Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
File:                     2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json)
Hash identifier:          LRMq0vMTf7nzHYy2MfpGBSL9Ghz1Ak5/qQXx/NVLpFE=
Subject key identifier:   FB:59:C5:3E:4F:D4:F5:47:B0:1F:6B:19:0D:44:50:8F:01:2D:CE:91
Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
Certificate issuer:       /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Certificate serial:       01974B8D96B947CEDAB878EF3C1831E93994
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
Manifest number:          1A
Signing time:             Sat 07 Jun 2025 18:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 18:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 18:00:59 +0000
Files and hashes:         1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: 0o4w8F+IbEA5Dn1zH9ckqAoXeRWMH0za40wOM18By0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:96:b9:47:ce:da:b8:78:ef:3c:18:31:e9:39:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
        Validity
            Not Before: Jun  7 18:00:59 2025 GMT
            Not After : Jun  8 18:00:59 2025 GMT
        Subject: CN=fb59c53e4fd4f547b01f6b190d44508f012dce91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:32:71:ed:c6:d3:f2:0d:12:63:66:97:e8:12:
                    40:62:84:24:ef:c1:93:70:38:5b:7b:a9:13:86:cd:
                    30:a4:07:a8:51:60:ca:6b:ec:ff:e8:5d:ee:69:9b:
                    4a:69:35:b2:0b:1e:d2:cc:2f:76:29:41:83:b5:55:
                    e4:a5:0b:b6:06:2e:b7:b2:8d:bd:58:26:3e:0f:38:
                    42:2c:ee:52:39:46:7d:b6:ae:5e:96:ae:e9:30:f3:
                    50:70:3c:3d:f1:db:7f:71:78:08:e1:fa:f3:8e:13:
                    35:0c:3d:b6:67:8c:1a:f9:d6:5b:cf:32:21:49:24:
                    0f:5f:2c:83:b9:12:0e:0d:ed:63:df:71:4f:b4:52:
                    61:34:ae:b8:04:34:b1:92:70:95:ea:dc:92:1f:95:
                    a3:c6:ea:cf:06:96:23:09:0f:61:c6:ec:fc:dd:ea:
                    7c:26:27:bf:d9:48:98:0b:b2:62:27:93:b5:64:c4:
                    c8:53:15:80:48:cf:d1:f4:f4:f4:bc:f7:b4:15:43:
                    79:c9:c9:2d:a2:c0:1a:7f:fe:57:26:22:6a:e6:15:
                    be:67:43:8b:47:fa:98:0e:b6:93:e0:21:12:24:1f:
                    27:da:50:f2:44:35:01:8c:cb:b7:5c:99:7b:a1:b9:
                    d2:3c:cd:65:96:78:eb:5a:96:75:e4:45:db:58:1e:
                    c0:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:59:C5:3E:4F:D4:F5:47:B0:1F:6B:19:0D:44:50:8F:01:2D:CE:91
            X509v3 Authority Key Identifier:
                keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:3c:a2:5c:12:4e:5c:1b:9f:81:37:9c:c0:ca:f1:30:70:83:
         8f:24:54:b0:5e:7d:dd:16:b4:af:d7:70:20:58:5e:3e:20:38:
         ef:dc:f3:62:8b:55:cd:f6:9d:72:d2:40:e7:7b:7e:ec:8a:82:
         53:f0:c5:22:1f:f1:a3:ce:46:e2:5b:28:92:8e:2d:94:87:f9:
         84:cd:81:6c:fa:83:1f:cd:33:4c:8f:cf:d4:9b:91:2e:4a:0e:
         c2:d9:f9:ca:c8:79:15:61:b1:4f:be:f4:f9:c6:29:4b:4e:a1:
         c4:93:14:e0:90:1c:b7:cc:9b:23:b5:63:28:24:2b:36:a5:29:
         d9:28:32:1f:b2:d5:a5:1b:d7:b9:5b:3f:d0:6c:b7:0b:d9:fd:
         69:6f:44:7b:09:80:74:8f:7b:d5:06:8a:1f:cc:0c:39:73:d3:
         f0:6c:47:35:ed:82:ee:10:c1:8c:19:f6:87:a1:0a:64:45:c8:
         8d:3d:a5:13:39:06:96:be:90:b4:6a:1a:bf:02:72:74:6a:38:
         7b:02:40:af:3d:b4:18:ce:79:51:78:bd:ed:0c:af:c6:af:37:
         4a:4e:13:c0:26:22:7c:23:9f:55:6c:33:fa:cd:ab:b8:a3:58:
         da:41:ae:c8:32:68:f8:78:5b:06:08:d1:d2:4d:02:54:35:e0:
         43:61:02:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjZa5R87auHjvPBgx6TmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw
MWJiNTEwHhcNMjUwNjA3MTgwMDU5WhcNMjUwNjA4MTgwMDU5WjAzMTEwLwYDVQQD
EyhmYjU5YzUzZTRmZDRmNTQ3YjAxZjZiMTkwZDQ0NTA4ZjAxMmRjZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zJx7cbT8g0SY2aX6BJAYoQk78GT
cDhbe6kThs0wpAeoUWDKa+z/6F3uaZtKaTWyCx7SzC92KUGDtVXkpQu2Bi63so29
WCY+DzhCLO5SOUZ9tq5elq7pMPNQcDw98dt/cXgI4frzjhM1DD22Z4wa+dZbzzIh
SSQPXyyDuRIODe1j33FPtFJhNK64BDSxknCV6tySH5WjxurPBpYjCQ9hxuz83ep8
Jie/2UiYC7JiJ5O1ZMTIUxWASM/R9PT0vPe0FUN5ycktosAaf/5XJiJq5hW+Z0OL
R/qYDraT4CESJB8n2lDyRDUBjMu3XJl7obnSPM1llnjrWpZ15EXbWB7ALwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtZxT5P1PVHsB9rGQ1EUI8BLc6RMB8GA1UdIwQY
MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct
NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5
LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwzyiXBJO
XBufgTecwMrxMHCDjyRUsF593Ra0r9dwIFhePiA479zzYotVzfadctJA53t+7IqC
U/DFIh/xo85G4lsoko4tlIf5hM2BbPqDH80zTI/P1JuRLkoOwtn5ysh5FWGxT770
+cYpS06hxJMU4JAct8ybI7VjKCQrNqUp2SgyH7LVpRvXuVs/0Gy3C9n9aW9EewmA
dI971QaKH8wMOXPT8GxHNe2C7hDBjBn2h6EKZEXIjT2lEzkGlr6QtGoavwJydGo4
ewJArz20GM55UXi97Qyvxq83Sk4TwCYifCOfVWwz+s2ruKNY2kGuyDJo+HhbBgjR
0k0CVDXgQ2ECAQ==
-----END CERTIFICATE-----