Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
File:                     rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json)
Hash identifier:          62ytLENnHrM5vgFFUOPrrnPTMSlvXPEq6sLCydFzKFo=
Subject key identifier:   E0:D6:FF:9B:FE:31:59:EA:CE:D9:5C:C2:8A:A7:2E:69:BB:4B:43:AC
Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5
Certificate issuer:       /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
Certificate serial:       01974DB29F3410577AD7F423F9D45E64C9EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
Manifest number:          124F
Signing time:             Sun 08 Jun 2025 04:00:41 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:41 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:41 +0000
Files and hashes:         1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: JZ+hYGWeJY1MwqkQi0JYjtKaABlWO66qa0+dmnlFVZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:9f:34:10:57:7a:d7:f4:23:f9:d4:5e:64:c9:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
        Validity
            Not Before: Jun  8 04:00:41 2025 GMT
            Not After : Jun  9 04:00:41 2025 GMT
        Subject: CN=e0d6ff9bfe3159eaced95cc28aa72e69bb4b43ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e5:3e:32:ef:ad:1b:e8:80:a2:d5:bc:80:eb:
                    c1:49:79:4f:89:87:a8:3e:d5:58:d2:25:c4:c9:6f:
                    86:0b:d9:ae:d9:6a:7e:d9:4b:cb:d6:f1:14:92:3c:
                    8d:5a:b4:31:42:00:7e:40:30:4f:78:48:bb:7c:34:
                    4b:3b:35:6f:e3:c9:28:cd:70:57:a8:a8:16:17:c2:
                    c2:7f:2d:8e:fa:e5:a7:36:70:a5:41:27:04:89:a3:
                    f1:d2:75:a8:c5:b5:86:39:5a:7f:fa:10:7d:5d:57:
                    21:2e:10:9a:4e:26:2c:a4:34:6b:8e:79:ff:3a:8e:
                    d8:50:07:89:d4:f0:d7:44:f6:c5:70:bc:b8:a2:91:
                    04:9e:84:ff:28:f0:34:f8:1d:75:0a:e8:d6:48:b4:
                    74:5a:6b:93:fc:27:d4:96:1b:ad:2a:0f:93:37:88:
                    1a:25:9e:1e:ae:50:d9:0a:3f:48:81:63:87:89:7b:
                    ca:fa:89:21:6f:3a:6e:4a:f9:84:e7:67:a0:20:6e:
                    a4:78:11:2e:73:87:9b:bf:94:9f:c2:ed:42:5c:0d:
                    1e:1d:f6:04:b5:9b:a4:19:5b:6e:57:33:5d:99:8b:
                    5d:88:be:43:93:9a:78:ca:45:39:92:6c:35:91:79:
                    17:28:ce:6e:58:be:15:82:ab:ee:e0:7f:78:4a:cd:
                    66:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:D6:FF:9B:FE:31:59:EA:CE:D9:5C:C2:8A:A7:2E:69:BB:4B:43:AC
            X509v3 Authority Key Identifier:
                keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:2d:28:94:d2:6b:e3:db:97:65:22:d4:f2:d1:04:c0:b2:6d:
         b5:50:00:a3:bb:45:41:2d:6e:c3:3c:69:01:48:42:ec:eb:3c:
         8e:cd:56:6b:d9:73:fa:79:8d:50:1f:03:1b:8d:35:7c:fa:6a:
         9c:37:c2:0c:ef:10:74:f9:42:7f:d7:ea:1c:2b:57:97:60:bc:
         be:23:d2:ad:cf:ce:0d:e4:23:80:90:0a:c1:38:fb:3a:f4:4c:
         38:69:12:76:0c:d1:8e:b6:64:c0:fd:5f:27:2b:f9:76:e5:89:
         57:00:ca:b0:3f:c0:c9:d3:87:af:47:7a:25:1c:ed:63:df:28:
         54:19:c1:80:46:fe:6c:ac:bb:cd:d0:dc:82:72:28:95:f3:1d:
         37:ec:45:52:42:4e:08:79:fb:ed:09:48:21:0d:b8:c0:fc:4a:
         c8:27:be:ee:22:77:c3:7b:a1:5b:b8:30:b3:19:80:26:36:68:
         5c:a6:35:08:1a:5a:5e:d7:96:2d:fd:38:47:c3:a0:67:6c:39:
         d4:cd:47:e5:b2:93:34:06:a2:9a:c2:70:e5:62:17:79:39:f9:
         7b:fb:a2:f9:1c:60:cf:c2:9d:84:06:85:65:d3:9f:ad:7f:74:
         b0:57:d3:b5:a4:df:68:65:6b:4d:3a:bf:d7:f6:42:c8:43:7f:
         cc:11:88:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsp80EFd61/Qj+dReZMnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl
NzhhZjUwHhcNMjUwNjA4MDQwMDQxWhcNMjUwNjA5MDQwMDQxWjAzMTEwLwYDVQQD
EyhlMGQ2ZmY5YmZlMzE1OWVhY2VkOTVjYzI4YWE3MmU2OWJiNGI0M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+U+Mu+tG+iAotW8gOvBSXlPiYeo
PtVY0iXEyW+GC9mu2Wp+2UvL1vEUkjyNWrQxQgB+QDBPeEi7fDRLOzVv48kozXBX
qKgWF8LCfy2O+uWnNnClQScEiaPx0nWoxbWGOVp/+hB9XVchLhCaTiYspDRrjnn/
Oo7YUAeJ1PDXRPbFcLy4opEEnoT/KPA0+B11CujWSLR0WmuT/CfUlhutKg+TN4ga
JZ4erlDZCj9IgWOHiXvK+okhbzpuSvmE52egIG6keBEuc4ebv5Sfwu1CXA0eHfYE
tZukGVtuVzNdmYtdiL5Dk5p4ykU5kmw1kXkXKM5uWL4Vgqvu4H94Ss1mDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODW/5v+MVnqztlcwoqnLmm7S0OsMB8GA1UdIwQY
MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt
ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1
LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQi0olNJr
49uXZSLU8tEEwLJttVAAo7tFQS1uwzxpAUhC7Os8js1Wa9lz+nmNUB8DG401fPpq
nDfCDO8QdPlCf9fqHCtXl2C8viPSrc/ODeQjgJAKwTj7OvRMOGkSdgzRjrZkwP1f
Jyv5duWJVwDKsD/AydOHr0d6JRztY98oVBnBgEb+bKy7zdDcgnIolfMdN+xFUkJO
CHn77QlIIQ24wPxKyCe+7iJ3w3uhW7gwsxmAJjZoXKY1CBpaXteWLf04R8OgZ2w5
1M1H5bKTNAaimsJw5WIXeTn5e/ui+Rxgz8KdhAaFZdOfrX90sFfTtaTfaGVrTTq/
1/ZCyEN/zBGIyQ==
-----END CERTIFICATE-----