Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
File:                     2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft (raw, json)
Hash identifier:          r49HC9ZRaormQyAoFuNoLBtt8rxzo91Q2kQjnPqcYXA=
Subject key identifier:   11:A4:A3:45:AB:97:40:42:DD:7B:3A:8A:68:FD:76:15:A2:14:7F:9D
Authority key identifier: D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3
Certificate issuer:       /CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
Certificate serial:       01974C6912D747389D625757E9E89B1E5320
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:43 +0000
Files and hashes:         1: 2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl (hash: c3rq5wQEgLTcegtj/a98wa4MZTNDlQ/dxkzScg5uxXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:12:d7:47:38:9d:62:57:57:e9:e8:9b:1e:53:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9d72b033ff6fa38bf236139acdb77a7a0a047a3
        Validity
            Not Before: Jun  7 22:00:43 2025 GMT
            Not After : Jun  8 22:00:43 2025 GMT
        Subject: CN=11a4a345ab974042dd7b3a8a68fd7615a2147f9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a0:59:51:b9:72:54:77:dd:47:83:28:05:c3:
                    49:df:e3:85:2e:bd:2a:6c:bc:fa:94:a9:43:2a:42:
                    3c:f5:f8:54:74:a9:eb:a9:99:47:e4:f4:ec:c1:01:
                    50:16:b7:1f:9b:bd:f9:04:ee:73:f5:3b:7f:46:a7:
                    03:01:9c:c1:e9:e2:e4:69:e8:65:fb:1a:df:d4:04:
                    c7:c3:37:68:8e:8d:c1:89:dd:23:02:04:a2:46:e9:
                    95:18:71:50:17:40:3c:8b:77:42:2e:eb:78:5c:5a:
                    5f:c8:7b:0c:f7:88:7f:75:45:ef:3b:7a:aa:2b:97:
                    07:92:5e:b9:3e:80:a8:80:bb:31:19:4d:fd:47:32:
                    e7:2d:0f:e1:37:a8:cf:31:71:6b:af:20:60:7f:1c:
                    b7:e6:32:71:50:25:ce:57:aa:17:ee:e1:1f:94:f4:
                    0a:0f:7e:11:02:1b:a6:af:45:e3:86:93:fc:f1:02:
                    a5:28:66:82:b4:b3:91:22:1f:26:7d:7b:36:e8:38:
                    a9:b1:df:6c:bb:9f:b4:ea:b9:d4:eb:2a:eb:3f:91:
                    04:45:43:fc:73:bd:da:54:ff:7c:5e:12:fc:fc:a0:
                    c5:53:a3:05:3b:8f:6d:86:0b:19:95:92:01:b4:22:
                    35:57:dd:dc:67:79:c7:94:8a:77:64:1d:c7:88:08:
                    98:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:A4:A3:45:AB:97:40:42:DD:7B:3A:8A:68:FD:76:15:A2:14:7F:9D
            X509v3 Authority Key Identifier:
                keyid:D9:D7:2B:03:3F:F6:FA:38:BF:23:61:39:AC:DB:77:A7:A0:A0:47:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dcrAz_2-ji_I2E5rNt3p6CgR6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4cbaf7-b83b-4798-ab36-f821a5a5cf6a/1/2dcrAz_2-ji_I2E5rNt3p6CgR6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:b0:f1:97:81:f6:0e:93:3e:4d:6f:18:6f:e7:be:44:75:c1:
         55:75:db:b4:1f:71:35:f2:e0:f6:00:5c:4a:e7:6f:3f:05:71:
         ad:72:1d:4a:2e:53:17:2c:d0:7f:6f:fb:2c:a1:fd:85:57:ec:
         7c:01:f0:6f:5a:9a:78:59:80:ae:e7:21:33:59:c5:55:48:6b:
         78:bd:cc:97:4e:b3:12:5e:58:58:1e:3d:0e:22:88:41:37:ce:
         0c:04:5b:46:89:e2:8b:01:bd:da:66:cc:17:ad:8a:5b:96:6e:
         c7:10:82:2c:1a:e2:3c:e3:9f:73:62:2d:0d:92:55:d0:32:b3:
         e2:0f:ed:6b:23:55:5d:a3:8e:58:5f:d3:ae:8a:9d:33:0c:13:
         94:14:6f:34:f6:de:70:ce:63:f8:2a:eb:2a:a5:4c:3c:bd:f9:
         96:3d:32:55:1c:70:b3:9d:f1:4f:71:e2:4f:33:e5:9f:7e:52:
         b7:d0:1d:ea:0b:9e:c6:25:3e:8b:43:4e:24:22:00:bc:00:67:
         0a:df:84:6b:79:7f:33:70:98:92:27:db:36:53:7e:9d:71:cd:
         78:8b:3b:68:df:2e:ca:24:99:b5:ae:d6:b3:9e:4e:45:0c:f6:
         2c:b1:bd:62:96:9b:b9:fc:78:c9:05:d1:7a:9f:bf:cd:a1:6d:
         e3:84:68:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaRLXRzidYldX6eibHlMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDcyYjAzM2ZmNmZhMzhiZjIzNjEzOWFjZGI3N2E3YTBh
MDQ3YTMwHhcNMjUwNjA3MjIwMDQzWhcNMjUwNjA4MjIwMDQzWjAzMTEwLwYDVQQD
EygxMWE0YTM0NWFiOTc0MDQyZGQ3YjNhOGE2OGZkNzYxNWEyMTQ3ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaBZUblyVHfdR4MoBcNJ3+OFLr0q
bLz6lKlDKkI89fhUdKnrqZlH5PTswQFQFrcfm735BO5z9Tt/RqcDAZzB6eLkaehl
+xrf1ATHwzdojo3Bid0jAgSiRumVGHFQF0A8i3dCLut4XFpfyHsM94h/dUXvO3qq
K5cHkl65PoCogLsxGU39RzLnLQ/hN6jPMXFrryBgfxy35jJxUCXOV6oX7uEflPQK
D34RAhumr0XjhpP88QKlKGaCtLORIh8mfXs26Dipsd9su5+06rnU6yrrP5EERUP8
c73aVP98XhL8/KDFU6MFO49thgsZlZIBtCI1V93cZ3nHlIp3ZB3HiAiYcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGko0Wrl0BC3Xs6imj9dhWiFH+dMB8GA1UdIwQY
MBaAFNnXKwM/9vo4vyNhOazbd6egoEejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYt
ZjgyMWE1YTVjZjZhLzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Y2JhZjctYjgzYi00Nzk4LWFiMzYtZjgyMWE1YTVjZjZh
LzEvMmRjckF6XzItamlfSTJFNXJOdDNwNkNnUjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnbDxl4H2
DpM+TW8Yb+e+RHXBVXXbtB9xNfLg9gBcSudvPwVxrXIdSi5TFyzQf2/7LKH9hVfs
fAHwb1qaeFmAruchM1nFVUhreL3Ml06zEl5YWB49DiKIQTfODARbRoniiwG92mbM
F62KW5ZuxxCCLBriPOOfc2ItDZJV0DKz4g/tayNVXaOOWF/TroqdMwwTlBRvNPbe
cM5j+CrrKqVMPL35lj0yVRxws53xT3HiTzPln35St9Ad6guexiU+i0NOJCIAvABn
Ct+Ea3l/M3CYkifbNlN+nXHNeIs7aN8uyiSZta7Ws55ORQz2LLG9Ypabufx4yQXR
ep+/zaFt44RodQ==
-----END CERTIFICATE-----