Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          FAMMDSVARgBQebtz8EqRWDtnCZpw0OL8mG204QT1SIQ=
Subject key identifier:   5B:24:1B:DA:F9:E8:0A:BB:6C:4B:30:1D:25:F5:F6:2A:D2:0A:67:FB
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       01974A7B2DD1D3FDD8F0F0EE6528C0EBBE73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0EBA
Signing time:             Sat 07 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:16 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: EoVV5qHdKYqzO81dXM100uY++lwg6jmuL7FWAdDT8CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:2d:d1:d3:fd:d8:f0:f0:ee:65:28:c0:eb:be:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Jun  7 13:01:16 2025 GMT
            Not After : Jun  8 13:01:16 2025 GMT
        Subject: CN=5b241bdaf9e80abb6c4b301d25f5f62ad20a67fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:a0:aa:a4:79:ef:39:12:6a:63:e1:32:8e:da:
                    5d:5f:d4:0d:21:9d:64:67:e2:92:90:9c:d0:a8:4e:
                    8e:d5:80:df:da:d0:3d:8e:01:a1:5d:b2:9b:38:1e:
                    b4:8f:b6:34:73:1c:fa:63:d3:fc:01:89:54:d9:0b:
                    09:d8:63:0c:94:72:83:32:83:a9:24:c0:6e:81:05:
                    ab:31:f0:22:da:90:bc:f0:e4:7d:b0:ff:bf:5e:52:
                    ec:e6:bc:da:5d:a9:cd:96:b5:ab:67:33:4a:fb:9e:
                    36:6b:50:51:5c:80:01:b6:39:21:0f:c8:f4:79:fa:
                    50:39:bd:24:39:5d:06:92:11:77:1e:b0:9d:79:e8:
                    f0:ed:52:ff:db:69:72:ab:d5:8b:a8:18:3e:77:84:
                    6a:ee:0b:6d:0f:8f:11:f5:02:e1:5b:36:d5:0d:b7:
                    08:dc:43:72:39:ef:78:dd:17:8d:3b:0d:40:e9:fa:
                    e7:b2:9f:b1:77:f6:ff:e3:e1:c0:ba:59:7e:85:a8:
                    ab:5e:26:2c:f7:ff:90:71:31:fd:e2:27:39:3e:40:
                    7d:e1:21:90:f5:79:a0:21:1c:db:5c:91:76:a8:8d:
                    d1:0a:3a:a5:5d:39:c9:18:58:c5:45:bd:29:50:0d:
                    ef:1b:64:07:75:7c:e1:44:d6:16:b7:7f:94:6a:7f:
                    3e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:24:1B:DA:F9:E8:0A:BB:6C:4B:30:1D:25:F5:F6:2A:D2:0A:67:FB
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:c4:0c:2c:6c:63:98:0c:32:82:23:93:11:85:ba:e9:d0:3f:
         f0:5f:15:84:b9:d8:90:5b:35:bc:17:f0:c1:71:4a:db:83:b7:
         88:82:7f:c9:66:84:00:13:08:93:a6:4c:ca:50:4d:fd:4d:22:
         b3:ac:c6:b6:b5:c7:08:8e:74:05:fd:1a:a7:8f:69:58:80:1d:
         ca:32:a3:72:89:7e:40:91:19:6e:09:ca:0e:c5:60:b9:f2:91:
         37:93:e0:24:1e:4f:7b:b2:12:b3:b5:1a:09:43:fc:48:86:43:
         16:51:9d:46:49:de:a2:d2:a9:bf:d4:b1:8b:56:6b:55:1b:c7:
         52:42:73:80:21:a1:fe:ba:4e:24:c8:05:ae:b3:fc:55:42:8d:
         21:bb:9b:05:48:09:bb:5b:fa:e1:74:d6:0f:fb:40:69:a4:1f:
         48:7e:5c:47:84:a1:d5:e7:b9:9e:c2:a4:9d:b2:b7:a2:25:99:
         4f:c4:02:82:e0:f0:ea:89:75:bc:be:7b:ea:49:13:4c:d3:70:
         62:92:61:e0:48:e0:70:52:c1:5d:84:21:79:3a:dc:1b:0b:ba:
         db:72:a5:3d:b1:52:bc:fe:67:31:63:42:6e:9f:f8:92:53:fa:
         c7:be:e6:a2:d7:d5:45:fb:39:ab:ba:fc:3c:85:d4:10:2e:87:
         05:a1:62:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKey3R0/3Y8PDuZSjA675zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwNjA3MTMwMTE2WhcNMjUwNjA4MTMwMTE2WjAzMTEwLwYDVQQD
Eyg1YjI0MWJkYWY5ZTgwYWJiNmM0YjMwMWQyNWY1ZjYyYWQyMGE2N2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aCqpHnvORJqY+EyjtpdX9QNIZ1k
Z+KSkJzQqE6O1YDf2tA9jgGhXbKbOB60j7Y0cxz6Y9P8AYlU2QsJ2GMMlHKDMoOp
JMBugQWrMfAi2pC88OR9sP+/XlLs5rzaXanNlrWrZzNK+542a1BRXIABtjkhD8j0
efpQOb0kOV0GkhF3HrCdeejw7VL/22lyq9WLqBg+d4Rq7gttD48R9QLhWzbVDbcI
3ENyOe943ReNOw1A6frnsp+xd/b/4+HAull+hairXiYs9/+QcTH94ic5PkB94SGQ
9XmgIRzbXJF2qI3RCjqlXTnJGFjFRb0pUA3vG2QHdXzhRNYWt3+Uan8+VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFskG9r56Aq7bEswHSX19irSCmf7MB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABMQMLGxj
mAwygiOTEYW66dA/8F8VhLnYkFs1vBfwwXFK24O3iIJ/yWaEABMIk6ZMylBN/U0i
s6zGtrXHCI50Bf0ap49pWIAdyjKjcol+QJEZbgnKDsVgufKRN5PgJB5Pe7ISs7Ua
CUP8SIZDFlGdRkneotKpv9Sxi1ZrVRvHUkJzgCGh/rpOJMgFrrP8VUKNIbubBUgJ
u1v64XTWD/tAaaQfSH5cR4Sh1ee5nsKknbK3oiWZT8QCguDw6ol1vL576kkTTNNw
YpJh4EjgcFLBXYQheTrcGwu623KlPbFSvP5nMWNCbp/4klP6x77motfVRfs5q7r8
PIXUEC6HBaFiDA==
-----END CERTIFICATE-----