Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          7V8EnzWTCtlxHGVHa0mnlFo6TMUnmaBX3i2zXzgJqYE=
Subject key identifier:   DA:52:6B:45:80:C1:7B:0C:D3:59:9E:B2:81:35:75:AA:6C:95:29:7A
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       019748FAA942269533799A10D247F39F0476
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          EB
Signing time:             Sat 07 Jun 2025 06:01:16 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:16 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:16 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: A8UF9YWb5oIxlss3hWNuRG6OgUTtGmh4PAWV0xgu9f4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:a9:42:26:95:33:79:9a:10:d2:47:f3:9f:04:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Jun  7 06:01:16 2025 GMT
            Not After : Jun  8 06:01:16 2025 GMT
        Subject: CN=da526b4580c17b0cd3599eb2813575aa6c95297a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4f:ad:1a:5c:1f:0c:33:6c:15:67:08:4c:cb:
                    ac:02:65:9a:fa:fa:d2:d3:5b:ff:ae:75:df:25:0c:
                    a2:4c:62:3d:8a:c0:98:1c:71:75:ac:48:c3:f3:fa:
                    0e:c8:1b:df:27:87:89:68:47:17:7d:f7:0e:97:d6:
                    53:24:2c:c9:8d:49:7f:eb:89:f5:9a:73:f2:eb:39:
                    66:f7:ec:a1:03:de:35:69:b4:52:de:49:71:70:85:
                    2d:4e:26:18:48:35:12:bb:61:19:59:2d:da:4e:ae:
                    a2:4c:90:e3:e2:30:93:b8:f0:b9:46:56:a7:a2:6d:
                    dc:5b:44:09:b7:c9:67:82:db:7e:96:6a:fe:61:09:
                    d2:cb:79:b1:df:58:35:17:8e:9e:cd:5a:53:9a:ab:
                    62:78:85:30:c5:05:ce:9e:fb:d7:bb:59:dd:89:a1:
                    e4:4f:9e:48:43:0e:10:d3:b3:80:bf:4a:a7:28:e6:
                    93:b3:bd:db:81:47:9b:40:fb:71:d9:48:49:ae:ad:
                    a0:33:b9:2a:2b:ca:4c:42:56:21:8e:c7:fc:e1:8b:
                    8e:d6:7b:d5:aa:ec:e6:5a:f3:93:2a:0f:51:be:81:
                    b0:2c:bd:61:e2:da:16:2a:cf:25:d4:ba:e7:5a:23:
                    82:5a:bf:18:d7:3b:b2:3a:d8:9c:ea:2f:67:ea:bf:
                    3e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:52:6B:45:80:C1:7B:0C:D3:59:9E:B2:81:35:75:AA:6C:95:29:7A
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:eb:08:61:5d:4d:24:10:72:3b:b5:e2:ce:cf:e0:63:cb:e2:
         7c:f1:fc:af:85:b4:39:fc:82:61:03:01:63:7e:4e:0c:25:cb:
         3d:73:ba:1a:ec:3a:2e:9b:cd:d4:4b:14:96:07:8f:88:4f:6b:
         cc:ea:b8:85:ba:13:46:57:25:0d:8c:61:28:9f:17:c7:4d:0e:
         d3:42:60:63:1c:b4:5d:65:9b:9e:fd:fa:a6:58:6c:18:45:a2:
         fe:25:1a:b2:1c:bb:d2:50:d6:a4:bd:cf:81:4a:37:48:c2:d4:
         b8:7a:19:75:ac:09:e9:b7:75:f6:c4:ee:15:04:ab:ed:04:f2:
         fd:51:b8:75:7c:2f:ff:eb:a8:be:f4:fe:38:12:88:ea:f5:db:
         71:6e:bd:cc:aa:5b:a1:ca:53:2c:cf:62:b5:17:86:f1:4b:a5:
         01:b3:68:18:78:22:87:d4:8b:27:3e:6a:83:ce:22:34:8f:53:
         58:07:1d:e5:ac:8a:2f:d0:6d:13:6d:6b:ee:c8:f8:b8:96:a7:
         a6:97:63:b3:f5:d2:b1:98:f1:be:eb:56:6b:06:f1:40:2f:29:
         4e:2e:60:d6:18:d4:b5:79:04:7c:fb:61:21:5c:e6:ff:a8:ff:
         f1:02:c7:1a:78:6c:da:5e:ba:bd:56:73:cd:ac:68:26:4b:d6:
         af:d5:6e:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+qlCJpUzeZoQ0kfznwR2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUwNjA3MDYwMTE2WhcNMjUwNjA4MDYwMTE2WjAzMTEwLwYDVQQD
EyhkYTUyNmI0NTgwYzE3YjBjZDM1OTllYjI4MTM1NzVhYTZjOTUyOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0+tGlwfDDNsFWcITMusAmWa+vrS
01v/rnXfJQyiTGI9isCYHHF1rEjD8/oOyBvfJ4eJaEcXffcOl9ZTJCzJjUl/64n1
mnPy6zlm9+yhA941abRS3klxcIUtTiYYSDUSu2EZWS3aTq6iTJDj4jCTuPC5Rlan
om3cW0QJt8lngtt+lmr+YQnSy3mx31g1F46ezVpTmqtieIUwxQXOnvvXu1ndiaHk
T55IQw4Q07OAv0qnKOaTs73bgUebQPtx2UhJrq2gM7kqK8pMQlYhjsf84YuO1nvV
quzmWvOTKg9RvoGwLL1h4toWKs8l1LrnWiOCWr8Y1zuyOtic6i9n6r8+2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpSa0WAwXsM01mesoE1dapslSl6MB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgesIYV1N
JBByO7Xizs/gY8vifPH8r4W0OfyCYQMBY35ODCXLPXO6Guw6LpvN1EsUlgePiE9r
zOq4hboTRlclDYxhKJ8Xx00O00JgYxy0XWWbnv36plhsGEWi/iUashy70lDWpL3P
gUo3SMLUuHoZdawJ6bd19sTuFQSr7QTy/VG4dXwv/+uovvT+OBKI6vXbcW69zKpb
ocpTLM9itReG8UulAbNoGHgih9SLJz5qg84iNI9TWAcd5ayKL9BtE21r7sj4uJan
ppdjs/XSsZjxvutWawbxQC8pTi5g1hjUtXkEfPthIVzm/6j/8QLHGnhs2l66vVZz
zaxoJkvWr9Vu9w==
-----END CERTIFICATE-----