Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          NF7HQa1zB6zXcvFjh29Or/McEPMUYs4Mx6KYnFpUwMQ=
Subject key identifier:   CB:09:4F:BE:AA:CF:47:82:63:C8:CC:C8:F9:26:FE:29:15:67:17:5D
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       01976A3C51E53990C811010A090B812BF050
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          0D57
Signing time:             Fri 13 Jun 2025 17:00:27 +0000
Manifest this update:     Fri 13 Jun 2025 17:00:27 +0000
Manifest next update:     Sat 14 Jun 2025 17:00:27 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: S1nb6fIwYnnNLXxx+7Q7PGq57SbCaN9zx9XUV+ayFgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:3c:51:e5:39:90:c8:11:01:0a:09:0b:81:2b:f0:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Jun 13 17:00:27 2025 GMT
            Not After : Jun 14 17:00:27 2025 GMT
        Subject: CN=cb094fbeaacf478263c8ccc8f926fe291567175d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f1:c4:e3:b6:31:a3:ed:19:6f:5e:eb:1d:8e:
                    ff:58:fd:89:38:5c:3c:62:83:f5:d0:5d:40:2b:34:
                    b9:8e:7c:a7:b1:91:89:f6:a8:0c:8b:05:c5:20:ea:
                    c4:e6:e5:70:2b:ee:ae:b7:f9:04:a1:6d:ad:bf:37:
                    6c:33:9e:e5:2d:a3:77:ed:7d:60:08:6a:58:86:61:
                    28:92:50:52:87:78:40:9d:89:a2:6e:e0:02:81:9d:
                    fc:b1:24:06:30:63:bc:74:9e:2e:e4:80:a6:79:9c:
                    64:82:49:9d:a8:fe:43:16:3b:83:2e:f7:75:6e:0f:
                    51:9b:cb:be:70:fa:90:69:2c:6b:16:11:67:ac:f8:
                    fe:c7:d4:25:e4:08:b8:56:9a:e4:53:0b:82:e1:fb:
                    7c:f0:f2:36:de:ca:03:3d:67:a2:45:0b:1b:4a:45:
                    01:7b:47:fc:e8:34:e3:9f:38:e1:3a:ab:a2:4e:c7:
                    d6:ac:40:68:95:61:df:1f:26:ef:9a:58:28:fa:16:
                    3f:b1:e8:30:33:ae:1c:bf:c5:a5:a1:65:2d:da:bd:
                    3d:41:37:07:9a:74:eb:5d:aa:4c:3b:e6:37:1b:16:
                    d8:74:dd:94:84:4e:d6:f1:3a:1f:bd:1e:fa:17:57:
                    01:62:94:49:b5:e5:09:ed:5c:7a:2a:2c:ea:4e:6b:
                    ea:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:09:4F:BE:AA:CF:47:82:63:C8:CC:C8:F9:26:FE:29:15:67:17:5D
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:a4:57:ee:ba:24:b1:a3:61:ed:25:06:56:62:1c:95:0e:fc:
         e1:98:ff:f0:52:84:37:c6:e8:5b:d6:eb:a2:2c:1b:78:62:cd:
         e9:d5:9d:eb:e2:11:4a:b3:64:f3:7c:b7:1c:7c:fc:64:8a:89:
         73:15:fa:d6:49:36:2e:29:aa:44:de:92:83:ec:51:e9:a9:54:
         7c:5e:f0:6a:70:dc:c8:f5:e9:eb:65:ad:52:fe:ca:48:1d:0d:
         82:8d:47:e3:7a:f4:b4:72:1a:f1:16:b7:bc:63:1d:9b:64:0d:
         f7:2b:94:73:09:33:df:63:6e:e7:c4:22:76:da:19:08:92:5a:
         86:ca:6f:b6:50:63:f7:09:42:9d:77:6b:c5:76:a5:69:b7:79:
         b6:29:3d:61:e5:61:cc:82:16:5c:19:6b:59:a3:df:60:6f:f1:
         53:42:05:4a:12:22:70:b2:57:0d:25:a0:93:3c:63:ce:bc:1a:
         32:4f:d2:f2:39:7a:d7:d5:c1:03:6a:96:79:ab:39:5b:25:b4:
         b9:fc:16:2a:37:84:e0:95:13:3a:3b:0e:76:f0:77:b1:35:a0:
         6e:f9:e4:1f:02:c0:96:f3:ba:7e:a5:40:2e:9d:84:0d:9a:03:
         c9:de:9d:a0:3d:0a:38:57:b7:01:07:21:27:dd:73:22:fd:ab:
         b2:26:79:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqPFHlOZDIEQEKCQuBK/BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjUwNjEzMTcwMDI3WhcNMjUwNjE0MTcwMDI3WjAzMTEwLwYDVQQD
EyhjYjA5NGZiZWFhY2Y0NzgyNjNjOGNjYzhmOTI2ZmUyOTE1NjcxNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovHE47Yxo+0Zb17rHY7/WP2JOFw8
YoP10F1AKzS5jnynsZGJ9qgMiwXFIOrE5uVwK+6ut/kEoW2tvzdsM57lLaN37X1g
CGpYhmEoklBSh3hAnYmibuACgZ38sSQGMGO8dJ4u5ICmeZxkgkmdqP5DFjuDLvd1
bg9Rm8u+cPqQaSxrFhFnrPj+x9Ql5Ai4VprkUwuC4ft88PI23soDPWeiRQsbSkUB
e0f86DTjnzjhOquiTsfWrEBolWHfHybvmlgo+hY/segwM64cv8WloWUt2r09QTcH
mnTrXapMO+Y3GxbYdN2UhE7W8TofvR76F1cBYpRJteUJ7Vx6KizqTmvqOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsJT76qz0eCY8jMyPkm/ikVZxddMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKRX7rok
saNh7SUGVmIclQ784Zj/8FKEN8boW9broiwbeGLN6dWd6+IRSrNk83y3HHz8ZIqJ
cxX61kk2LimqRN6Sg+xR6alUfF7wanDcyPXp62WtUv7KSB0Ngo1H43r0tHIa8Ra3
vGMdm2QN9yuUcwkz32Nu58QidtoZCJJahspvtlBj9wlCnXdrxXalabd5tik9YeVh
zIIWXBlrWaPfYG/xU0IFShIicLJXDSWgkzxjzrwaMk/S8jl619XBA2qWeas5WyW0
ufwWKjeE4JUTOjsOdvB3sTWgbvnkHwLAlvO6fqVALp2EDZoDyd6doD0KOFe3AQch
J91zIv2rsiZ57Q==
-----END CERTIFICATE-----