Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          4E4pq+DheW28Ufccz9Yj58ykoJFlPnqy3zg3q4I0Zvg=
Subject key identifier:   9C:79:2B:C3:C4:35:4E:64:A6:E2:E4:58:40:60:CF:49:70:AE:5B:1A
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       0198D6CD964ED5FAEFD7EAF45FA5F5816B40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          14D7
Signing time:             Sat 23 Aug 2025 12:00:54 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:54 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:54 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: 2xN6KYNxg9884wKxHaS2csCjtGuvvXVAzmnJei2DXb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:96:4e:d5:fa:ef:d7:ea:f4:5f:a5:f5:81:6b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Aug 23 12:00:54 2025 GMT
            Not After : Aug 24 12:00:54 2025 GMT
        Subject: CN=9c792bc3c4354e64a6e2e4584060cf4970ae5b1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:78:1e:3a:7b:e0:aa:f5:db:67:27:1c:12:b2:
                    51:45:e5:87:a3:69:a7:fc:59:16:72:8b:f0:ae:4d:
                    a4:8c:73:47:f2:c3:89:9f:53:a7:64:a9:c3:80:6d:
                    fe:19:60:3e:4f:65:d7:4c:fb:d6:e7:15:bd:f7:ef:
                    1f:51:88:7f:eb:29:b9:47:e5:7b:8a:70:e8:f0:7f:
                    2d:13:f3:61:6e:b3:7c:b5:2f:8e:c1:40:77:71:3b:
                    87:70:0e:e7:c0:ed:72:c5:10:8b:58:91:80:6a:a9:
                    07:e6:e9:86:65:b9:64:2b:ba:a8:80:a0:b7:26:c1:
                    83:0f:ab:17:d9:24:51:4a:33:8f:cc:e9:04:82:55:
                    14:dc:21:7c:20:32:6c:4e:4f:87:f9:4d:5b:84:7d:
                    27:72:52:65:ed:9a:13:50:d8:80:c4:7d:8c:fe:7c:
                    25:d1:93:48:2c:79:07:7d:72:d8:99:97:bf:64:35:
                    bf:3c:4d:0f:44:c4:01:34:71:76:45:50:04:94:0a:
                    31:a6:b4:43:d2:5c:18:9c:87:04:f8:dd:98:25:a8:
                    87:15:3e:bf:b5:9a:6e:ee:a8:e4:01:9c:c4:43:86:
                    67:08:95:68:21:ca:16:be:2d:83:ab:bd:8b:c0:9a:
                    1d:6e:d6:77:c7:2b:0e:a5:92:c6:f9:9b:f1:92:10:
                    da:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:79:2B:C3:C4:35:4E:64:A6:E2:E4:58:40:60:CF:49:70:AE:5B:1A
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:1b:d2:5d:75:cc:82:8d:bb:83:6e:a1:ad:01:8e:28:f1:f8:
         97:45:ab:1c:3f:ca:1d:75:20:4f:53:6b:d7:0a:bd:81:93:d0:
         d0:68:2c:59:42:cd:cb:95:74:33:79:8e:36:e5:07:9a:d5:71:
         6e:0b:70:fb:a1:49:bc:63:3a:9f:67:2f:36:fb:c1:8c:36:18:
         3b:bd:f5:c2:70:73:be:ec:dd:bd:f8:43:b4:1d:98:f9:76:4e:
         ef:44:d0:55:54:6a:fc:92:39:15:3b:31:8f:68:83:ee:6f:39:
         4c:48:02:fd:49:f8:23:05:36:4e:63:46:58:d2:52:fe:34:a9:
         f1:31:a9:8a:29:ad:b9:cd:a7:05:0d:f5:fb:7a:91:ec:77:d6:
         74:13:33:4a:b7:82:bb:8f:7d:3b:2e:cd:14:92:a1:70:06:22:
         c8:ab:ba:d5:2d:57:e6:34:28:14:e0:e6:9a:32:87:9c:a7:38:
         44:a6:14:fc:a3:39:32:bb:54:0a:65:87:79:2d:c7:8b:98:23:
         79:91:21:99:40:48:4f:38:8d:87:7e:e6:8a:c8:cf:d8:98:98:
         55:26:6d:d1:37:42:82:48:0d:6d:cc:18:dc:0d:a8:97:47:bb:
         50:84:0d:24:75:d0:b2:36:42:71:69:84:64:50:1d:5b:25:7d:
         f2:7e:1b:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZZO1frv1+r0X6X1gWtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUwODIzMTIwMDU0WhcNMjUwODI0MTIwMDU0WjAzMTEwLwYDVQQD
Eyg5Yzc5MmJjM2M0MzU0ZTY0YTZlMmU0NTg0MDYwY2Y0OTcwYWU1YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHgeOnvgqvXbZyccErJRReWHo2mn
/FkWcovwrk2kjHNH8sOJn1OnZKnDgG3+GWA+T2XXTPvW5xW99+8fUYh/6ym5R+V7
inDo8H8tE/NhbrN8tS+OwUB3cTuHcA7nwO1yxRCLWJGAaqkH5umGZblkK7qogKC3
JsGDD6sX2SRRSjOPzOkEglUU3CF8IDJsTk+H+U1bhH0nclJl7ZoTUNiAxH2M/nwl
0ZNILHkHfXLYmZe/ZDW/PE0PRMQBNHF2RVAElAoxprRD0lwYnIcE+N2YJaiHFT6/
tZpu7qjkAZzEQ4ZnCJVoIcoWvi2Dq72LwJodbtZ3xysOpZLG+ZvxkhDatwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJx5K8PENU5kpuLkWEBgz0lwrlsaMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxvSXXXM
go27g26hrQGOKPH4l0WrHD/KHXUgT1Nr1wq9gZPQ0GgsWULNy5V0M3mONuUHmtVx
bgtw+6FJvGM6n2cvNvvBjDYYO731wnBzvuzdvfhDtB2Y+XZO70TQVVRq/JI5FTsx
j2iD7m85TEgC/Un4IwU2TmNGWNJS/jSp8TGpiimtuc2nBQ31+3qR7HfWdBMzSreC
u499Oy7NFJKhcAYiyKu61S1X5jQoFODmmjKHnKc4RKYU/KM5MrtUCmWHeS3Hi5gj
eZEhmUBITziNh37misjP2JiYVSZt0TdCgkgNbcwY3A2ol0e7UIQNJHXQsjZCcWmE
ZFAdWyV98n4b6g==
-----END CERTIFICATE-----