Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          NoLiGG1qN67eiqLU9/RmV5c5WaW9lEPGuTGANGjHnkU=
Subject key identifier:   47:0E:A9:27:5D:E1:75:7F:AE:42:9C:7E:A3:F8:DE:05:C9:43:D6:5E
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       01974DB25BE8A96E296CD2AB3B83C0B24170
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 04:00:23 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:23 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:23 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: CwuKVYbVIebYA5qJeeUn9zjW7RpBln5D56CKsYEwjFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:5b:e8:a9:6e:29:6c:d2:ab:3b:83:c0:b2:41:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Jun  8 04:00:23 2025 GMT
            Not After : Jun  9 04:00:23 2025 GMT
        Subject: CN=470ea9275de1757fae429c7ea3f8de05c943d65e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b2:16:6d:12:03:43:da:3a:72:74:cf:b4:05:
                    a3:c7:7e:d3:4b:7a:1a:bc:3e:61:c1:7c:5c:b6:33:
                    70:e3:b3:ea:82:a9:7c:8b:51:5f:2c:4a:2e:cf:16:
                    68:31:7f:b4:ad:61:c8:41:6e:11:04:a7:21:8d:a3:
                    8d:88:6c:99:e7:c2:d2:e3:8b:84:65:0c:f3:1e:3d:
                    35:2f:56:cc:f8:e0:08:e3:8f:ca:50:9a:43:a4:4c:
                    b7:b4:8a:6c:40:4a:66:b8:d1:51:cb:28:4d:4e:5c:
                    07:4a:16:ff:49:2e:0d:b8:74:45:6f:37:04:f8:5c:
                    aa:70:61:d8:c5:2b:db:76:0f:51:7e:e9:31:53:0f:
                    42:2a:76:60:ad:f2:8d:77:70:18:ff:4f:4a:84:d3:
                    e4:37:ad:55:64:fe:1e:76:1c:73:50:b4:d5:74:01:
                    f4:6e:43:fc:0d:f9:bc:06:9b:c4:ff:96:e1:32:17:
                    c3:dd:3b:81:50:4c:e6:d9:93:d4:1e:3e:14:ff:97:
                    d7:0d:07:3a:d5:87:0f:ca:f3:83:55:8b:55:ac:9f:
                    12:d1:7d:d3:f4:21:6b:75:f5:50:b9:0a:37:e0:62:
                    13:22:77:77:1c:41:2b:40:b4:e9:ae:7c:0f:9a:0b:
                    6e:6b:a5:fc:05:b8:db:a1:10:7a:b7:73:3a:10:08:
                    9a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:0E:A9:27:5D:E1:75:7F:AE:42:9C:7E:A3:F8:DE:05:C9:43:D6:5E
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:21:c2:6a:d1:b2:14:e3:df:af:4f:86:dd:c5:a7:ba:75:8f:
         61:f8:9a:63:a0:67:03:bb:c0:e7:ab:e7:e1:1c:c0:72:08:0f:
         3c:ba:c4:e9:d5:4a:99:2c:9c:33:3c:e4:13:ea:ad:2a:26:90:
         c1:32:9b:05:c1:31:44:fd:4a:36:1f:c5:7f:a7:f9:2d:47:47:
         02:13:fd:6e:0e:86:33:6b:1c:91:13:7f:43:2d:e6:69:54:8d:
         82:37:4b:79:15:66:a0:f2:44:0c:95:a9:47:49:b9:d3:83:bf:
         2f:68:5e:40:c8:8e:92:9d:63:b1:2f:74:63:f2:b4:80:97:7b:
         0b:40:0e:94:e0:dd:41:0b:8e:da:15:82:92:ac:7d:d2:03:a3:
         db:0e:21:81:5f:39:05:31:7e:e5:de:f8:64:e5:1f:6c:8e:de:
         13:74:ae:89:06:b6:eb:c4:a9:9c:3e:d4:7b:aa:ec:ca:b2:fd:
         26:3c:0a:fe:48:23:91:c3:8f:a7:54:e3:84:83:5b:8e:8a:15:
         ad:f8:e9:65:55:8a:83:28:7d:5f:d6:4f:78:0b:31:b2:8f:ae:
         c3:d2:cc:d5:d3:a3:99:f8:aa:2f:86:75:70:d4:90:55:61:f6:
         2f:3c:9f:b4:ed:8a:93:9c:f5:cd:80:74:ec:32:14:c1:dd:15:
         b9:38:a4:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNslvoqW4pbNKrO4PAskFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUwNjA4MDQwMDIzWhcNMjUwNjA5MDQwMDIzWjAzMTEwLwYDVQQD
Eyg0NzBlYTkyNzVkZTE3NTdmYWU0MjljN2VhM2Y4ZGUwNWM5NDNkNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7IWbRIDQ9o6cnTPtAWjx37TS3oa
vD5hwXxctjNw47Pqgql8i1FfLEouzxZoMX+0rWHIQW4RBKchjaONiGyZ58LS44uE
ZQzzHj01L1bM+OAI44/KUJpDpEy3tIpsQEpmuNFRyyhNTlwHShb/SS4NuHRFbzcE
+FyqcGHYxSvbdg9RfukxUw9CKnZgrfKNd3AY/09KhNPkN61VZP4edhxzULTVdAH0
bkP8Dfm8BpvE/5bhMhfD3TuBUEzm2ZPUHj4U/5fXDQc61YcPyvODVYtVrJ8S0X3T
9CFrdfVQuQo34GITInd3HEErQLTprnwPmgtua6X8BbjboRB6t3M6EAiazwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcOqSdd4XV/rkKcfqP43gXJQ9ZeMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0yHCatGy
FOPfr0+G3cWnunWPYfiaY6BnA7vA56vn4RzAcggPPLrE6dVKmSycMzzkE+qtKiaQ
wTKbBcExRP1KNh/Ff6f5LUdHAhP9bg6GM2sckRN/Qy3maVSNgjdLeRVmoPJEDJWp
R0m504O/L2heQMiOkp1jsS90Y/K0gJd7C0AOlODdQQuO2hWCkqx90gOj2w4hgV85
BTF+5d74ZOUfbI7eE3SuiQa268SpnD7Ue6rsyrL9JjwK/kgjkcOPp1TjhINbjooV
rfjpZVWKgyh9X9ZPeAsxso+uw9LM1dOjmfiqL4Z1cNSQVWH2LzyftO2Kk5z1zYB0
7DIUwd0VuTik/Q==
-----END CERTIFICATE-----