBf
Edz7Dk22t+bPoSsFrqeKR+J9OY1Jj48sKH0tWaWnaHZbhyBQfSBkHj9VfynijS28
zFsc6YxRwB/jlJG6cHk2UPUca58ad0ydSd3cFceQdfY5iRi9O1vW4ORCDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYAvCiUfyf/dVdwwekbhB/+0kOuMB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPx+Zx68
j+qT57ct/Xw7Odwc3gvOeh/AWS1lYcCgT5v6+NgCXmHmF5Op2AmYH57+CEcLkFW7
GA8YnVW6HOxeND+4wkPptf4/+DPW6JF8LWiIMlK0QsZmcmUyzU3qcXWNRCefPGmS
J+9xCQfLXrq8Ek+BK1h8YINB9NG2hSPsDZtXYwUhYyF7tty1l2vds+bTv4ocFDKf
DMQ2vqRd99YextKvIuvxgcB7zlomq9EIQCBOJWDSBjYasED8vlNyEo+/KUYNvhk4
Ou2PaXhe+2U40MdScQei0JX28IPhe2+l4zvnlxfJd0p5sYlBsEFVUicYnAfuWzx+
RJxN5X0aO5Rk0w==
-----END CERTIFICATE-----