Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
File:                     2xjQrivPZ9QUonXLOE8tOWCoN70.mft (raw, json)
Hash identifier:          EWs2MTg7/Wmvz/FiMiaXnusm9lntuXCpnYEVxEKMVH0=
Subject key identifier:   38:3C:F8:BE:AD:E2:A5:3A:35:19:DB:92:48:E8:1D:70:9F:5E:AF:A6
Authority key identifier: DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD
Certificate issuer:       /CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
Certificate serial:       0197CC4C76F9F0CF83EAFEBDD5F9299582BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
Manifest number:          0D38
Signing time:             Wed 02 Jul 2025 18:00:52 +0000
Manifest this update:     Wed 02 Jul 2025 18:00:52 +0000
Manifest next update:     Thu 03 Jul 2025 18:00:52 +0000
Files and hashes:         1: 2xjQrivPZ9QUonXLOE8tOWCoN70.crl (hash: HLLAW8nt4Ofp1B4rWzuVVBzN9jG25YJBLcnPA8/EnFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 11:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cc:4c:76:f9:f0:cf:83:ea:fe:bd:d5:f9:29:95:82:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
        Validity
            Not Before: Jul  2 18:00:52 2025 GMT
            Not After : Jul  3 18:00:52 2025 GMT
        Subject: CN=383cf8beade2a53a3519db9248e81d709f5eafa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:be:70:86:ba:ee:51:ac:d3:f0:d9:a6:aa:b6:
                    19:5c:f8:53:12:1b:3a:1d:4e:d0:1f:68:d5:32:a8:
                    7c:62:b4:fa:81:7c:2c:dd:6a:1a:c1:f0:5a:6e:8e:
                    67:98:aa:8d:85:2d:5a:c8:e2:a7:17:a3:b7:49:c6:
                    20:fa:fe:21:ee:ed:68:6c:11:a3:67:db:38:5c:b6:
                    ba:6d:b1:11:b1:55:51:67:5d:3d:54:31:7c:b6:f9:
                    6f:6a:76:c6:11:07:dd:d9:e0:fb:fc:e2:e8:8b:b8:
                    f7:79:00:e9:a8:38:d3:f9:d7:89:19:31:e2:cd:19:
                    4b:70:28:70:68:a3:0a:10:c8:ca:43:6b:bb:62:4c:
                    cc:ac:b8:5b:35:53:99:33:55:c3:3a:57:3a:d6:f2:
                    24:03:ae:4d:69:71:d4:2a:06:44:1f:eb:70:eb:fe:
                    cd:c6:56:7a:97:8a:a7:e7:b9:e4:2a:3e:23:67:a7:
                    56:c7:86:73:be:64:f0:e0:e4:d0:ae:b0:22:c8:4f:
                    e0:bd:83:e0:ca:0d:f8:9a:09:d5:34:f0:a1:7f:de:
                    59:d8:cd:7e:cd:6c:11:09:22:66:fc:4a:6e:c8:44:
                    07:b8:b6:c3:4a:b2:3b:c9:25:9e:3c:b4:02:85:ac:
                    33:f4:c3:6f:c5:13:ac:be:5d:25:34:7b:e4:d6:ce:
                    4d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3C:F8:BE:AD:E2:A5:3A:35:19:DB:92:48:E8:1D:70:9F:5E:AF:A6
            X509v3 Authority Key Identifier:
                keyid:DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:a9:6b:6e:9e:bf:f4:10:3c:bf:89:93:24:fc:c4:e1:e7:dc:
         a2:e1:61:a4:8c:a3:b1:7e:c6:0f:d1:1c:69:42:dd:eb:0e:24:
         cd:9b:ca:99:b4:d6:ea:d9:f5:97:b2:ab:99:08:95:63:26:54:
         27:c7:31:2f:a5:21:10:ba:9b:d6:9e:45:16:89:cf:3e:db:d0:
         50:d2:3a:29:69:84:a1:5b:8e:c4:06:9f:7f:7a:d9:80:74:1d:
         ee:97:d2:70:b9:53:d0:be:1a:0d:b9:48:c4:db:a5:f7:12:aa:
         1a:8d:88:ee:b2:22:e4:30:fe:22:26:21:9d:3d:09:70:04:ee:
         c8:2a:bc:35:e2:40:34:53:47:ed:3d:0a:58:ee:19:4f:bd:5f:
         ca:a2:66:db:3d:12:b7:4c:09:1a:67:74:47:f9:f9:09:74:34:
         43:99:58:bc:7a:9c:89:a7:53:e8:0a:67:5b:a9:38:8d:cb:14:
         f4:5d:06:c6:3a:dc:b8:48:54:8f:8b:64:d5:b5:0e:dd:70:19:
         d6:a5:ac:58:54:b7:b1:72:04:68:e0:21:e6:af:bf:07:4a:38:
         8d:f7:c8:45:37:66:54:76:86:61:ce:bf:1a:77:38:91:31:25:
         1b:3c:1d:f3:56:d5:d0:57:b8:11:11:09:fd:19:64:f6:94:92:
         f1:4f:95:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfMTHb58M+D6v691fkplYK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMThkMGFlMmJjZjY3ZDQxNGEyNzVjYjM4NGYyZDM5NjBh
ODM3YmQwHhcNMjUwNzAyMTgwMDUyWhcNMjUwNzAzMTgwMDUyWjAzMTEwLwYDVQQD
EygzODNjZjhiZWFkZTJhNTNhMzUxOWRiOTI0OGU4MWQ3MDlmNWVhZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL5whrruUazT8NmmqrYZXPhTEhs6
HU7QH2jVMqh8YrT6gXws3WoawfBabo5nmKqNhS1ayOKnF6O3ScYg+v4h7u1obBGj
Z9s4XLa6bbERsVVRZ109VDF8tvlvanbGEQfd2eD7/OLoi7j3eQDpqDjT+deJGTHi
zRlLcChwaKMKEMjKQ2u7YkzMrLhbNVOZM1XDOlc61vIkA65NaXHUKgZEH+tw6/7N
xlZ6l4qn57nkKj4jZ6dWx4ZzvmTw4OTQrrAiyE/gvYPgyg34mgnVNPChf95Z2M1+
zWwRCSJm/EpuyEQHuLbDSrI7ySWePLQChawz9MNvxROsvl0lNHvk1s5NkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDg8+L6t4qU6NRnbkkjoHXCfXq+mMB8GA1UdIwQY
MBaAFNsY0K4rz2fUFKJ1yzhPLTlgqDe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQt
MGFjZWJhYTY3Yjc5LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQtMGFjZWJhYTY3Yjc5
LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqlrbp6/
9BA8v4mTJPzE4efcouFhpIyjsX7GD9EcaULd6w4kzZvKmbTW6tn1l7KrmQiVYyZU
J8cxL6UhELqb1p5FFonPPtvQUNI6KWmEoVuOxAaff3rZgHQd7pfScLlT0L4aDblI
xNul9xKqGo2I7rIi5DD+IiYhnT0JcATuyCq8NeJANFNH7T0KWO4ZT71fyqJm2z0S
t0wJGmd0R/n5CXQ0Q5lYvHqciadT6ApnW6k4jcsU9F0GxjrcuEhUj4tk1bUO3XAZ
1qWsWFS3sXIEaOAh5q+/B0o4jffIRTdmVHaGYc6/Gnc4kTElGzwd81bV0Fe4EREJ
/Rlk9pSS8U+VDg==
-----END CERTIFICATE-----