Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          t6ay1u5vBh6FKqiub42GcEVJCd3NZeMH1QEQD7nfg78=
Subject key identifier:   7A:C5:EB:DE:21:F9:07:FE:3B:8A:E0:DF:3A:27:72:AE:45:6B:45:9D
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019749D5B60F64B110A13ADB7843C134358F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          120E
Signing time:             Sat 07 Jun 2025 10:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:31 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: JtJRKSkBjw3es+m7l5vHAOAgx0auRTv0pKDx6HqBp6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:b6:0f:64:b1:10:a1:3a:db:78:43:c1:34:35:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Jun  7 10:00:31 2025 GMT
            Not After : Jun  8 10:00:31 2025 GMT
        Subject: CN=7ac5ebde21f907fe3b8ae0df3a2772ae456b459d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9b:c9:c7:69:0e:72:86:c3:87:e6:c6:2f:0b:
                    70:f3:21:ab:ea:1b:3e:52:12:88:22:fd:9f:94:89:
                    d0:81:b0:42:85:f8:e7:63:7e:20:41:fb:e2:6b:c9:
                    a8:aa:00:e9:19:bf:08:e2:ef:d5:ce:0a:e1:46:e4:
                    3e:98:59:c3:70:77:4c:31:e0:01:ab:2a:31:76:18:
                    cc:1d:df:f1:35:09:27:11:5b:5a:a1:cb:64:57:e2:
                    4d:61:06:e3:3b:59:1c:ba:75:42:2e:d8:75:e5:13:
                    ef:ee:03:cf:f4:25:a9:20:91:6f:8b:42:a4:3e:97:
                    86:ad:58:aa:fb:65:32:9a:7e:b1:b4:fd:da:72:e9:
                    e6:d4:75:4b:b7:26:83:4e:9d:cf:e8:c5:e7:49:70:
                    23:b9:ad:64:33:30:8d:c3:f0:0b:a6:84:f9:7e:e3:
                    91:fd:6f:8a:ff:15:4f:68:ae:24:39:3b:16:d6:13:
                    12:50:6b:3f:b0:3e:88:86:29:9e:ee:32:fd:fe:7f:
                    f8:fb:d0:5c:94:7d:fa:78:40:e0:07:98:f0:2d:f7:
                    f7:17:db:e1:9f:ee:61:fb:cb:2a:3b:89:3a:a9:36:
                    6b:03:08:ae:30:8e:8e:4d:85:71:f0:77:c9:c0:dd:
                    49:78:f0:2b:f0:6a:98:73:b4:7f:2b:28:63:8c:c7:
                    cb:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C5:EB:DE:21:F9:07:FE:3B:8A:E0:DF:3A:27:72:AE:45:6B:45:9D
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:64:1d:4b:c2:fd:02:f1:2c:e8:a3:c7:3f:3d:1e:bd:cd:d9:
         22:a8:e7:66:14:e7:de:e1:a7:84:c9:01:75:ec:da:80:53:c2:
         18:be:ea:3d:a6:e2:26:18:61:2c:31:38:03:10:b1:ed:cf:a8:
         1b:8d:e5:d7:c4:57:e6:fa:7c:3b:9a:01:70:c1:6d:2c:2c:65:
         fa:a5:85:68:9a:4a:76:57:bc:f6:e6:5a:d9:e8:f7:c6:33:f3:
         d4:84:28:e1:f7:c4:a8:48:d6:d0:24:0b:e1:51:75:04:7c:1f:
         81:08:2b:3c:c5:0e:5e:d4:32:dd:c7:6a:f8:27:2d:68:c7:17:
         60:7c:03:cc:c2:00:78:b8:9b:2d:c4:20:b3:09:f6:49:2f:e5:
         5a:53:b3:0c:4c:77:12:c7:15:1c:fb:0f:26:6d:7b:f1:f3:54:
         47:ea:71:8d:e8:81:03:a9:4a:43:4f:11:d6:ff:54:e0:46:de:
         b7:ba:cc:25:10:18:b0:7e:61:b6:05:0d:f5:ff:34:e2:24:1b:
         ef:3f:60:1a:f6:2a:b4:7b:e4:42:41:17:48:b0:d1:84:d8:ec:
         ab:f0:f9:39:74:2c:27:77:12:8d:67:b1:88:a4:fc:5a:f2:df:
         c5:65:74:f2:40:e1:a5:23:bf:f9:f4:28:d7:0f:7a:ff:74:68:
         c9:8d:1c:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1bYPZLEQoTrbeEPBNDWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjUwNjA3MTAwMDMxWhcNMjUwNjA4MTAwMDMxWjAzMTEwLwYDVQQD
Eyg3YWM1ZWJkZTIxZjkwN2ZlM2I4YWUwZGYzYTI3NzJhZTQ1NmI0NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZvJx2kOcobDh+bGLwtw8yGr6hs+
UhKIIv2flInQgbBChfjnY34gQfvia8moqgDpGb8I4u/VzgrhRuQ+mFnDcHdMMeAB
qyoxdhjMHd/xNQknEVtaoctkV+JNYQbjO1kcunVCLth15RPv7gPP9CWpIJFvi0Kk
PpeGrViq+2Uymn6xtP3acunm1HVLtyaDTp3P6MXnSXAjua1kMzCNw/ALpoT5fuOR
/W+K/xVPaK4kOTsW1hMSUGs/sD6Ihime7jL9/n/4+9BclH36eEDgB5jwLff3F9vh
n+5h+8sqO4k6qTZrAwiuMI6OTYVx8HfJwN1JePAr8GqYc7R/KyhjjMfLqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrF694h+Qf+O4rg3zoncq5Fa0WdMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2QdS8L9
AvEs6KPHPz0evc3ZIqjnZhTn3uGnhMkBdezagFPCGL7qPabiJhhhLDE4AxCx7c+o
G43l18RX5vp8O5oBcMFtLCxl+qWFaJpKdle89uZa2ej3xjPz1IQo4ffEqEjW0CQL
4VF1BHwfgQgrPMUOXtQy3cdq+CctaMcXYHwDzMIAeLibLcQgswn2SS/lWlOzDEx3
EscVHPsPJm178fNUR+pxjeiBA6lKQ08R1v9U4Ebet7rMJRAYsH5htgUN9f804iQb
7z9gGvYqtHvkQkEXSLDRhNjsq/D5OXQsJ3cSjWexiKT8WvLfxWV08kDhpSO/+fQo
1w96/3RoyY0c+w==
-----END CERTIFICATE-----