Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          2GAMB3E8rYaGzxYGOhVBN26HINd+aDYECfsxovekanM=
Subject key identifier:   D6:26:DF:0E:9C:D4:7F:81:C6:7F:10:79:44:28:0B:7A:D8:BA:89:0F
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       0199239FBB0599BC11395D8683854702C039
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:01:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:34 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: Rj+P0nIxApNpfq8ifxQVhQfIoU/Qd+ckhteA6wLZ39A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:bb:05:99:bc:11:39:5d:86:83:85:47:02:c0:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Sep  7 10:01:34 2025 GMT
            Not After : Sep  8 10:01:34 2025 GMT
        Subject: CN=d626df0e9cd47f81c67f107944280b7ad8ba890f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ef:71:ab:ab:c5:2c:87:52:e7:d4:63:bb:eb:
                    1d:a2:10:b3:32:a9:8a:41:08:cb:40:0c:52:7d:10:
                    ce:03:b8:06:4e:81:30:63:71:e4:26:12:9b:83:71:
                    e4:31:7d:05:c4:5a:ac:79:70:e9:75:2a:31:02:02:
                    3b:05:34:0e:31:92:f4:1e:db:8c:17:a3:29:6c:47:
                    bc:9e:5b:bc:d0:34:a6:86:84:91:86:19:c6:f9:20:
                    07:e5:16:20:3d:7d:08:2e:42:08:93:9e:9f:37:5f:
                    f3:4a:c1:32:be:61:42:80:d4:04:e7:0f:47:2e:5c:
                    9b:f9:63:04:f7:25:5a:28:55:e3:81:7c:1a:f2:f8:
                    94:ab:a2:62:dd:25:de:35:45:89:19:99:3b:8f:1a:
                    a2:dc:a2:50:fa:81:70:3a:b5:fb:9a:0d:db:25:81:
                    bf:87:39:9e:c1:4e:05:53:21:da:b3:aa:45:6e:4b:
                    69:b6:c8:b8:1c:4f:95:2f:4f:47:23:d3:a3:1c:96:
                    20:29:90:e5:ab:5c:51:31:7c:96:fc:ad:67:be:06:
                    03:34:4b:26:3e:1a:0b:0c:fb:e8:a9:46:7f:76:e1:
                    36:e9:27:23:68:6d:4d:4d:75:ea:8f:88:9d:3a:64:
                    27:50:12:7c:8c:b4:68:e1:d9:b8:2a:bf:52:c7:86:
                    c3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:26:DF:0E:9C:D4:7F:81:C6:7F:10:79:44:28:0B:7A:D8:BA:89:0F
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:77:b2:01:52:7e:53:98:54:98:5e:b7:de:2c:d7:77:82:fb:
         ac:3e:66:51:00:2e:52:1b:81:c1:7f:25:08:41:be:58:dc:33:
         4d:2e:de:0b:dc:bf:b5:c8:63:33:5c:e9:58:b1:c8:fd:f6:03:
         50:2d:ee:1b:3f:fa:8c:04:79:a8:4d:93:f7:dc:c5:a3:90:ad:
         41:87:ca:e0:e7:4b:d9:95:38:74:b6:87:a8:c6:cb:22:70:75:
         b1:7e:2b:f0:c2:e6:54:40:4e:72:48:47:8d:05:1c:6d:03:e8:
         1d:16:27:8d:09:9a:a5:cf:68:89:78:f0:73:25:0a:ad:28:48:
         fd:01:62:eb:7a:ed:38:23:37:ce:ce:80:9f:8d:76:3e:4b:33:
         be:1c:60:5a:ac:7d:f4:5a:89:e4:e5:d9:9b:04:e0:43:f4:cb:
         cc:86:54:15:f3:42:c3:d7:86:15:c4:a5:f7:fd:b0:f7:1a:85:
         b5:43:f7:77:ac:2b:d5:17:c4:64:8e:fc:c9:e8:c7:b0:77:ad:
         6f:f1:dc:40:87:4a:a3:cf:f3:a6:e9:3e:15:f4:ad:9c:2c:27:
         6a:a7:5d:d8:c8:a8:b4:4b:9b:da:e2:1d:f6:f0:8c:11:ce:e0:
         e6:f3:ef:37:51:62:40:9b:57:09:d1:ac:ad:8e:92:22:c3:f0:
         d2:9a:c2:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn7sFmbwROV2Gg4VHAsA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwOTA3MTAwMTM0WhcNMjUwOTA4MTAwMTM0WjAzMTEwLwYDVQQD
EyhkNjI2ZGYwZTljZDQ3ZjgxYzY3ZjEwNzk0NDI4MGI3YWQ4YmE4OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+9xq6vFLIdS59Rju+sdohCzMqmK
QQjLQAxSfRDOA7gGToEwY3HkJhKbg3HkMX0FxFqseXDpdSoxAgI7BTQOMZL0HtuM
F6MpbEe8nlu80DSmhoSRhhnG+SAH5RYgPX0ILkIIk56fN1/zSsEyvmFCgNQE5w9H
Llyb+WME9yVaKFXjgXwa8viUq6Ji3SXeNUWJGZk7jxqi3KJQ+oFwOrX7mg3bJYG/
hzmewU4FUyHas6pFbktptsi4HE+VL09HI9OjHJYgKZDlq1xRMXyW/K1nvgYDNEsm
PhoLDPvoqUZ/duE26ScjaG1NTXXqj4idOmQnUBJ8jLRo4dm4Kr9Sx4bD9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYm3w6c1H+Bxn8QeUQoC3rYuokPMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEHeyAVJ+
U5hUmF633izXd4L7rD5mUQAuUhuBwX8lCEG+WNwzTS7eC9y/tchjM1zpWLHI/fYD
UC3uGz/6jAR5qE2T99zFo5CtQYfK4OdL2ZU4dLaHqMbLInB1sX4r8MLmVEBOckhH
jQUcbQPoHRYnjQmapc9oiXjwcyUKrShI/QFi63rtOCM3zs6An412PkszvhxgWqx9
9FqJ5OXZmwTgQ/TLzIZUFfNCw9eGFcSl9/2w9xqFtUP3d6wr1RfEZI78yejHsHet
b/HcQIdKo8/zpuk+FfStnCwnaqdd2MiotEub2uId9vCMEc7g5vPvN1FiQJtXCdGs
rY6SIsPw0prCBw==
-----END CERTIFICATE-----