Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
File:                     2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft (raw, json)
Hash identifier:          ee7VAhha8t1XwZgFSoOR7FC0yhIzRDOdvDKurBz5OyI=
Subject key identifier:   62:40:4A:D7:8D:D1:D2:91:75:AF:82:01:B9:88:BC:E8:9F:30:1E:B9
Authority key identifier: D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
Certificate issuer:       /CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Certificate serial:       0197B6A118BABC72F60D011772AA59BAA750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:01:40 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:40 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:40 +0000
Files and hashes:         1: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl (hash: LCsvqHSTOeKBSgNo2ez7veq3tdKmgn/Zcs+yCij3l+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:18:ba:bc:72:f6:0d:01:17:72:aa:59:ba:a7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9187c9ac10f205152b128ecdc2157c9024916a4
        Validity
            Not Before: Jun 28 13:01:40 2025 GMT
            Not After : Jun 29 13:01:40 2025 GMT
        Subject: CN=62404ad78dd1d29175af8201b988bce89f301eb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bd:32:d1:af:0d:48:30:c7:85:de:08:bd:c5:
                    26:6d:1c:cc:b4:64:d9:25:84:ff:f1:ae:7b:40:b4:
                    58:97:25:10:5f:ef:94:59:db:86:84:72:5e:16:25:
                    fa:3d:51:ae:f8:54:08:92:a3:1b:77:0b:a6:35:0f:
                    67:58:fb:89:73:4e:2d:c0:46:88:7d:f9:48:89:80:
                    7b:d2:85:4b:4f:9b:2c:5f:23:32:98:94:07:be:28:
                    01:4f:39:0a:8e:fd:e3:67:a9:f3:af:71:95:4d:84:
                    04:ab:01:5c:d1:c5:68:f4:43:b3:e1:c1:0e:6f:89:
                    97:4a:a2:bb:92:37:38:a9:85:8e:e6:52:df:79:cd:
                    ee:39:5d:ce:89:b2:f7:7e:d5:cb:1e:42:4a:d6:c8:
                    ae:37:aa:21:44:d8:a3:e5:58:f2:f5:dd:2c:9c:d6:
                    5a:ec:a1:b9:fc:81:f7:a1:9c:2b:7e:21:d7:9f:c9:
                    10:3c:a2:d8:8e:77:48:6b:ca:f0:da:2f:25:5e:8b:
                    b1:8c:30:64:c4:4a:16:64:b9:9d:f0:3e:d1:08:3f:
                    91:23:f8:75:10:8e:88:f1:c2:2f:0b:ca:be:9a:a5:
                    1c:c9:8a:9f:36:2a:1c:fb:97:bb:ec:d2:2b:bf:62:
                    26:24:a8:ec:c4:d6:71:a6:c0:46:dd:62:6a:1a:87:
                    5c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:40:4A:D7:8D:D1:D2:91:75:AF:82:01:B9:88:BC:E8:9F:30:1E:B9
            X509v3 Authority Key Identifier:
                keyid:D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:3f:b1:83:9f:6f:06:e9:a9:2f:83:2a:0b:b4:de:6f:ef:99:
         06:b9:9c:ad:d6:b3:ef:e7:d5:cc:5f:16:44:a0:af:a4:ff:e7:
         7f:e8:36:0f:08:52:9d:67:7f:f3:64:f1:fa:25:f0:21:ba:99:
         2c:d2:33:c9:3e:9f:59:db:fc:3f:46:b0:98:df:d3:5a:30:84:
         d2:78:ec:0b:29:02:30:59:8d:2c:dd:65:68:99:e8:c1:a4:a6:
         b0:c3:c9:54:bd:9d:f6:f6:8a:e0:2c:be:93:bf:52:8e:46:54:
         d4:88:db:45:ee:8f:06:3c:3a:0f:d7:27:cf:1b:7f:f3:07:5f:
         ae:79:26:78:c9:31:86:42:87:94:48:cf:b6:80:a4:8c:43:e3:
         82:d7:52:1f:20:a2:ff:44:84:ce:c2:e4:6b:44:03:cb:23:68:
         78:d6:8b:02:3f:71:a0:91:e2:91:b3:7c:46:c5:89:76:98:c6:
         77:36:ec:43:44:e3:de:cd:bb:3b:b7:f9:8d:cd:47:f1:df:61:
         32:08:ec:5b:39:85:3d:71:26:cf:77:4c:4d:45:5d:61:2f:0d:
         d5:09:b2:e5:29:d2:79:a7:dd:74:20:10:df:03:e4:5f:9c:bd:
         e2:e9:7f:2a:d1:7a:36:10:e9:74:9b:1e:2b:f1:ef:33:5a:50:
         d3:f5:70:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRi6vHL2DQEXcqpZuqdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTg3YzlhYzEwZjIwNTE1MmIxMjhlY2RjMjE1N2M5MDI0
OTE2YTQwHhcNMjUwNjI4MTMwMTQwWhcNMjUwNjI5MTMwMTQwWjAzMTEwLwYDVQQD
Eyg2MjQwNGFkNzhkZDFkMjkxNzVhZjgyMDFiOTg4YmNlODlmMzAxZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr0y0a8NSDDHhd4IvcUmbRzMtGTZ
JYT/8a57QLRYlyUQX++UWduGhHJeFiX6PVGu+FQIkqMbdwumNQ9nWPuJc04twEaI
fflIiYB70oVLT5ssXyMymJQHvigBTzkKjv3jZ6nzr3GVTYQEqwFc0cVo9EOz4cEO
b4mXSqK7kjc4qYWO5lLfec3uOV3OibL3ftXLHkJK1siuN6ohRNij5Vjy9d0snNZa
7KG5/IH3oZwrfiHXn8kQPKLYjndIa8rw2i8lXouxjDBkxEoWZLmd8D7RCD+RI/h1
EI6I8cIvC8q+mqUcyYqfNioc+5e77NIrv2ImJKjsxNZxpsBG3WJqGodcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJASteN0dKRda+CAbmIvOifMB65MB8GA1UdIwQY
MBaAFNkYfJrBDyBRUrEo7NwhV8kCSRakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEt
MjRiMzA2MDZlMjE5LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEtMjRiMzA2MDZlMjE5
LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtz+xg59v
BumpL4MqC7Teb++ZBrmcrdaz7+fVzF8WRKCvpP/nf+g2DwhSnWd/82Tx+iXwIbqZ
LNIzyT6fWdv8P0awmN/TWjCE0njsCykCMFmNLN1laJnowaSmsMPJVL2d9vaK4Cy+
k79SjkZU1IjbRe6PBjw6D9cnzxt/8wdfrnkmeMkxhkKHlEjPtoCkjEPjgtdSHyCi
/0SEzsLka0QDyyNoeNaLAj9xoJHikbN8RsWJdpjGdzbsQ0Tj3s27O7f5jc1H8d9h
MgjsWzmFPXEmz3dMTUVdYS8N1Qmy5SnSeafddCAQ3wPkX5y94ul/KtF6NhDpdJse
K/HvM1pQ0/VwUA==
-----END CERTIFICATE-----