Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          PfjWS7nscVjdgoyuLvRobxH2Zf3JjA9ruT9BO1UUog8=
Subject key identifier:   FB:68:E6:A4:2D:14:17:46:E2:B3:65:27:85:9D:C4:D3:A5:17:49:4D
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019747E753AFED616A65EC783A5046C1FC74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 01:00:31 +0000
Manifest this update:     Sat 07 Jun 2025 01:00:31 +0000
Manifest next update:     Sun 08 Jun 2025 01:00:31 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: bZMqauQUZ4t4RNesTZx4gSSfdiIcRFUT3qN9QFYA5Qc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:e7:53:af:ed:61:6a:65:ec:78:3a:50:46:c1:fc:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Jun  7 01:00:31 2025 GMT
            Not After : Jun  8 01:00:31 2025 GMT
        Subject: CN=fb68e6a42d141746e2b36527859dc4d3a517494d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0d:75:dd:d3:d3:a9:84:1f:ff:05:5b:fb:7d:
                    ea:97:06:cb:be:4f:5f:8e:9a:1d:48:c6:5d:73:fb:
                    76:27:4f:f2:ef:2a:aa:23:fb:fd:e0:7b:21:6b:fa:
                    cf:29:53:84:5d:76:34:17:be:7f:8c:50:5c:6f:15:
                    45:a6:ac:f7:bc:78:a3:9f:bc:63:62:97:1d:47:46:
                    46:1e:0a:33:79:d4:52:28:2c:ea:a6:b6:c1:d6:da:
                    f0:b0:be:32:0a:6b:c8:49:81:66:93:9a:7f:1c:52:
                    67:80:28:72:58:f5:70:96:ad:dd:8b:88:54:36:9d:
                    03:7e:ea:03:ba:09:8e:3e:12:31:fb:ee:51:0d:e7:
                    66:0c:ec:d6:03:4d:1f:fb:0a:58:7d:8d:fe:a2:bc:
                    45:cd:77:a6:51:d9:cc:27:93:da:7b:c8:27:26:8c:
                    02:df:cd:99:5a:94:1b:b2:b6:37:d5:72:bb:bf:f4:
                    d3:05:62:65:cd:9e:bc:42:d8:c7:6e:f8:cb:07:e6:
                    ae:f5:9f:f3:d1:b2:f2:71:19:a6:83:78:63:42:19:
                    f4:4e:b5:52:f8:e7:d0:ab:21:54:96:45:2b:cb:18:
                    cc:fc:1a:ab:53:98:82:d3:1d:17:4b:28:1d:d1:9b:
                    2f:0f:73:fb:c5:62:f0:96:62:f0:cb:fb:bf:4e:77:
                    f1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:68:E6:A4:2D:14:17:46:E2:B3:65:27:85:9D:C4:D3:A5:17:49:4D
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:ff:c5:65:43:29:1d:3d:58:a1:63:47:2b:de:ea:e5:4f:76:
         1c:ef:5e:e6:70:5e:8f:76:c1:dd:59:e9:d2:46:7e:f7:2f:cc:
         5d:6f:dd:0f:2b:42:d0:50:5f:80:82:80:16:78:ef:f0:6c:fa:
         b2:b2:a0:29:95:98:0f:49:23:d4:3e:f5:bc:4e:80:4b:2b:07:
         ef:3c:66:25:63:00:d2:e0:87:a2:52:9f:f1:26:c8:e7:71:12:
         38:ee:8e:da:78:d7:0b:19:94:e5:7a:6f:bf:38:ae:f3:ac:c6:
         17:26:10:3f:5a:93:a0:2a:32:dc:26:6c:2a:53:c1:0d:cf:ff:
         8d:6f:be:2e:1a:9f:06:ec:c1:07:f2:f0:fe:38:04:19:97:f1:
         6b:02:4a:f9:80:e7:11:6e:85:b2:f0:88:ea:65:2a:4a:cc:4d:
         07:2c:07:61:af:7a:66:7e:aa:c1:c7:a8:db:55:03:7e:58:15:
         21:9a:28:a7:06:59:a5:88:9f:7b:0c:50:dd:3f:88:a9:5f:fe:
         26:b5:76:37:dd:be:fb:4b:22:61:66:58:d6:7d:25:a4:cf:9b:
         22:a4:c1:90:8c:8c:7b:5c:92:2d:90:36:94:a5:73:44:b0:8d:
         d6:7e:10:00:8d:a5:ec:cc:a0:a2:a0:25:c5:43:24:54:de:23:
         34:9d:66:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdH51Ov7WFqZex4OlBGwfx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUwNjA3MDEwMDMxWhcNMjUwNjA4MDEwMDMxWjAzMTEwLwYDVQQD
EyhmYjY4ZTZhNDJkMTQxNzQ2ZTJiMzY1Mjc4NTlkYzRkM2E1MTc0OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw113dPTqYQf/wVb+33qlwbLvk9f
jpodSMZdc/t2J0/y7yqqI/v94Hsha/rPKVOEXXY0F75/jFBcbxVFpqz3vHijn7xj
YpcdR0ZGHgozedRSKCzqprbB1trwsL4yCmvISYFmk5p/HFJngChyWPVwlq3di4hU
Np0DfuoDugmOPhIx++5RDedmDOzWA00f+wpYfY3+orxFzXemUdnMJ5Pae8gnJowC
382ZWpQbsrY31XK7v/TTBWJlzZ68QtjHbvjLB+au9Z/z0bLycRmmg3hjQhn0TrVS
+OfQqyFUlkUryxjM/BqrU5iC0x0XSygd0ZsvD3P7xWLwlmLwy/u/TnfxKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPto5qQtFBdG4rNlJ4WdxNOlF0lNMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu//FZUMp
HT1YoWNHK97q5U92HO9e5nBej3bB3Vnp0kZ+9y/MXW/dDytC0FBfgIKAFnjv8Gz6
srKgKZWYD0kj1D71vE6ASysH7zxmJWMA0uCHolKf8SbI53ESOO6O2njXCxmU5Xpv
vziu86zGFyYQP1qToCoy3CZsKlPBDc//jW++LhqfBuzBB/Lw/jgEGZfxawJK+YDn
EW6FsvCI6mUqSsxNBywHYa96Zn6qwceo21UDflgVIZoopwZZpYifewxQ3T+IqV/+
JrV2N92++0siYWZY1n0lpM+bIqTBkIyMe1ySLZA2lKVzRLCN1n4QAI2l7MygoqAl
xUMkVN4jNJ1mWg==
-----END CERTIFICATE-----