Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          8RQI8BgvCr1O/TZ5B6zXZVZKeNpOfyBoWHADVkIL9eU=
Subject key identifier:   AD:2F:64:31:0C:1D:5E:AC:39:B0:C0:1F:B4:ED:09:86:BE:75:43:D8
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       0197B8FD59D256CF59A3CCF14160E0252306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          1443
Signing time:             Sun 29 Jun 2025 00:01:40 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:40 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:40 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: SHRwn/tKyUBIaog5IUi8CvIjeT531a0jOFs8J9MGeT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:59:d2:56:cf:59:a3:cc:f1:41:60:e0:25:23:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Jun 29 00:01:40 2025 GMT
            Not After : Jun 30 00:01:40 2025 GMT
        Subject: CN=ad2f64310c1d5eac39b0c01fb4ed0986be7543d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:92:ad:15:51:81:37:ae:97:bd:e5:86:c3:d6:
                    a8:30:cd:ff:22:be:1f:0b:98:80:ba:d8:70:67:39:
                    7d:d6:c4:c9:29:44:1e:e1:ae:ec:26:b7:82:4f:05:
                    d5:59:2e:a9:09:2f:ff:13:b2:17:23:d3:95:6a:e2:
                    98:5f:e9:bf:fc:56:12:c4:cb:7e:c8:11:7e:e6:71:
                    d8:f3:f3:b6:dd:96:02:06:19:5c:72:34:9f:b1:ac:
                    5a:41:3f:2a:af:5c:3d:78:29:cd:43:31:0f:01:04:
                    94:13:cf:5a:0d:a4:0e:6d:dd:7a:a2:b5:79:fb:a9:
                    ff:93:8a:1e:38:95:06:6a:57:0b:4f:18:d1:82:28:
                    b2:8b:d6:18:6e:2a:aa:ff:b6:f3:82:e3:be:e2:c4:
                    9d:31:40:e6:d0:6d:1a:36:48:12:c0:00:69:6a:b1:
                    32:71:e7:7d:b6:9b:20:b2:7b:1e:fc:3f:30:72:90:
                    a4:78:9e:c3:54:49:1d:1f:a4:00:b4:3f:f0:2c:31:
                    78:17:36:d2:de:0f:de:ba:51:57:2f:2b:07:db:e8:
                    0c:bb:d9:76:d3:ca:0f:29:6e:1a:6d:85:4e:7e:53:
                    cc:51:81:07:52:81:1d:46:db:f4:43:09:81:e5:58:
                    db:cc:0a:a7:0a:65:28:82:30:34:e4:91:4c:ac:e2:
                    b0:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:2F:64:31:0C:1D:5E:AC:39:B0:C0:1F:B4:ED:09:86:BE:75:43:D8
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:45:97:91:84:4a:f4:8f:a7:a4:29:5c:c5:1f:e6:ef:59:7f:
         c6:cb:ae:e3:e5:a9:d7:a0:c9:81:15:d9:c3:0e:52:89:93:6f:
         50:87:d6:7f:2e:6a:c6:25:b3:17:77:57:f8:b9:98:de:1f:f4:
         c0:a0:9e:13:27:fc:a0:b6:aa:0a:49:3b:8d:a3:a1:72:d6:cf:
         99:4c:13:aa:8d:7b:40:53:d8:d7:4f:62:22:1a:c5:86:62:82:
         49:2d:fd:8e:c8:63:a6:b2:4c:b2:8f:a1:89:fb:70:f4:f4:78:
         78:a6:1b:b9:5d:01:b0:25:36:5f:5c:99:bc:5c:9b:71:d8:2a:
         41:f8:51:37:6c:56:2d:cd:e6:b5:8f:30:6d:d8:44:39:dd:5c:
         51:45:94:f8:34:d6:82:25:f1:54:bc:cf:c8:37:26:d5:f6:1c:
         57:ab:7a:51:2c:8a:8f:85:47:5b:d1:c0:cc:e7:83:f7:df:44:
         b0:bf:71:d6:8d:2f:48:29:10:08:2c:f6:a4:de:d6:e8:ea:83:
         3a:0b:0a:6d:ca:ff:ba:25:4b:5e:da:27:d7:9e:2a:28:c1:a0:
         f1:51:cb:a6:5f:a4:db:ef:fa:1d:8b:46:cb:22:cd:7e:cf:20:
         0e:16:0b:ac:31:72:66:ec:d4:57:b7:4f:6a:5b:03:52:32:5c:
         ee:d2:ce:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/VnSVs9Zo8zxQWDgJSMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUwNjI5MDAwMTQwWhcNMjUwNjMwMDAwMTQwWjAzMTEwLwYDVQQD
EyhhZDJmNjQzMTBjMWQ1ZWFjMzliMGMwMWZiNGVkMDk4NmJlNzU0M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35KtFVGBN66XveWGw9aoMM3/Ir4f
C5iAuthwZzl91sTJKUQe4a7sJreCTwXVWS6pCS//E7IXI9OVauKYX+m//FYSxMt+
yBF+5nHY8/O23ZYCBhlccjSfsaxaQT8qr1w9eCnNQzEPAQSUE89aDaQObd16orV5
+6n/k4oeOJUGalcLTxjRgiiyi9YYbiqq/7bzguO+4sSdMUDm0G0aNkgSwABparEy
ced9tpsgsnse/D8wcpCkeJ7DVEkdH6QAtD/wLDF4FzbS3g/eulFXLysH2+gMu9l2
08oPKW4abYVOflPMUYEHUoEdRtv0QwmB5VjbzAqnCmUogjA05JFMrOKwFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0vZDEMHV6sObDAH7TtCYa+dUPYMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjEWXkYRK
9I+npClcxR/m71l/xsuu4+Wp16DJgRXZww5SiZNvUIfWfy5qxiWzF3dX+LmY3h/0
wKCeEyf8oLaqCkk7jaOhctbPmUwTqo17QFPY109iIhrFhmKCSS39jshjprJMso+h
iftw9PR4eKYbuV0BsCU2X1yZvFybcdgqQfhRN2xWLc3mtY8wbdhEOd1cUUWU+DTW
giXxVLzPyDcm1fYcV6t6USyKj4VHW9HAzOeD999EsL9x1o0vSCkQCCz2pN7W6OqD
OgsKbcr/uiVLXton154qKMGg8VHLpl+k2+/6HYtGyyLNfs8gDhYLrDFyZuzUV7dP
alsDUjJc7tLORw==
-----END CERTIFICATE-----