Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          aksDwtqKrCyqNimvBGB+3/uIS/GJU5R1lf/mn0YOlWk=
Subject key identifier:   20:C1:5B:04:29:D2:EF:AB:81:1A:AD:01:C7:72:1E:C2:CB:6E:69:EF
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       0197B6A0D25966D3CF53BE4F778E6DF83349
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0EBA
Signing time:             Sat 28 Jun 2025 13:01:22 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:22 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:22 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: d2U0MTaiD5cRwGAtrlkSfCvf6wJgZ+3gezsjjJsdm70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:d2:59:66:d3:cf:53:be:4f:77:8e:6d:f8:33:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Jun 28 13:01:22 2025 GMT
            Not After : Jun 29 13:01:22 2025 GMT
        Subject: CN=20c15b0429d2efab811aad01c7721ec2cb6e69ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0f:f6:f2:8b:9e:0a:7c:6f:44:05:5c:51:ad:
                    43:6c:5e:17:d7:1c:a7:cb:a3:bf:d8:80:d8:ba:ad:
                    9c:a3:52:64:c4:b0:57:73:0f:04:45:7a:ec:23:12:
                    87:cf:c1:41:0f:38:b0:d3:bf:28:80:04:25:c9:8b:
                    cc:81:1d:4c:ff:af:48:d3:70:65:d0:3c:d1:ef:9d:
                    70:32:67:e8:ae:ed:27:20:30:02:7d:16:7a:f7:4d:
                    09:b0:b7:a8:24:02:bf:2f:8b:74:16:1d:be:7f:7a:
                    82:a1:32:eb:52:b8:18:60:e6:69:e6:f3:09:a4:68:
                    68:dd:83:9b:d1:e7:38:50:f1:ce:bb:cf:c3:41:54:
                    5a:49:12:b4:37:2e:75:1c:27:36:4f:cd:30:49:7e:
                    fc:54:44:27:67:ce:08:55:4e:d9:f0:a6:45:0f:5e:
                    ad:b8:71:4c:e6:21:f6:47:25:e8:ad:9b:8e:b7:9d:
                    b5:1e:ff:95:7e:ca:8d:93:b6:ca:39:b4:aa:53:85:
                    4d:ff:30:46:7a:4d:fa:0f:f3:02:20:20:62:24:01:
                    01:87:d9:1c:6c:59:20:c2:4e:ed:c9:3c:d5:6c:b6:
                    5d:16:56:89:9b:c0:4b:d3:40:c0:16:36:1e:79:dc:
                    ca:69:79:72:51:6b:76:1d:f0:f2:d9:43:38:e8:d9:
                    a2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:C1:5B:04:29:D2:EF:AB:81:1A:AD:01:C7:72:1E:C2:CB:6E:69:EF
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:4d:a5:64:5a:da:ff:fe:74:1f:46:95:04:2b:4b:2c:3c:de:
         48:d8:b4:67:de:ea:7a:0f:fe:30:b6:2d:3a:0b:b9:d7:76:64:
         f2:3f:b6:64:ab:cc:cc:34:72:00:09:db:6d:53:70:e4:45:55:
         c0:81:87:7a:a6:0e:a9:22:82:3e:9e:e7:c7:4b:70:7c:aa:1b:
         bb:3d:b3:aa:f3:1f:9b:02:a2:9e:e5:e0:fb:cf:5e:25:cc:dd:
         66:e6:ce:65:a6:58:ac:b5:4c:b1:53:59:71:72:d1:0d:4b:fe:
         af:b2:bc:96:8a:67:c9:d1:ed:56:19:d0:3e:61:d1:d9:24:52:
         9b:8f:df:aa:68:30:2f:86:a4:5a:8c:0a:e8:09:d1:36:34:45:
         6f:60:16:e7:6f:c1:2a:5c:8b:fd:e3:f4:e4:66:0c:57:a7:6d:
         39:ed:e6:40:4d:d7:e1:e6:62:6d:c1:4d:1d:24:86:7d:7f:e8:
         81:3a:1a:d2:37:24:f8:d4:2e:28:5d:8d:c4:e7:fd:5a:88:75:
         55:12:94:a3:70:e9:73:03:db:20:b6:14:82:a6:08:4d:ee:23:
         2d:23:d8:c3:c1:c1:b2:f6:87:69:a4:ab:0a:9b:a6:37:88:37:
         3f:34:1b:5d:62:07:0f:ac:90:b3:d5:e3:87:93:22:03:ca:15:
         ca:36:de:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oNJZZtPPU75Pd45t+DNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUwNjI4MTMwMTIyWhcNMjUwNjI5MTMwMTIyWjAzMTEwLwYDVQQD
EygyMGMxNWIwNDI5ZDJlZmFiODExYWFkMDFjNzcyMWVjMmNiNmU2OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ/28oueCnxvRAVcUa1DbF4X1xyn
y6O/2IDYuq2co1JkxLBXcw8ERXrsIxKHz8FBDziw078ogAQlyYvMgR1M/69I03Bl
0DzR751wMmforu0nIDACfRZ6900JsLeoJAK/L4t0Fh2+f3qCoTLrUrgYYOZp5vMJ
pGho3YOb0ec4UPHOu8/DQVRaSRK0Ny51HCc2T80wSX78VEQnZ84IVU7Z8KZFD16t
uHFM5iH2RyXorZuOt521Hv+VfsqNk7bKObSqU4VN/zBGek36D/MCICBiJAEBh9kc
bFkgwk7tyTzVbLZdFlaJm8BL00DAFjYeedzKaXlyUWt2HfDy2UM46NmiXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDBWwQp0u+rgRqtAcdyHsLLbmnvMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWk2lZFra
//50H0aVBCtLLDzeSNi0Z97qeg/+MLYtOgu513Zk8j+2ZKvMzDRyAAnbbVNw5EVV
wIGHeqYOqSKCPp7nx0twfKobuz2zqvMfmwKinuXg+89eJczdZubOZaZYrLVMsVNZ
cXLRDUv+r7K8lopnydHtVhnQPmHR2SRSm4/fqmgwL4akWowK6AnRNjRFb2AW52/B
KlyL/eP05GYMV6dtOe3mQE3X4eZibcFNHSSGfX/ogToa0jck+NQuKF2NxOf9Woh1
VRKUo3DpcwPbILYUgqYITe4jLSPYw8HBsvaHaaSrCpumN4g3PzQbXWIHD6yQs9Xj
h5MiA8oVyjbeDw==
-----END CERTIFICATE-----