Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
File:                     X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft (raw, json)
Hash identifier:          FxIkncMhfRZkYVsU16rnQsgplqb2YAa+tYiUZvmIf7c=
Subject key identifier:   8A:D0:E0:67:8B:BC:2C:E8:3C:1B:93:27:70:74:79:FA:45:1D:C4:14
Authority key identifier: 5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93
Certificate issuer:       /CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893
Certificate serial:       0197BA7E68205F149F7E0413FD9DAE1DB256
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
Manifest number:          15B2
Signing time:             Sun 29 Jun 2025 07:02:15 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:15 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:15 +0000
Files and hashes:         1: X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl (hash: OrXdv0/5D74ywMgiW+XPRus7iLqYxSE1/NUn7U3elWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 07:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:68:20:5f:14:9f:7e:04:13:fd:9d:ae:1d:b2:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893
        Validity
            Not Before: Jun 29 07:02:15 2025 GMT
            Not After : Jun 30 07:02:15 2025 GMT
        Subject: CN=8ad0e0678bbc2ce83c1b9327707479fa451dc414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c0:98:86:a4:f0:c7:75:a4:99:b6:72:1a:1d:
                    ee:31:f3:8b:cb:bc:97:53:8f:7a:44:5f:43:ba:28:
                    87:6a:80:84:96:0f:31:ce:8f:96:04:fd:28:bf:61:
                    65:68:96:71:06:06:72:1b:6a:0d:9b:cb:d5:27:62:
                    05:6a:61:03:c8:ed:01:08:03:b6:25:2c:e1:f9:9e:
                    6a:94:41:76:8c:50:e8:98:53:f7:93:d9:1a:fd:c4:
                    c9:69:8f:59:70:95:a4:52:2e:95:51:2d:46:ec:11:
                    bd:77:75:55:79:ee:87:3c:e1:9d:14:7d:87:2c:fa:
                    57:61:ae:a8:27:d2:9d:dd:0a:99:c1:43:ee:4a:8b:
                    f0:7a:c0:fc:f2:20:5d:2d:d6:dd:b5:b0:3a:c6:ac:
                    0f:39:85:03:47:c0:ab:4f:96:f5:b5:94:5b:67:3a:
                    b7:78:3c:41:9f:cb:56:dc:aa:67:e5:68:b9:fe:dd:
                    39:d3:ff:1d:92:ef:8a:26:a3:76:84:32:d4:74:70:
                    64:3e:4e:97:b5:1c:45:3e:a2:da:69:d7:a0:55:20:
                    49:2e:bd:4c:ca:3e:6c:5b:5c:7a:0f:23:fc:cb:1a:
                    99:e2:fa:78:36:b5:38:c6:05:11:f5:38:70:d4:30:
                    f4:eb:fa:33:97:fb:6e:0d:c4:92:26:d0:17:dc:66:
                    70:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D0:E0:67:8B:BC:2C:E8:3C:1B:93:27:70:74:79:FA:45:1D:C4:14
            X509v3 Authority Key Identifier:
                keyid:5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:24:fd:4c:31:7c:0d:bd:37:6a:48:73:c5:da:7f:f7:f3:8c:
         26:41:d4:ed:ae:be:ff:d5:7b:22:25:b2:67:d2:41:ab:6f:01:
         5a:37:b7:ae:17:f4:15:ec:f3:9d:e4:f2:96:50:85:d0:c7:8a:
         e8:4b:c2:04:73:87:28:36:24:b7:ab:f4:79:5b:c2:12:9f:67:
         55:53:1b:ee:c4:83:ea:fa:59:12:ec:d9:23:82:d3:02:c5:20:
         83:8a:14:0b:9e:5f:00:bd:1f:ef:17:08:0f:3b:ea:c0:94:13:
         8b:d7:90:e6:39:8d:65:5d:6b:00:f4:6c:f4:c3:93:d2:87:c4:
         15:6f:d0:87:34:ec:70:0c:b7:41:83:f4:38:75:a1:99:5e:9f:
         c9:5d:76:94:54:70:3f:5f:6c:fa:04:5c:d4:85:1d:4c:71:af:
         9a:e3:5d:47:20:cf:02:cf:66:fb:90:4b:65:33:1a:af:b1:40:
         9a:3d:ec:a8:2e:85:16:b7:f3:93:75:72:f7:b8:f6:98:6c:5d:
         f8:3c:75:77:9d:3e:c4:88:a8:29:41:27:dc:ef:26:0b:7a:77:
         4b:28:70:05:52:d8:35:8b:39:ca:ce:46:08:90:15:e8:fd:a2:
         eb:47:d9:8e:dd:a5:07:a4:ec:a4:51:85:e4:ee:18:58:a4:d3:
         c4:39:7a:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fmggXxSffgQT/Z2uHbJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNjI4ZjA1Y2NhOGM4N2Q1OTNlNzFlOWRkMjFiMGU3Zjg5
ZDU4OTMwHhcNMjUwNjI5MDcwMjE1WhcNMjUwNjMwMDcwMjE1WjAzMTEwLwYDVQQD
Eyg4YWQwZTA2NzhiYmMyY2U4M2MxYjkzMjc3MDc0NzlmYTQ1MWRjNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcCYhqTwx3WkmbZyGh3uMfOLy7yX
U496RF9DuiiHaoCElg8xzo+WBP0ov2FlaJZxBgZyG2oNm8vVJ2IFamEDyO0BCAO2
JSzh+Z5qlEF2jFDomFP3k9ka/cTJaY9ZcJWkUi6VUS1G7BG9d3VVee6HPOGdFH2H
LPpXYa6oJ9Kd3QqZwUPuSovwesD88iBdLdbdtbA6xqwPOYUDR8CrT5b1tZRbZzq3
eDxBn8tW3Kpn5Wi5/t050/8dku+KJqN2hDLUdHBkPk6XtRxFPqLaadegVSBJLr1M
yj5sW1x6DyP8yxqZ4vp4NrU4xgUR9Thw1DD06/ozl/tuDcSSJtAX3GZwpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrQ4GeLvCzoPBuTJ3B0efpFHcQUMB8GA1UdIwQY
MBaAFF9ijwXMqMh9WT5x6d0hsOf4nViTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMt
OWZiZTg5MTlkYjkwLzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMtOWZiZTg5MTlkYjkw
LzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqiT9TDF8
Db03akhzxdp/9/OMJkHU7a6+/9V7IiWyZ9JBq28BWje3rhf0FezzneTyllCF0MeK
6EvCBHOHKDYkt6v0eVvCEp9nVVMb7sSD6vpZEuzZI4LTAsUgg4oUC55fAL0f7xcI
DzvqwJQTi9eQ5jmNZV1rAPRs9MOT0ofEFW/QhzTscAy3QYP0OHWhmV6fyV12lFRw
P19s+gRc1IUdTHGvmuNdRyDPAs9m+5BLZTMar7FAmj3sqC6FFrfzk3Vy97j2mGxd
+Dx1d50+xIioKUEn3O8mC3p3SyhwBVLYNYs5ys5GCJAV6P2i60fZjt2lB6TspFGF
5O4YWKTTxDl6fA==
-----END CERTIFICATE-----