Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          LmJbGyZHyvRiKVBDjU0zqReprtw8HyepHkdC4M6dkhw=
Subject key identifier:   AC:2B:D9:9F:99:D3:3F:A8:6E:79:1F:96:9A:C5:39:6E:D0:4B:9E:AF
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0197B6A054F3083D38C330C710F299956F52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          09C3
Signing time:             Sat 28 Jun 2025 13:00:50 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:50 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:50 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: 99jx5y1/qr7X/CaxtIaChyvhQ/KgnMSHmWD+8/6r21g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:54:f3:08:3d:38:c3:30:c7:10:f2:99:95:6f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Jun 28 13:00:50 2025 GMT
            Not After : Jun 29 13:00:50 2025 GMT
        Subject: CN=ac2bd99f99d33fa86e791f969ac5396ed04b9eaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:39:42:1c:9d:f9:89:bd:d5:89:42:6b:f2:e8:
                    c8:79:d6:a0:2a:ae:c4:68:02:2f:6c:98:2b:77:69:
                    b0:ca:74:89:d6:64:d2:6b:70:c9:8d:ba:c5:00:1d:
                    2e:c3:18:35:95:9b:44:43:44:8e:e7:78:d0:d8:d3:
                    00:64:5f:b5:17:3c:fd:d3:a6:8e:ab:42:e2:64:db:
                    8a:38:d7:72:18:7d:db:b2:a3:db:ea:04:d3:a5:82:
                    f7:b8:96:46:76:c1:60:5d:f9:c4:63:7e:bf:4b:ec:
                    cf:cd:b7:6c:97:ac:4d:29:46:99:c7:74:f5:0b:4f:
                    4e:7e:8c:7e:88:a8:71:72:1f:a8:b1:98:be:56:51:
                    d7:33:10:2d:91:0f:b2:27:ec:b6:2e:c4:5e:2d:e7:
                    50:37:71:ae:56:52:09:2c:26:71:92:74:54:73:1b:
                    7f:a5:5a:3c:82:70:a2:64:cf:be:58:00:d8:fe:c4:
                    c6:e7:f7:37:43:08:43:16:b2:24:c3:7c:9a:33:12:
                    4b:50:64:04:0e:32:bc:d1:f6:90:b3:d5:da:97:af:
                    bb:c0:11:90:8c:a7:9d:5b:a2:3f:26:7a:ad:6a:15:
                    c1:6b:20:6d:ff:c3:f1:84:75:5a:67:b5:c5:f8:26:
                    3a:68:9c:86:b9:56:7e:35:a8:5d:38:b4:15:fa:96:
                    6e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:2B:D9:9F:99:D3:3F:A8:6E:79:1F:96:9A:C5:39:6E:D0:4B:9E:AF
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:08:f6:f7:54:f2:65:01:61:11:29:78:d6:18:60:11:22:a3:
         43:22:ae:b0:50:b6:7e:0e:c9:75:88:fa:e2:1f:7c:f6:f5:f3:
         43:d5:65:ae:26:59:65:a6:76:2d:b5:98:c7:bc:de:80:59:ac:
         ec:26:10:dc:1e:e2:7c:8b:9d:8c:01:bd:8e:53:72:68:35:fb:
         49:d6:a9:94:75:eb:30:a9:3f:30:8f:b2:13:7c:99:1d:97:53:
         18:19:57:f4:ab:67:3a:1a:a0:78:dd:45:ce:45:e9:8a:40:24:
         9b:56:e2:58:10:a0:e1:6e:71:e9:ba:e7:4a:bb:ba:da:8b:b9:
         a4:0e:5a:26:c1:10:41:77:46:94:62:b4:c3:d6:ac:70:dd:9f:
         e2:ba:ea:42:1c:f0:f1:4e:fd:f6:0e:05:94:aa:48:7b:35:81:
         a4:d6:d6:da:fd:27:1b:8f:c8:d1:75:68:c4:2b:d0:e5:4d:ef:
         f9:af:4c:d6:82:25:38:a5:1a:27:b7:c4:21:62:0e:34:08:d3:
         e6:9b:2e:3f:ad:4c:8d:33:42:aa:ab:db:3b:42:f6:71:81:64:
         eb:41:59:05:1f:ec:47:70:2b:cc:0e:74:8a:cd:84:45:f2:5b:
         14:59:88:e4:85:86:0c:ff:08:1b:1a:a0:f7:a8:e9:ca:7f:57:
         e4:34:f0:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oFTzCD04wzDHEPKZlW9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUwNjI4MTMwMDUwWhcNMjUwNjI5MTMwMDUwWjAzMTEwLwYDVQQD
EyhhYzJiZDk5Zjk5ZDMzZmE4NmU3OTFmOTY5YWM1Mzk2ZWQwNGI5ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTlCHJ35ib3ViUJr8ujIedagKq7E
aAIvbJgrd2mwynSJ1mTSa3DJjbrFAB0uwxg1lZtEQ0SO53jQ2NMAZF+1Fzz906aO
q0LiZNuKONdyGH3bsqPb6gTTpYL3uJZGdsFgXfnEY36/S+zPzbdsl6xNKUaZx3T1
C09Ofox+iKhxch+osZi+VlHXMxAtkQ+yJ+y2LsReLedQN3GuVlIJLCZxknRUcxt/
pVo8gnCiZM++WADY/sTG5/c3QwhDFrIkw3yaMxJLUGQEDjK80faQs9Xal6+7wBGQ
jKedW6I/JnqtahXBayBt/8PxhHVaZ7XF+CY6aJyGuVZ+NahdOLQV+pZutwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwr2Z+Z0z+obnkflprFOW7QS56vMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiwj291Ty
ZQFhESl41hhgESKjQyKusFC2fg7JdYj64h989vXzQ9VlriZZZaZ2LbWYx7zegFms
7CYQ3B7ifIudjAG9jlNyaDX7SdaplHXrMKk/MI+yE3yZHZdTGBlX9KtnOhqgeN1F
zkXpikAkm1biWBCg4W5x6brnSru62ou5pA5aJsEQQXdGlGK0w9ascN2f4rrqQhzw
8U799g4FlKpIezWBpNbW2v0nG4/I0XVoxCvQ5U3v+a9M1oIlOKUaJ7fEIWIONAjT
5psuP61MjTNCqqvbO0L2cYFk60FZBR/sR3ArzA50is2ERfJbFFmI5IWGDP8IGxqg
96jpyn9X5DTwAg==
-----END CERTIFICATE-----