Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          JA3KQggAdE1d9nY01Kd+My76DkAEyQDCVsdrK3ZzzVs=
Subject key identifier:   5D:D8:9B:33:45:DE:72:40:42:80:00:BB:DC:A5:BE:1D:82:C9:6F:3E
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       01975AC9DD925CC69FEDE11AF75C62191716
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          0D4F
Signing time:             Tue 10 Jun 2025 17:01:08 +0000
Manifest this update:     Tue 10 Jun 2025 17:01:08 +0000
Manifest next update:     Wed 11 Jun 2025 17:01:08 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: MTflcJkDGgjWEzu47+RDBe7fMzKU/IBcJZy4pqqG20k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:c9:dd:92:5c:c6:9f:ed:e1:1a:f7:5c:62:19:17:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Jun 10 17:01:08 2025 GMT
            Not After : Jun 11 17:01:08 2025 GMT
        Subject: CN=5dd89b3345de7240428000bbdca5be1d82c96f3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:db:d4:7e:6a:97:66:ef:65:ec:0f:43:52:7e:
                    98:b2:89:16:76:e6:d6:93:e9:ab:7a:e8:cd:8e:0b:
                    8e:5f:a5:7e:2a:1b:65:71:0e:4d:91:1a:a7:6a:e3:
                    19:f1:a0:39:ca:fb:4e:5b:02:3b:fe:92:ba:ce:7a:
                    41:78:62:93:25:e5:41:9f:de:92:5d:39:9e:f8:b4:
                    c0:ca:42:ac:c3:14:f4:16:0b:cd:f6:4f:69:f9:ff:
                    29:3e:06:74:e0:f1:37:b1:98:0e:26:42:80:62:15:
                    a2:bd:69:80:f2:b9:4b:02:78:57:52:67:e1:8a:3f:
                    e8:65:5c:38:af:ad:03:9d:fd:d6:54:5a:7c:c2:4c:
                    bf:77:1c:e8:a0:58:6a:dd:8b:e1:02:1e:db:57:9a:
                    bb:64:0d:65:eb:06:53:64:c1:38:6e:35:0e:78:1d:
                    a8:06:32:d3:9c:b6:e6:85:e0:55:32:ff:c0:33:c9:
                    bc:e3:5b:65:0b:4f:2a:47:6c:e8:f0:79:ae:69:3a:
                    48:81:59:74:40:48:ff:1d:65:ab:16:e5:ec:6d:ba:
                    c4:ce:36:5b:dc:67:df:52:11:8f:5d:fd:c7:10:16:
                    c9:98:f4:3b:c7:f0:16:3e:da:59:3c:8f:1f:5c:09:
                    f6:a8:09:57:35:22:15:a0:de:be:00:ce:09:ae:3e:
                    63:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D8:9B:33:45:DE:72:40:42:80:00:BB:DC:A5:BE:1D:82:C9:6F:3E
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ba:9e:4c:8e:70:a3:f2:fc:0e:da:6f:31:61:05:d8:4d:12:
         ef:0a:69:f9:cc:54:52:a4:69:7e:0c:35:f7:91:6b:fb:04:30:
         e6:6e:c5:2c:6d:74:7e:60:0f:30:f1:20:02:c4:74:bb:e8:58:
         f7:a4:26:21:29:75:87:f9:b3:43:16:78:8c:e8:f3:aa:c9:9a:
         e8:dc:ce:4c:75:d0:a5:9d:78:c8:2f:45:d9:ee:18:66:42:55:
         84:7b:af:a3:9a:e9:ad:db:0b:1e:76:25:9e:d7:8b:25:2b:a3:
         22:79:fe:7c:33:1c:74:8d:27:b3:22:5b:47:f4:8d:5e:cf:0c:
         a7:b2:44:3e:e3:00:ea:da:9f:00:ea:c2:fe:b7:e8:ff:31:a5:
         2f:f0:03:2f:6e:10:da:65:15:da:d5:dc:34:cc:7c:27:ce:3f:
         f7:7c:0c:91:41:bf:61:be:69:c5:e1:4e:b7:79:2d:e2:55:21:
         d9:a5:de:72:31:79:13:45:22:a2:c8:af:e3:4a:a4:fc:d0:b7:
         3f:56:16:84:a2:89:03:25:a5:5b:94:e0:30:e2:fe:97:c5:87:
         e3:ef:35:9f:1c:b9:17:c9:47:7b:1f:53:1e:88:bc:7c:52:87:
         07:12:0a:e0:ac:f5:60:08:ec:e6:5e:a1:a7:ff:58:a4:58:6e:
         c4:0c:24:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdayd2SXMaf7eEa91xiGRcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjUwNjEwMTcwMTA4WhcNMjUwNjExMTcwMTA4WjAzMTEwLwYDVQQD
Eyg1ZGQ4OWIzMzQ1ZGU3MjQwNDI4MDAwYmJkY2E1YmUxZDgyYzk2ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtvUfmqXZu9l7A9DUn6YsokWdubW
k+mreujNjguOX6V+KhtlcQ5NkRqnauMZ8aA5yvtOWwI7/pK6znpBeGKTJeVBn96S
XTme+LTAykKswxT0FgvN9k9p+f8pPgZ04PE3sZgOJkKAYhWivWmA8rlLAnhXUmfh
ij/oZVw4r60Dnf3WVFp8wky/dxzooFhq3YvhAh7bV5q7ZA1l6wZTZME4bjUOeB2o
BjLTnLbmheBVMv/AM8m841tlC08qR2zo8HmuaTpIgVl0QEj/HWWrFuXsbbrEzjZb
3GffUhGPXf3HEBbJmPQ7x/AWPtpZPI8fXAn2qAlXNSIVoN6+AM4Jrj5jOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3YmzNF3nJAQoAAu9ylvh2CyW8+MB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc7qeTI5w
o/L8DtpvMWEF2E0S7wpp+cxUUqRpfgw195Fr+wQw5m7FLG10fmAPMPEgAsR0u+hY
96QmISl1h/mzQxZ4jOjzqsma6NzOTHXQpZ14yC9F2e4YZkJVhHuvo5rprdsLHnYl
nteLJSujInn+fDMcdI0nsyJbR/SNXs8Mp7JEPuMA6tqfAOrC/rfo/zGlL/ADL24Q
2mUV2tXcNMx8J84/93wMkUG/Yb5pxeFOt3kt4lUh2aXecjF5E0Uiosiv40qk/NC3
P1YWhKKJAyWlW5TgMOL+l8WH4+81nxy5F8lHex9THoi8fFKHBxIK4Kz1YAjs5l6h
p/9YpFhuxAwkOA==
-----END CERTIFICATE-----