Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          51a8WDAQxiy4/FPu4AJ9Qqe9H6RJF6iXBLAsavJz67g=
Subject key identifier:   B9:A9:5C:1D:97:20:4E:51:88:69:D3:3A:88:48:39:72:AC:28:C0:94
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       0198D5BC2A17CBEC6854BABFEE940550A18D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          1115
Signing time:             Sat 23 Aug 2025 07:02:15 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:15 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:15 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: TZcj5UJL4DLk4E93Rbm557wNo8b+T9cBzfRIJvfb+E4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:2a:17:cb:ec:68:54:ba:bf:ee:94:05:50:a1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Aug 23 07:02:15 2025 GMT
            Not After : Aug 24 07:02:15 2025 GMT
        Subject: CN=b9a95c1d97204e518869d33a88483972ac28c094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fb:f1:2c:18:b9:65:69:d3:93:e5:fe:d3:ef:
                    0e:c7:49:39:24:cd:41:6c:b4:c7:60:78:db:32:85:
                    09:c6:e3:e9:08:fa:a5:6d:91:94:b9:43:e0:0d:ca:
                    e7:14:d9:60:a4:8b:32:73:e7:e3:ea:42:aa:25:97:
                    be:b0:83:78:ac:f6:e6:2c:d3:33:a3:2b:e5:79:66:
                    7b:93:14:34:a1:3a:27:c0:9a:6b:b7:02:52:a2:30:
                    2a:01:67:dc:5a:fc:3b:5f:05:4e:9a:0d:de:e3:01:
                    43:5d:9c:1f:1e:97:79:a8:66:fe:d8:42:51:4d:c1:
                    65:8b:ad:cd:e6:83:bc:43:b4:09:82:25:c7:b8:bf:
                    a4:45:c4:99:af:41:91:88:b0:2c:db:b5:1d:4c:49:
                    2c:18:bb:e6:21:c3:6a:1b:ac:45:60:b2:91:7b:70:
                    65:6f:e5:07:a7:14:9e:5d:88:ff:e1:8f:14:14:2c:
                    fa:29:d6:9c:6e:7a:b8:1b:6b:ad:d8:79:6c:50:2a:
                    f4:0a:43:0a:b1:98:b9:39:b4:07:ca:64:44:f8:f3:
                    93:90:a7:ca:d0:dc:e8:ab:b5:00:17:83:d0:d7:2a:
                    63:d3:73:a4:77:1f:0a:aa:66:5b:9f:2c:ba:fc:6a:
                    05:be:17:d3:1f:1e:56:f4:b5:49:a3:b8:a3:0c:45:
                    2c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:A9:5C:1D:97:20:4E:51:88:69:D3:3A:88:48:39:72:AC:28:C0:94
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7d:6e:73:a9:09:9c:87:37:0a:9b:e1:dd:c0:46:b3:ea:92:
         ec:3d:a6:05:8f:2b:fc:e1:b7:4d:b0:81:da:f6:57:d6:9a:ee:
         53:65:0f:f1:db:7a:e2:f2:67:15:21:b7:9a:86:d1:69:01:32:
         3b:fb:af:4b:ae:59:a7:50:d7:14:a5:42:90:85:86:9f:9a:18:
         74:1b:36:30:51:99:2b:b0:6c:3b:b4:ba:bd:e4:86:a1:89:e9:
         99:b7:50:b9:1c:82:91:0e:2f:d2:c8:91:f4:76:af:2b:5b:50:
         14:0c:15:82:d6:47:4b:30:b4:f7:d0:f7:b8:c4:fd:86:c6:7f:
         33:65:5e:34:d0:c4:1e:60:2b:25:06:76:d5:11:0b:a4:bb:5f:
         a0:9b:c8:f9:1a:fc:ef:2c:6e:6d:53:66:cf:f5:02:c5:85:20:
         2d:97:37:52:92:48:ae:7a:83:73:77:ac:30:96:68:ee:fb:f1:
         47:a7:55:df:4e:d9:fb:7a:7f:36:1f:f7:18:67:d7:64:20:90:
         67:62:1f:b1:86:f1:1f:e7:7c:23:ea:79:cb:12:bf:93:90:de:
         41:d9:8e:99:05:10:19:27:b6:41:85:c0:ec:a6:a8:e3:8a:c8:
         6f:af:17:66:0e:3b:73:95:2a:98:96:01:6c:cc:ed:f6:65:1b:
         ec:18:33:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvCoXy+xoVLq/7pQFUKGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjUwODIzMDcwMjE1WhcNMjUwODI0MDcwMjE1WjAzMTEwLwYDVQQD
EyhiOWE5NWMxZDk3MjA0ZTUxODg2OWQzM2E4ODQ4Mzk3MmFjMjhjMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPvxLBi5ZWnTk+X+0+8Ox0k5JM1B
bLTHYHjbMoUJxuPpCPqlbZGUuUPgDcrnFNlgpIsyc+fj6kKqJZe+sIN4rPbmLNMz
oyvleWZ7kxQ0oTonwJprtwJSojAqAWfcWvw7XwVOmg3e4wFDXZwfHpd5qGb+2EJR
TcFli63N5oO8Q7QJgiXHuL+kRcSZr0GRiLAs27UdTEksGLvmIcNqG6xFYLKRe3Bl
b+UHpxSeXYj/4Y8UFCz6Kdacbnq4G2ut2HlsUCr0CkMKsZi5ObQHymRE+POTkKfK
0Nzoq7UAF4PQ1ypj03Okdx8KqmZbnyy6/GoFvhfTHx5W9LVJo7ijDEUsIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmpXB2XIE5RiGnTOohIOXKsKMCUMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM31uc6kJ
nIc3Cpvh3cBGs+qS7D2mBY8r/OG3TbCB2vZX1pruU2UP8dt64vJnFSG3mobRaQEy
O/uvS65Zp1DXFKVCkIWGn5oYdBs2MFGZK7BsO7S6veSGoYnpmbdQuRyCkQ4v0siR
9HavK1tQFAwVgtZHSzC099D3uMT9hsZ/M2VeNNDEHmArJQZ21RELpLtfoJvI+Rr8
7yxubVNmz/UCxYUgLZc3UpJIrnqDc3esMJZo7vvxR6dV307Z+3p/Nh/3GGfXZCCQ
Z2IfsYbxH+d8I+p5yxK/k5DeQdmOmQUQGSe2QYXA7Kao44rIb68XZg47c5UqmJYB
bMzt9mUb7BgzRQ==
-----END CERTIFICATE-----