Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
File:                     MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft (raw, json)
Hash identifier:          BjvI86VpiuneglVnQQ9LCOCcryvCuTBwumVvBZE27wo=
Subject key identifier:   8B:65:4C:6E:B8:10:21:22:58:63:2A:A3:3F:D9:AE:85:3A:79:15:DF
Authority key identifier: 31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F
Certificate issuer:       /CN=313da19357cbc67da7d55fa35aab3695bc04d04f
Certificate serial:       0197488C0F8CFBF38075AEB7BBDEEE85716D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
Manifest number:          08EB
Signing time:             Sat 07 Jun 2025 04:00:27 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:27 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:27 +0000
Files and hashes:         1: MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl (hash: 8nmHcqusoF87I7/TknIRv7EgcbW92aFcYBT9Cnyj3CI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:0f:8c:fb:f3:80:75:ae:b7:bb:de:ee:85:71:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313da19357cbc67da7d55fa35aab3695bc04d04f
        Validity
            Not Before: Jun  7 04:00:27 2025 GMT
            Not After : Jun  8 04:00:27 2025 GMT
        Subject: CN=8b654c6eb810212258632aa33fd9ae853a7915df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:39:94:6c:33:be:d1:05:ea:c3:ae:07:c7:95:
                    d2:01:d6:09:20:61:bc:51:3f:9e:4e:1c:7d:11:a0:
                    71:03:a2:20:f6:23:ad:d7:3a:c1:99:48:ad:f2:97:
                    ae:bf:1c:a8:35:12:13:c3:da:90:e3:56:42:35:e4:
                    9e:e7:01:c8:de:ac:df:a5:fb:9b:d3:a4:a4:88:fc:
                    3b:a0:19:af:d6:8a:90:b1:e5:c7:6d:b2:d0:7c:58:
                    ca:39:65:59:45:0a:b8:39:a2:f2:65:91:9b:1d:ff:
                    28:41:31:e1:57:98:1d:82:0f:a7:63:09:65:b0:97:
                    40:04:39:0e:51:7a:f0:56:ad:7c:23:9d:1f:94:80:
                    50:c4:c7:f7:88:b7:e0:b3:e3:c0:34:2a:9a:fd:e9:
                    39:70:08:a5:e0:2e:68:d3:2f:ba:87:28:64:5b:50:
                    7c:0d:4e:8b:86:ed:37:f1:4f:d1:6a:1c:34:91:93:
                    9b:2a:c2:13:f2:bc:14:2f:d8:fe:e6:f2:1d:e8:15:
                    94:3b:75:01:42:4e:e3:e5:23:20:9d:4d:d9:07:76:
                    a6:37:d4:fa:f7:aa:c4:97:a7:69:05:86:17:47:26:
                    e2:57:7d:cc:7b:f3:ee:ce:48:bc:72:8c:90:6e:22:
                    12:7d:d3:b9:16:da:79:c6:78:7b:48:89:e0:a9:3e:
                    9e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:65:4C:6E:B8:10:21:22:58:63:2A:A3:3F:D9:AE:85:3A:79:15:DF
            X509v3 Authority Key Identifier:
                keyid:31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:56:8c:41:ff:5e:25:2a:d5:0f:96:00:11:7d:b2:26:86:0d:
         86:00:21:eb:7a:ce:ef:54:e9:07:a5:2b:c9:65:cf:51:60:b6:
         7b:e5:e5:98:f5:bb:38:39:eb:29:1b:9a:c2:af:89:6f:5d:44:
         fb:db:91:fe:f2:03:75:a7:97:57:53:9e:de:78:42:0f:5b:78:
         2d:7d:35:98:53:8b:6f:55:86:19:6d:a0:b1:35:a0:81:6b:4d:
         ff:26:e4:44:4b:67:96:e2:de:f1:fc:33:fb:e7:e9:ac:97:b0:
         a1:0c:a5:d9:33:5a:d7:19:8e:7c:3d:a3:86:60:26:ae:eb:c4:
         60:8c:77:29:e8:1b:00:e2:df:ee:f4:63:90:2b:c9:34:e1:64:
         e3:25:6c:20:c4:53:1b:a5:9c:24:a6:47:b6:43:aa:3e:01:b4:
         19:71:9f:a2:b1:74:dc:d8:f4:bb:d6:60:ad:06:66:d2:88:f2:
         60:a9:b6:4c:5b:dc:56:b8:2b:75:f0:29:20:66:d4:54:31:38:
         43:b2:71:a2:95:a8:04:28:04:24:f7:f6:5f:30:db:cf:0c:e7:
         9f:56:bc:4a:40:6e:a1:68:fb:dc:0f:bf:b3:b2:78:87:84:ea:
         8a:ef:3c:95:ff:6a:17:b5:f7:1d:40:3a:7b:04:3f:4f:b7:13:
         1d:e6:2f:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjA+M+/OAda63u97uhXFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RhMTkzNTdjYmM2N2RhN2Q1NWZhMzVhYWIzNjk1YmMw
NGQwNGYwHhcNMjUwNjA3MDQwMDI3WhcNMjUwNjA4MDQwMDI3WjAzMTEwLwYDVQQD
Eyg4YjY1NGM2ZWI4MTAyMTIyNTg2MzJhYTMzZmQ5YWU4NTNhNzkxNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzmUbDO+0QXqw64Hx5XSAdYJIGG8
UT+eThx9EaBxA6Ig9iOt1zrBmUit8peuvxyoNRITw9qQ41ZCNeSe5wHI3qzfpfub
06SkiPw7oBmv1oqQseXHbbLQfFjKOWVZRQq4OaLyZZGbHf8oQTHhV5gdgg+nYwll
sJdABDkOUXrwVq18I50flIBQxMf3iLfgs+PANCqa/ek5cAil4C5o0y+6hyhkW1B8
DU6Lhu038U/Rahw0kZObKsIT8rwUL9j+5vId6BWUO3UBQk7j5SMgnU3ZB3amN9T6
96rEl6dpBYYXRybiV33Me/Puzki8coyQbiISfdO5Ftp5xnh7SIngqT6eSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItlTG64ECEiWGMqoz/ZroU6eRXfMB8GA1UdIwQY
MBaAFDE9oZNXy8Z9p9Vfo1qrNpW8BNBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEt
ZjBiYmJlYmJkNmE5LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEtZjBiYmJlYmJkNmE5
LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFaMQf9e
JSrVD5YAEX2yJoYNhgAh63rO71TpB6UryWXPUWC2e+XlmPW7ODnrKRuawq+Jb11E
+9uR/vIDdaeXV1Oe3nhCD1t4LX01mFOLb1WGGW2gsTWggWtN/ybkREtnluLe8fwz
++fprJewoQyl2TNa1xmOfD2jhmAmruvEYIx3KegbAOLf7vRjkCvJNOFk4yVsIMRT
G6WcJKZHtkOqPgG0GXGforF03Nj0u9ZgrQZm0ojyYKm2TFvcVrgrdfApIGbUVDE4
Q7JxopWoBCgEJPf2XzDbzwznn1a8SkBuoWj73A+/s7J4h4Tqiu88lf9qF7X3HUA6
ewQ/T7cTHeYvGg==
-----END CERTIFICATE-----