Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          9sludXoePYl7CBriM/X4EMS/4rVw3WF1XSGRGwPHanQ=
Subject key identifier:   22:4F:6E:03:C3:DB:A7:E7:20:F1:8A:19:E6:0F:DB:B3:AD:5C:E4:EE
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       01974A7A6D26B77AB7CA7CF92136333D2267
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1478
Signing time:             Sat 07 Jun 2025 13:00:26 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:26 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:26 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 4Tqcy/Lg79TKS4eGYk5/4Hxv02ESjWQksTThyLroQFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:6d:26:b7:7a:b7:ca:7c:f9:21:36:33:3d:22:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Jun  7 13:00:26 2025 GMT
            Not After : Jun  8 13:00:26 2025 GMT
        Subject: CN=224f6e03c3dba7e720f18a19e60fdbb3ad5ce4ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:88:ed:eb:cd:b7:d6:f9:fe:88:d4:31:b7:a3:
                    32:ef:b4:9e:db:b8:29:ce:94:ae:1d:69:bd:3a:ea:
                    db:87:8f:08:a0:94:25:2d:89:49:ce:c7:fe:aa:b5:
                    45:d2:9d:1b:c4:9b:3d:5d:43:6b:86:28:ca:c8:8e:
                    af:87:60:f3:1f:13:40:05:f0:3b:eb:50:af:3b:b2:
                    88:ad:1b:1d:fc:fe:53:8a:b5:c0:ba:f4:53:ac:98:
                    02:00:41:5f:3e:0c:c0:fd:24:46:c5:2b:69:5e:36:
                    6a:a9:01:e4:04:0a:e3:39:44:19:2b:91:61:6d:a9:
                    f0:92:fb:98:33:7c:a3:19:25:4b:50:e0:50:8f:be:
                    05:17:6b:4a:9b:25:b9:b1:a2:3d:6c:7f:fb:98:20:
                    0b:79:a5:b2:bc:e4:14:f3:38:47:1f:ac:9e:03:63:
                    9d:02:9d:6e:b9:29:a6:94:66:03:11:a5:8d:d6:18:
                    15:5d:76:b5:b7:50:32:b1:fe:d7:cc:e9:2a:2a:22:
                    5f:bf:03:ba:d1:48:b1:83:e5:19:33:f3:c6:ae:13:
                    a9:e2:ef:15:91:84:99:a1:92:ca:a2:7b:04:fb:e5:
                    9a:10:cc:78:0d:af:5a:67:2b:3f:aa:b0:f5:e8:67:
                    1b:da:b0:e2:a4:2d:23:78:1f:17:3d:78:e4:8f:f4:
                    77:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4F:6E:03:C3:DB:A7:E7:20:F1:8A:19:E6:0F:DB:B3:AD:5C:E4:EE
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:b8:8d:8f:b5:4b:32:67:81:27:3a:a3:a7:c6:93:ba:fc:18:
         44:fa:7f:21:22:5f:b5:f4:2e:ef:59:cc:d4:72:7c:20:6d:ce:
         0d:bf:5f:4d:95:dd:f7:b8:12:ca:8b:13:44:cf:1c:fd:6f:12:
         0d:17:f9:12:2d:f6:7e:c0:e9:a9:ca:8d:7c:33:42:68:d1:af:
         3b:4e:1b:08:58:cc:9f:43:f9:c0:37:df:de:7e:ea:23:65:62:
         f3:71:37:ad:1b:dd:db:c5:1f:48:73:69:b6:cd:68:dc:b2:37:
         d1:e2:c6:ba:e2:73:2b:ca:3b:d6:c4:73:f8:f5:45:8a:5e:02:
         68:43:ea:9f:09:84:f0:27:66:d0:93:3c:93:ef:bf:ef:74:e3:
         4e:f7:34:7c:4a:6b:31:d9:88:9e:65:40:36:d6:7f:30:52:80:
         39:94:26:76:07:cf:3c:96:f2:9a:11:06:a0:30:0e:6c:80:d1:
         73:8e:d4:27:f8:fc:60:b8:50:ff:3e:2c:44:6e:0f:93:da:d4:
         a9:02:10:d6:d6:f0:b0:57:73:8c:a2:dc:96:02:c4:47:c1:64:
         b3:f1:89:3f:03:a0:fe:3f:b4:85:a8:b5:68:77:75:48:62:30:
         a9:92:e9:c2:90:6e:64:1a:cb:a3:8e:cf:fe:3f:23:da:b1:06:
         90:54:09:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKem0mt3q3ynz5ITYzPSJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUwNjA3MTMwMDI2WhcNMjUwNjA4MTMwMDI2WjAzMTEwLwYDVQQD
EygyMjRmNmUwM2MzZGJhN2U3MjBmMThhMTllNjBmZGJiM2FkNWNlNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYjt68231vn+iNQxt6My77Se27gp
zpSuHWm9Ourbh48IoJQlLYlJzsf+qrVF0p0bxJs9XUNrhijKyI6vh2DzHxNABfA7
61CvO7KIrRsd/P5TirXAuvRTrJgCAEFfPgzA/SRGxStpXjZqqQHkBArjOUQZK5Fh
banwkvuYM3yjGSVLUOBQj74FF2tKmyW5saI9bH/7mCALeaWyvOQU8zhHH6yeA2Od
Ap1uuSmmlGYDEaWN1hgVXXa1t1Aysf7XzOkqKiJfvwO60Uixg+UZM/PGrhOp4u8V
kYSZoZLKonsE++WaEMx4Da9aZys/qrD16Gcb2rDipC0jeB8XPXjkj/R3YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJPbgPD26fnIPGKGeYP27OtXOTuMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAILiNj7VL
MmeBJzqjp8aTuvwYRPp/ISJftfQu71nM1HJ8IG3ODb9fTZXd97gSyosTRM8c/W8S
DRf5Ei32fsDpqcqNfDNCaNGvO04bCFjMn0P5wDff3n7qI2Vi83E3rRvd28UfSHNp
ts1o3LI30eLGuuJzK8o71sRz+PVFil4CaEPqnwmE8Cdm0JM8k++/73TjTvc0fEpr
MdmInmVANtZ/MFKAOZQmdgfPPJbymhEGoDAObIDRc47UJ/j8YLhQ/z4sRG4Pk9rU
qQIQ1tbwsFdzjKLclgLER8Fks/GJPwOg/j+0hai1aHd1SGIwqZLpwpBuZBrLo47P
/j8j2rEGkFQJ7w==
-----END CERTIFICATE-----