Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          dftQ9JnBUEe0xgYLm01ykPmhoQhq3+1Y6ma54Nz+xuY=
Subject key identifier:   48:C3:08:D4:6B:CB:FF:F3:7E:2C:CB:C8:06:3E:C0:79:47:74:26:72
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       01974B56BAC4AD458E353364FB0C81A59F6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0387
Signing time:             Sat 07 Jun 2025 17:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 17:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 17:01:04 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: cpP7xPNrAlO/AjIPU//cvA69kknMpXbnaQC7qfhqvDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:ba:c4:ad:45:8e:35:33:64:fb:0c:81:a5:9f:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Jun  7 17:01:04 2025 GMT
            Not After : Jun  8 17:01:04 2025 GMT
        Subject: CN=48c308d46bcbfff37e2ccbc8063ec07947742672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:14:50:0e:fa:d3:f4:20:c2:e8:ba:bf:c3:28:
                    7a:5e:31:13:73:c6:e6:4a:ae:6d:50:68:e7:3e:cf:
                    0e:c2:78:64:a1:c8:9a:27:11:73:56:35:42:75:a8:
                    ad:32:97:87:ff:32:b1:d6:67:dd:31:21:d4:20:6f:
                    29:cc:0b:b9:99:70:58:b4:34:53:fe:31:33:ee:ce:
                    b4:4a:4c:5a:4a:50:5d:83:88:75:ba:8a:a2:68:0e:
                    f4:52:3a:9e:d3:5a:de:c7:82:d6:6e:b3:1a:a5:45:
                    d3:aa:29:e4:ad:3a:54:af:1b:28:e5:bc:08:21:3d:
                    96:69:36:ff:b9:1b:99:61:a0:00:fc:6b:bc:fc:8e:
                    75:17:2f:93:50:be:6d:af:15:f6:fc:0a:54:84:3f:
                    eb:76:e7:ff:81:88:14:52:2e:b2:68:d4:e9:c1:ce:
                    bf:55:5f:ba:ec:2c:d1:2d:24:1d:d5:c4:4e:a8:20:
                    7b:52:8d:2d:de:09:23:ba:35:27:de:54:56:e8:e3:
                    ff:ff:53:6e:27:1c:81:f3:cf:71:a1:b2:72:16:bd:
                    7b:ea:f6:c4:f9:af:32:a9:32:0d:a7:cf:3d:94:1f:
                    53:33:a8:4b:0b:9d:dd:c9:7f:84:22:3f:ca:8d:c2:
                    ae:81:ab:a2:e0:e8:bb:d3:8f:8d:bd:55:fa:51:13:
                    48:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C3:08:D4:6B:CB:FF:F3:7E:2C:CB:C8:06:3E:C0:79:47:74:26:72
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:1a:7e:c7:e3:86:0f:96:b6:e3:58:79:52:b0:94:db:8f:d3:
         bd:3b:c0:43:b6:3e:77:67:66:69:0c:f3:60:cc:0f:5e:41:34:
         ac:c3:9d:41:f3:c6:c0:10:6b:0b:bf:4a:a1:1e:46:37:3a:90:
         a6:84:05:e4:59:7a:89:55:6c:8f:e9:c9:c5:6a:9f:2b:87:94:
         15:48:3e:ab:4c:8f:c4:a2:f6:67:8b:aa:ea:06:17:95:dc:4f:
         75:e0:e3:29:b7:8f:40:7b:0c:5f:1e:74:99:1d:72:81:68:28:
         13:74:1b:79:e7:b0:a2:26:c7:c3:7b:2a:ba:b9:53:06:ab:a0:
         65:7f:f2:96:c8:e8:51:1b:f0:c6:16:ef:ee:1b:7a:0b:fa:30:
         cf:2e:c4:a0:84:f8:bf:8d:1e:78:a1:b0:71:2a:b6:ce:ce:5e:
         3b:cc:76:09:69:59:b3:13:bc:9c:6b:b1:c3:3f:72:ec:27:6e:
         fd:c4:fb:1a:00:37:48:0f:ab:47:9f:d0:9e:f0:20:ce:2c:2d:
         d2:90:1d:93:aa:68:b5:b6:0a:7d:22:76:73:a1:9d:a7:05:a0:
         4f:85:6a:d2:4d:9b:fa:fa:b6:93:77:1a:c2:55:b9:24:ee:e0:
         33:bf:c0:ef:4b:3d:16:0f:d4:98:d6:e2:c7:63:e3:09:e6:b2:
         b2:4d:cf:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVrrErUWONTNk+wyBpZ9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwNjA3MTcwMTA0WhcNMjUwNjA4MTcwMTA0WjAzMTEwLwYDVQQD
Eyg0OGMzMDhkNDZiY2JmZmYzN2UyY2NiYzgwNjNlYzA3OTQ3NzQyNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxRQDvrT9CDC6Lq/wyh6XjETc8bm
Sq5tUGjnPs8OwnhkociaJxFzVjVCdaitMpeH/zKx1mfdMSHUIG8pzAu5mXBYtDRT
/jEz7s60SkxaSlBdg4h1uoqiaA70Ujqe01rex4LWbrMapUXTqinkrTpUrxso5bwI
IT2WaTb/uRuZYaAA/Gu8/I51Fy+TUL5trxX2/ApUhD/rduf/gYgUUi6yaNTpwc6/
VV+67CzRLSQd1cROqCB7Uo0t3gkjujUn3lRW6OP//1NuJxyB889xobJyFr176vbE
+a8yqTINp889lB9TM6hLC53dyX+EIj/KjcKugaui4Oi704+NvVX6URNIXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjDCNRry//zfizLyAY+wHlHdCZyMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKxp+x+OG
D5a241h5UrCU24/TvTvAQ7Y+d2dmaQzzYMwPXkE0rMOdQfPGwBBrC79KoR5GNzqQ
poQF5Fl6iVVsj+nJxWqfK4eUFUg+q0yPxKL2Z4uq6gYXldxPdeDjKbePQHsMXx50
mR1ygWgoE3QbeeewoibHw3squrlTBqugZX/ylsjoURvwxhbv7ht6C/owzy7EoIT4
v40eeKGwcSq2zs5eO8x2CWlZsxO8nGuxwz9y7Cdu/cT7GgA3SA+rR5/QnvAgziwt
0pAdk6potbYKfSJ2c6GdpwWgT4Vq0k2b+vq2k3cawlW5JO7gM7/A70s9Fg/UmNbi
x2PjCeaysk3PvQ==
-----END CERTIFICATE-----