Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          tMCEVoD9kZcBP4auNNeLZKnwvE+OicBroDG2UAqRH54=
Subject key identifier:   8A:DC:91:CC:7F:84:B6:6B:88:E4:BD:11:13:A2:58:8D:0D:E7:4E:5F
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       0197B820CB2991272F2272DAE006D5D419A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          023C
Signing time:             Sat 28 Jun 2025 20:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 20:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 20:00:46 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: PS0Zf0n4oIYS1AcRD4kEZffR8kmIP2nomNH1MqnAHyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:20:cb:29:91:27:2f:22:72:da:e0:06:d5:d4:19:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Jun 28 20:00:46 2025 GMT
            Not After : Jun 29 20:00:46 2025 GMT
        Subject: CN=8adc91cc7f84b66b88e4bd1113a2588d0de74e5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:61:c7:96:05:e3:84:70:25:8e:d8:70:74:b1:
                    4b:c0:ec:51:3c:e7:14:f5:9c:d1:78:e2:8a:37:2f:
                    a1:8b:f6:eb:c1:61:20:26:eb:e4:cf:3c:ef:5a:bd:
                    ba:b9:9f:92:af:a5:ea:22:2b:b8:ed:bd:98:d6:40:
                    3c:8b:60:aa:56:1a:60:83:5e:a4:0c:2f:7c:be:3f:
                    66:6e:0d:cf:75:25:a6:94:f2:c9:27:8a:1c:93:75:
                    ad:3a:3c:a5:31:f6:28:81:92:1c:bc:67:33:0f:92:
                    44:4e:70:61:10:2f:a8:68:9c:9b:f2:67:1c:0d:35:
                    e6:66:be:db:63:ac:37:ad:8e:90:ea:20:1e:2e:ad:
                    f4:c8:a3:7b:36:30:0a:e7:52:4b:df:06:2e:d8:e5:
                    f8:dc:7b:d9:a0:6d:26:10:09:af:f4:d5:55:94:49:
                    a1:5e:3c:e0:4d:51:71:fb:88:8c:a6:40:12:9c:cb:
                    70:97:35:44:62:6f:62:8d:68:47:61:12:8f:96:69:
                    4b:90:26:e7:b9:eb:6f:f4:a8:63:0e:e1:36:23:f8:
                    bd:4c:a5:45:aa:74:1e:aa:97:e1:24:1e:c4:64:99:
                    5d:5d:c0:3a:1f:27:35:b4:1a:16:40:1e:53:de:a7:
                    7e:49:22:7d:63:b4:ed:9f:57:44:3d:d4:f0:dc:80:
                    33:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:DC:91:CC:7F:84:B6:6B:88:E4:BD:11:13:A2:58:8D:0D:E7:4E:5F
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:be:be:65:a5:cc:c3:3a:42:ee:e3:3b:63:e0:b6:1f:b1:ec:
         e7:06:ee:34:76:f1:69:85:84:12:0e:ad:ee:59:c0:99:4e:d5:
         1e:1a:ad:57:ae:4e:0b:cb:04:2e:a6:36:75:75:f5:5d:eb:28:
         5e:6f:9f:5b:e7:52:7e:a8:69:1a:61:de:c6:a1:bb:02:cf:d3:
         ae:6b:3b:44:7d:7e:bb:93:5b:62:10:05:40:ff:82:25:68:61:
         de:e8:7a:e5:d1:07:58:27:0c:9c:7a:09:b7:af:dd:82:fd:53:
         60:24:fb:d0:a9:c8:59:a7:18:5d:be:54:78:7d:23:ca:b7:60:
         73:36:71:85:86:86:22:4b:a3:3c:b5:dc:22:5d:6e:04:67:04:
         ee:5c:48:2d:68:ca:11:09:f4:b1:0a:86:a2:33:a6:98:6b:d5:
         2e:75:12:fc:18:df:a8:6a:56:88:cc:6b:cf:e1:a1:7a:a4:f5:
         d2:07:7f:df:21:9d:1b:8b:f0:0c:5d:79:0f:20:8f:eb:f7:b6:
         98:8e:bf:91:29:56:80:99:71:99:81:6d:81:8e:4f:0f:b5:61:
         db:9b:e2:d5:73:b3:7e:fc:12:eb:e1:28:d5:db:4e:11:13:a6:
         a3:50:91:15:04:94:5c:65:bb:8b:39:2f:ab:fd:db:dd:e1:cd:
         d1:2c:7a:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IMspkScvInLa4AbV1BmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwNjI4MjAwMDQ2WhcNMjUwNjI5MjAwMDQ2WjAzMTEwLwYDVQQD
Eyg4YWRjOTFjYzdmODRiNjZiODhlNGJkMTExM2EyNTg4ZDBkZTc0ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmHHlgXjhHAljthwdLFLwOxRPOcU
9ZzReOKKNy+hi/brwWEgJuvkzzzvWr26uZ+Sr6XqIiu47b2Y1kA8i2CqVhpgg16k
DC98vj9mbg3PdSWmlPLJJ4ock3WtOjylMfYogZIcvGczD5JETnBhEC+oaJyb8mcc
DTXmZr7bY6w3rY6Q6iAeLq30yKN7NjAK51JL3wYu2OX43HvZoG0mEAmv9NVVlEmh
XjzgTVFx+4iMpkASnMtwlzVEYm9ijWhHYRKPlmlLkCbnuetv9KhjDuE2I/i9TKVF
qnQeqpfhJB7EZJldXcA6Hyc1tBoWQB5T3qd+SSJ9Y7Ttn1dEPdTw3IAzHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrckcx/hLZriOS9EROiWI0N505fMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj76+ZaXM
wzpC7uM7Y+C2H7Hs5wbuNHbxaYWEEg6t7lnAmU7VHhqtV65OC8sELqY2dXX1Xeso
Xm+fW+dSfqhpGmHexqG7As/Trms7RH1+u5NbYhAFQP+CJWhh3uh65dEHWCcMnHoJ
t6/dgv1TYCT70KnIWacYXb5UeH0jyrdgczZxhYaGIkujPLXcIl1uBGcE7lxILWjK
EQn0sQqGojOmmGvVLnUS/BjfqGpWiMxrz+GheqT10gd/3yGdG4vwDF15DyCP6/e2
mI6/kSlWgJlxmYFtgY5PD7Vh25vi1XOzfvwS6+Eo1dtOEROmo1CRFQSUXGW7izkv
q/3b3eHN0Sx6TQ==
-----END CERTIFICATE-----