Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          Nyu+yONCnK1f04JGJM1UMSahyNuGREVlG1YUY5GYqEk=
Subject key identifier:   2E:9D:D1:24:CB:DD:2A:10:5F:6E:F6:FE:AA:8A:7E:45:5A:14:7B:5D
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       0198D54E5A0AE0285250038FB512614F4426
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0A56
Signing time:             Sat 23 Aug 2025 05:02:18 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:18 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:18 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: EG+6R28o6uh2AQo3Eaw6Mr2D5ysg6dPb74c1UOEWEvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:5a:0a:e0:28:52:50:03:8f:b5:12:61:4f:44:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Aug 23 05:02:18 2025 GMT
            Not After : Aug 24 05:02:18 2025 GMT
        Subject: CN=2e9dd124cbdd2a105f6ef6feaa8a7e455a147b5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3b:df:b5:15:33:93:e7:93:75:64:b3:f3:9d:
                    bd:b1:b2:82:aa:c3:af:1d:73:48:55:3e:16:14:bd:
                    33:0f:6a:7c:6c:79:63:b9:40:e3:af:6a:1e:d2:8e:
                    2a:d5:4a:1c:c2:1a:92:aa:f8:7e:12:05:59:83:9d:
                    21:78:63:00:a5:7b:69:89:b7:ba:7a:49:92:f4:77:
                    a5:61:c4:ad:64:a5:e7:6f:ea:4c:c0:63:de:38:be:
                    53:c5:f2:5b:eb:f5:c7:83:ee:73:92:d8:c2:e5:a1:
                    20:ba:b5:1c:a6:94:01:d1:2f:ad:68:95:3d:4e:5d:
                    eb:df:fe:5b:ab:ec:15:63:03:e0:c1:fc:fa:74:bc:
                    60:c5:e3:9c:33:13:22:f4:82:37:72:94:b6:c4:9c:
                    e1:23:47:d9:45:8c:5f:2f:5c:17:fb:38:17:35:ec:
                    f9:26:78:f3:b4:6d:99:4c:90:0c:f5:2b:4e:af:8e:
                    38:d3:2d:54:a1:97:e7:d2:64:b8:cb:b1:b9:d6:c9:
                    90:72:66:d1:0a:be:f1:c9:f9:b6:23:f6:cb:ff:34:
                    28:de:47:cf:6e:3f:ab:79:25:2e:f7:0a:9c:f3:b1:
                    ac:34:38:7b:29:51:ae:d6:8e:46:8b:42:3a:d1:3b:
                    50:26:a9:a7:f6:ee:ba:f6:4f:a7:fa:dc:55:5f:6c:
                    6f:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:9D:D1:24:CB:DD:2A:10:5F:6E:F6:FE:AA:8A:7E:45:5A:14:7B:5D
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:03:65:86:18:89:3b:d4:d6:ae:04:ee:1f:2b:e8:f3:8e:e2:
         74:00:2f:1d:56:63:f5:c7:da:be:f1:05:be:3d:84:8d:2d:2c:
         ec:58:bd:9b:94:c3:c6:b2:07:9c:3e:d5:ad:b2:85:c6:2d:3f:
         49:1d:81:72:a3:dd:64:6c:fc:8e:f3:ac:df:f7:cf:2c:f0:ac:
         21:05:3d:3b:e1:ab:15:0a:fb:00:40:e7:a8:71:a0:4b:b8:cc:
         c9:04:b2:50:84:60:83:cd:fc:41:71:a5:45:5f:8b:cb:dd:7d:
         13:0e:e4:2c:ef:01:dd:ef:fc:51:40:bd:8e:8d:4d:a2:4d:74:
         e5:a5:0f:5b:4a:21:b5:50:75:d0:cf:b3:65:97:af:96:63:57:
         b0:a6:e9:87:fb:70:4d:fb:10:ab:ca:b6:e9:54:85:27:16:96:
         df:05:0f:6e:28:bc:ba:b4:d8:2f:56:28:b1:ca:0c:77:58:39:
         b9:c2:1e:98:3a:cc:41:27:2f:b0:f5:0b:aa:2a:ee:84:b8:3c:
         97:65:75:b3:8d:28:4f:74:ba:a9:82:21:40:77:4a:f8:f4:7d:
         86:95:97:41:93:54:b6:d1:4e:58:d4:f1:94:95:b1:f3:d8:48:
         97:ff:36:9e:58:b6:fc:48:08:91:83:2a:75:d4:f1:3b:bd:ec:
         4f:b8:98:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTloK4ChSUAOPtRJhT0QmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUwODIzMDUwMjE4WhcNMjUwODI0MDUwMjE4WjAzMTEwLwYDVQQD
EygyZTlkZDEyNGNiZGQyYTEwNWY2ZWY2ZmVhYThhN2U0NTVhMTQ3YjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TvftRUzk+eTdWSz8529sbKCqsOv
HXNIVT4WFL0zD2p8bHljuUDjr2oe0o4q1UocwhqSqvh+EgVZg50heGMApXtpibe6
ekmS9HelYcStZKXnb+pMwGPeOL5TxfJb6/XHg+5zktjC5aEgurUcppQB0S+taJU9
Tl3r3/5bq+wVYwPgwfz6dLxgxeOcMxMi9II3cpS2xJzhI0fZRYxfL1wX+zgXNez5
JnjztG2ZTJAM9StOr4440y1UoZfn0mS4y7G51smQcmbRCr7xyfm2I/bL/zQo3kfP
bj+reSUu9wqc87GsNDh7KVGu1o5Gi0I60TtQJqmn9u669k+n+txVX2xvOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6d0STL3SoQX272/qqKfkVaFHtdMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwNlhhiJ
O9TWrgTuHyvo847idAAvHVZj9cfavvEFvj2EjS0s7Fi9m5TDxrIHnD7VrbKFxi0/
SR2BcqPdZGz8jvOs3/fPLPCsIQU9O+GrFQr7AEDnqHGgS7jMyQSyUIRgg838QXGl
RV+Ly919Ew7kLO8B3e/8UUC9jo1Nok105aUPW0ohtVB10M+zZZevlmNXsKbph/tw
TfsQq8q26VSFJxaW3wUPbii8urTYL1YoscoMd1g5ucIemDrMQScvsPULqiruhLg8
l2V1s40oT3S6qYIhQHdK+PR9hpWXQZNUttFOWNTxlJWx89hIl/82nli2/EgIkYMq
ddTxO73sT7iYCg==
-----END CERTIFICATE-----