Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          Yi4o5JGVWTyH4O79Xtrk7CRy7BUnwJ5or6wXo4Cxwto=
Subject key identifier:   B8:D4:AB:5D:C8:B2:8E:36:A9:AB:91:25:A7:43:D3:ED:ED:BD:2F:93
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       01974E57B93C4D6F2B6472D07FD95A4EDD33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          0603
Signing time:             Sun 08 Jun 2025 07:01:01 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:01 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:01 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: YB9EEqBrruLSIlK2SSuv/+N/kYamQS5XDfFEVdos/cQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:b9:3c:4d:6f:2b:64:72:d0:7f:d9:5a:4e:dd:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Jun  8 07:01:01 2025 GMT
            Not After : Jun  9 07:01:01 2025 GMT
        Subject: CN=b8d4ab5dc8b28e36a9ab9125a743d3ededbd2f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:80:9c:aa:1d:47:59:ad:00:0b:1e:c7:8b:5f:
                    31:5d:24:b4:df:b0:29:8b:30:46:e7:4f:e8:5a:4d:
                    d1:ed:c5:70:54:a1:c1:6a:47:96:06:e1:0f:6a:a1:
                    1b:fa:71:81:fb:76:dc:63:8f:fd:34:de:5d:d5:f8:
                    ac:51:84:cb:1a:91:66:7e:1a:a0:9b:a5:4c:49:f6:
                    b7:ff:8a:2f:39:de:6a:4e:c9:14:56:5b:1d:c9:c2:
                    78:e6:fb:9c:59:95:30:eb:c3:dc:13:a6:09:6a:52:
                    5f:1b:59:b0:e4:96:13:f0:f3:ea:af:07:14:82:87:
                    98:32:73:6f:7f:f2:bf:c9:f1:5e:cc:11:be:81:e9:
                    c0:90:26:75:4a:77:1b:7b:28:48:e7:26:94:f6:72:
                    01:b3:f1:b8:15:8e:47:65:f5:fb:f6:f2:e2:78:85:
                    42:1c:7f:40:9b:2c:31:37:09:0d:73:e7:f5:6b:06:
                    48:6a:3f:9b:45:69:96:3d:ab:f3:f8:f1:9b:f1:4c:
                    0f:75:60:26:e4:a0:f7:e6:cc:7c:85:96:f7:ad:ae:
                    43:5f:8e:71:63:d4:79:80:3b:76:90:80:de:3d:24:
                    75:2f:30:82:6e:19:64:e7:42:f9:00:10:d3:18:65:
                    15:e5:2b:ed:7f:0e:18:ba:4f:54:94:98:f4:49:38:
                    c3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:D4:AB:5D:C8:B2:8E:36:A9:AB:91:25:A7:43:D3:ED:ED:BD:2F:93
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:a7:63:d8:ed:ef:e6:d8:99:fd:46:32:3d:58:93:15:2f:72:
         ca:76:0b:fd:91:07:6b:a6:c5:f9:92:79:56:10:08:e6:25:19:
         24:b2:6c:73:69:96:46:33:4e:fe:fa:8b:3b:37:78:ba:d4:a4:
         d5:8b:82:56:6d:8d:89:bf:7a:29:a9:73:fd:22:a2:06:ad:43:
         24:4e:9d:e2:1d:f8:53:3b:fa:5b:04:06:65:c8:8f:5e:86:33:
         b3:62:76:27:5b:f0:48:aa:70:e5:ee:da:50:e7:57:81:23:a6:
         c8:d4:22:68:81:6a:c5:b4:a2:c1:36:26:89:42:b9:67:c8:f5:
         c3:29:06:a2:2f:2f:37:68:cb:59:fb:a4:c1:d3:3e:36:8c:8b:
         db:3a:b9:bb:ab:93:bf:34:2b:e9:06:e0:ab:cc:98:bc:b8:7d:
         d7:2c:d5:a2:df:28:55:8f:59:f3:20:83:ec:7f:c7:03:b2:28:
         5e:02:cc:3d:16:48:b6:79:5a:b1:e4:e9:c2:91:94:31:44:2e:
         55:7c:3d:a6:5d:e8:07:e6:e1:75:99:59:72:9b:d2:5f:ea:03:
         c3:38:fc:b9:2e:d7:e8:85:19:d9:27:b8:87:69:fa:1e:59:30:
         97:c9:11:7f:48:ac:f1:a5:5b:2c:67:8f:c3:0f:fd:9b:08:a6:
         04:be:87:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV7k8TW8rZHLQf9laTt0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUwNjA4MDcwMTAxWhcNMjUwNjA5MDcwMTAxWjAzMTEwLwYDVQQD
EyhiOGQ0YWI1ZGM4YjI4ZTM2YTlhYjkxMjVhNzQzZDNlZGVkYmQyZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oCcqh1HWa0ACx7Hi18xXSS037Ap
izBG50/oWk3R7cVwVKHBakeWBuEPaqEb+nGB+3bcY4/9NN5d1fisUYTLGpFmfhqg
m6VMSfa3/4ovOd5qTskUVlsdycJ45vucWZUw68PcE6YJalJfG1mw5JYT8PPqrwcU
goeYMnNvf/K/yfFezBG+genAkCZ1SncbeyhI5yaU9nIBs/G4FY5HZfX79vLieIVC
HH9AmywxNwkNc+f1awZIaj+bRWmWPavz+PGb8UwPdWAm5KD35sx8hZb3ra5DX45x
Y9R5gDt2kIDePSR1LzCCbhlk50L5ABDTGGUV5Svtfw4Yuk9UlJj0STjDuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjUq13Iso42qauRJadD0+3tvS+TMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAadj2O3v
5tiZ/UYyPViTFS9yynYL/ZEHa6bF+ZJ5VhAI5iUZJLJsc2mWRjNO/vqLOzd4utSk
1YuCVm2Nib96Kalz/SKiBq1DJE6d4h34Uzv6WwQGZciPXoYzs2J2J1vwSKpw5e7a
UOdXgSOmyNQiaIFqxbSiwTYmiUK5Z8j1wykGoi8vN2jLWfukwdM+NoyL2zq5u6uT
vzQr6Qbgq8yYvLh91yzVot8oVY9Z8yCD7H/HA7IoXgLMPRZItnlaseTpwpGUMUQu
VXw9pl3oB+bhdZlZcpvSX+oDwzj8uS7X6IUZ2Se4h2n6Hlkwl8kRf0is8aVbLGeP
ww/9mwimBL6HLw==
-----END CERTIFICATE-----