Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          M8LCisKJqN+o7D8JHU6qLwOLmEYxWLNifrkGJ6wU21I=
Subject key identifier:   61:98:DE:FA:00:7C:CC:EC:B5:5A:EE:F1:3F:50:5D:69:74:7D:AC:BE
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       01976282C92E9D5B99BCB5733D6B25A3B842
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          0D53
Signing time:             Thu 12 Jun 2025 05:00:27 +0000
Manifest this update:     Thu 12 Jun 2025 05:00:27 +0000
Manifest next update:     Fri 13 Jun 2025 05:00:27 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: CS+8CKypSzct4OzVlRoulf6MAGkR2g5vid5OAcdW0u4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:82:c9:2e:9d:5b:99:bc:b5:73:3d:6b:25:a3:b8:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Jun 12 05:00:27 2025 GMT
            Not After : Jun 13 05:00:27 2025 GMT
        Subject: CN=6198defa007cccecb55aeef13f505d69747dacbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:70:82:1e:a1:19:6c:20:b5:1f:a2:4b:16:c1:
                    f7:ba:91:c5:95:fd:ce:97:c1:da:be:43:69:93:fc:
                    df:3b:3d:d0:6d:ec:2b:5b:71:59:21:ca:be:f3:6b:
                    ef:ae:af:68:86:18:56:e7:2b:e4:10:13:43:65:ce:
                    53:02:cd:30:0c:ff:85:26:c4:eb:c6:98:fa:6b:2f:
                    00:e7:72:d2:02:82:02:28:c4:cb:de:aa:35:ab:85:
                    30:f3:f2:00:eb:1a:92:a8:da:6a:73:b4:03:09:a8:
                    b7:3b:82:b1:72:bb:d1:af:08:8c:d5:81:aa:da:2e:
                    27:58:89:c4:e0:4d:1f:b3:fc:cf:f5:8a:1e:41:98:
                    d7:1b:49:14:83:98:ab:64:47:95:8d:f6:e8:80:4b:
                    79:ac:a3:e7:22:3d:35:4c:d7:37:ff:53:d2:86:30:
                    9e:a1:ff:be:da:6a:bb:99:f7:d6:91:a7:9b:d3:dc:
                    8f:23:9e:4e:52:17:0b:99:a3:53:f4:2a:81:b4:ca:
                    b9:7a:81:17:d3:28:01:1d:53:17:bd:4e:c2:3a:44:
                    58:6f:52:86:23:68:ae:54:09:5f:86:60:16:4c:cc:
                    9f:41:14:da:e3:61:16:06:c9:5d:78:dc:fe:c5:15:
                    0a:02:7e:18:6b:f6:e8:03:0b:fd:83:b0:ea:44:39:
                    78:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:98:DE:FA:00:7C:CC:EC:B5:5A:EE:F1:3F:50:5D:69:74:7D:AC:BE
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:f3:bc:a0:0d:a6:87:a0:7a:b0:5b:48:10:33:1c:0b:e2:fb:
         2d:d6:c4:bf:e4:a7:23:9a:56:00:2b:70:a7:a1:e6:19:93:fa:
         8d:df:4a:1a:2d:03:c2:8a:1d:c9:dd:52:0e:56:b4:87:91:94:
         84:b4:c4:d9:ee:48:e1:38:80:82:8d:27:fd:eb:ee:6c:42:d0:
         30:0f:b2:67:7f:9a:18:2c:2c:18:02:f1:65:ab:90:83:e6:21:
         b4:22:fb:1d:f8:4f:12:66:85:8d:90:a3:94:f0:6c:d8:86:ba:
         81:1c:e9:85:18:2a:5c:cf:06:bd:e0:c0:78:45:e8:fe:ec:8b:
         40:c3:98:79:8b:34:ef:b8:0b:8a:8c:36:04:16:64:7a:d9:5d:
         1c:70:cc:2b:d2:ba:38:e1:16:7b:b1:e2:2c:55:7a:60:7e:03:
         5a:7c:a9:04:de:48:af:f6:07:29:b2:2f:7d:aa:5a:ce:90:92:
         55:f5:67:e1:fd:52:a2:7c:bc:5f:b9:fa:94:68:70:f1:12:72:
         fb:2e:5f:fd:6e:cd:7e:5e:61:39:58:d4:12:37:3f:9d:06:2e:
         4a:1f:2c:35:4f:a8:39:6b:25:17:cb:51:dd:ed:5a:82:c7:91:
         1a:2b:41:c0:69:ae:bb:9c:e2:f3:07:0f:91:98:43:c3:04:48:
         39:8c:04:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigskunVuZvLVzPWslo7hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjUwNjEyMDUwMDI3WhcNMjUwNjEzMDUwMDI3WjAzMTEwLwYDVQQD
Eyg2MTk4ZGVmYTAwN2NjY2VjYjU1YWVlZjEzZjUwNWQ2OTc0N2RhY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHCCHqEZbCC1H6JLFsH3upHFlf3O
l8HavkNpk/zfOz3QbewrW3FZIcq+82vvrq9ohhhW5yvkEBNDZc5TAs0wDP+FJsTr
xpj6ay8A53LSAoICKMTL3qo1q4Uw8/IA6xqSqNpqc7QDCai3O4KxcrvRrwiM1YGq
2i4nWInE4E0fs/zP9YoeQZjXG0kUg5irZEeVjfbogEt5rKPnIj01TNc3/1PShjCe
of++2mq7mffWkaeb09yPI55OUhcLmaNT9CqBtMq5eoEX0ygBHVMXvU7COkRYb1KG
I2iuVAlfhmAWTMyfQRTa42EWBsldeNz+xRUKAn4Ya/boAwv9g7DqRDl4kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGY3voAfMzstVru8T9QXWl0fay+MB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoPO8oA2m
h6B6sFtIEDMcC+L7LdbEv+SnI5pWACtwp6HmGZP6jd9KGi0Dwoodyd1SDla0h5GU
hLTE2e5I4TiAgo0n/evubELQMA+yZ3+aGCwsGALxZauQg+YhtCL7HfhPEmaFjZCj
lPBs2Ia6gRzphRgqXM8GveDAeEXo/uyLQMOYeYs077gLiow2BBZketldHHDMK9K6
OOEWe7HiLFV6YH4DWnypBN5Ir/YHKbIvfapazpCSVfVn4f1Sony8X7n6lGhw8RJy
+y5f/W7Nfl5hOVjUEjc/nQYuSh8sNU+oOWslF8tR3e1agseRGitBwGmuu5zi8wcP
kZhDwwRIOYwEHg==
-----END CERTIFICATE-----