Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File:                     M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier:          OUd4odJRuh9roaImLBi1YNdInPGLsaAvuYu5Udek0J0=
Subject key identifier:   49:04:19:00:57:41:01:83:9F:0C:A6:A3:5A:3E:0B:8E:6D:D2:43:84
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer:       /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial:       0197B8909AF70937A93EAC67EBE5FAB86DE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number:          119B
Signing time:             Sat 28 Jun 2025 22:02:53 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:53 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:53 +0000
Files and hashes:         1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: fR/PCjLPJqW6q7dxllrrk9JKKnLHSRgVnTsNQ5iARL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:9a:f7:09:37:a9:3e:ac:67:eb:e5:fa:b8:6d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
        Validity
            Not Before: Jun 28 22:02:53 2025 GMT
            Not After : Jun 29 22:02:53 2025 GMT
        Subject: CN=49041900574101839f0ca6a35a3e0b8e6dd24384
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9e:c0:7d:58:d5:7a:9e:a0:b8:21:f2:af:40:
                    fb:24:8c:c7:6f:62:63:87:91:86:b7:90:1a:69:72:
                    92:db:15:9f:56:2c:28:2f:64:15:fa:08:ec:46:1b:
                    43:a5:c9:04:49:e6:9b:57:00:9d:6b:e2:23:bd:bb:
                    27:f1:c3:52:31:1b:9e:a7:c9:10:fb:1e:e7:73:08:
                    a9:99:18:fa:31:ed:00:d7:52:7d:da:45:a9:1c:fd:
                    34:a6:b9:68:99:77:6e:d7:16:c8:3a:e6:04:d5:fb:
                    02:7b:5b:1e:85:e0:37:78:94:7f:ba:df:e1:15:4a:
                    80:95:1e:82:cf:45:a5:14:14:62:fd:ce:65:96:ae:
                    92:6b:6b:23:6e:9c:4f:29:59:3b:97:a8:38:3d:29:
                    b2:d4:48:23:56:d7:e3:a9:fa:26:ed:a8:6c:42:96:
                    7e:f5:79:3a:6a:84:42:28:b6:31:ca:ca:ea:80:d7:
                    75:0b:d8:4c:d0:36:9c:bb:c6:18:44:ac:f4:9d:b0:
                    b6:9e:4b:dc:4d:3c:ef:5e:97:96:c5:d8:a0:6b:36:
                    70:fb:cc:b7:80:24:e9:c3:49:97:95:df:00:b3:66:
                    87:5e:b8:34:2b:6f:8f:0f:61:f2:67:08:c8:a9:e0:
                    1b:8d:83:7e:3d:04:44:89:f1:39:02:43:f2:51:0f:
                    6a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:04:19:00:57:41:01:83:9F:0C:A6:A3:5A:3E:0B:8E:6D:D2:43:84
            X509v3 Authority Key Identifier:
                keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:06:70:f0:c7:46:7f:ca:4b:ab:a8:ea:d7:bc:ad:5a:93:aa:
         2f:ee:da:41:81:7b:8e:05:77:ba:c3:a3:ea:54:60:31:5e:9b:
         b6:b4:a9:9e:2d:3c:6f:23:b2:cb:29:c4:cf:eb:c7:bf:4f:0d:
         12:4e:4d:c8:45:2d:8e:75:c2:b5:b4:14:f1:90:3b:24:42:e7:
         b6:da:80:b5:f7:f8:19:e6:d5:f2:d5:a5:d2:58:c1:72:c7:54:
         c0:22:bd:08:d8:ff:9b:82:54:36:43:d8:ea:19:c1:8c:86:9a:
         a4:28:30:88:76:af:15:29:10:36:5d:9e:4d:88:1b:39:35:4f:
         16:f6:0c:73:b6:3a:d3:11:f2:9c:ff:df:19:9f:f4:54:50:2b:
         39:9f:6a:79:03:fd:26:48:73:73:80:a2:94:6f:30:f1:a4:3f:
         a6:1c:a7:f2:fe:1b:a0:e7:15:a6:c4:71:9e:9e:4a:93:b6:4c:
         3c:62:bc:ca:ff:75:72:e1:71:a1:c9:15:8c:3a:af:8c:5f:de:
         c0:f9:4b:2f:a5:13:73:00:8d:d5:f1:77:d7:92:e4:34:2a:81:
         3e:20:4a:3f:e6:be:1c:99:56:86:6c:17:3d:9a:25:64:bf:e4:
         36:57:64:32:11:bd:17:0b:53:38:41:64:fd:3d:34:f7:da:87:
         bd:18:f1:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kJr3CTepPqxn6+X6uG3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjUwNjI4MjIwMjUzWhcNMjUwNjI5MjIwMjUzWjAzMTEwLwYDVQQD
Eyg0OTA0MTkwMDU3NDEwMTgzOWYwY2E2YTM1YTNlMGI4ZTZkZDI0Mzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr57AfVjVep6guCHyr0D7JIzHb2Jj
h5GGt5AaaXKS2xWfViwoL2QV+gjsRhtDpckESeabVwCda+Ijvbsn8cNSMRuep8kQ
+x7ncwipmRj6Me0A11J92kWpHP00prlomXdu1xbIOuYE1fsCe1seheA3eJR/ut/h
FUqAlR6Cz0WlFBRi/c5llq6Sa2sjbpxPKVk7l6g4PSmy1EgjVtfjqfom7ahsQpZ+
9Xk6aoRCKLYxysrqgNd1C9hM0Dacu8YYRKz0nbC2nkvcTTzvXpeWxdigazZw+8y3
gCTpw0mXld8As2aHXrg0K2+PD2HyZwjIqeAbjYN+PQREifE5AkPyUQ9qvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkEGQBXQQGDnwymo1o+C45t0kOEMB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAewZw8MdG
f8pLq6jq17ytWpOqL+7aQYF7jgV3usOj6lRgMV6btrSpni08byOyyynEz+vHv08N
Ek5NyEUtjnXCtbQU8ZA7JELnttqAtff4GebV8tWl0ljBcsdUwCK9CNj/m4JUNkPY
6hnBjIaapCgwiHavFSkQNl2eTYgbOTVPFvYMc7Y60xHynP/fGZ/0VFArOZ9qeQP9
Jkhzc4CilG8w8aQ/phyn8v4boOcVpsRxnp5Kk7ZMPGK8yv91cuFxockVjDqvjF/e
wPlLL6UTcwCN1fF315LkNCqBPiBKP+a+HJlWhmwXPZolZL/kNldkMhG9FwtTOEFk
/T0099qHvRjxFg==
-----END CERTIFICATE-----