Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          KtKrAAE3dkcAv3k56LIN9tAp3dZkP1gx20/4cUEQ9jc=
Subject key identifier:   1B:8E:B3:EB:F3:CC:85:70:FF:36:27:94:96:5A:78:A1:5F:D1:4A:A7
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       0197B6A1455DE941974A85336FB3E96C4101
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0646
Signing time:             Sat 28 Jun 2025 13:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:51 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: wGpCPGVWHZeu9sCd+LNa8ocZzpU053oi+ns2VOOIpFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:45:5d:e9:41:97:4a:85:33:6f:b3:e9:6c:41:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Jun 28 13:01:51 2025 GMT
            Not After : Jun 29 13:01:51 2025 GMT
        Subject: CN=1b8eb3ebf3cc8570ff362794965a78a15fd14aa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f7:bf:e1:e2:39:6f:e6:57:49:32:a8:ff:13:
                    40:e1:50:b8:57:c4:04:c7:40:3e:c5:1e:e9:fb:2a:
                    60:03:3e:1d:0a:62:13:0e:2f:27:29:e2:4a:cf:9d:
                    98:c9:a7:c6:83:f8:a2:d4:6d:1d:e1:f1:34:4d:2b:
                    c1:53:e9:b2:b1:c8:a0:b4:21:29:3d:57:78:d8:4f:
                    28:91:f7:1c:32:27:22:e3:17:54:04:ee:7a:12:91:
                    2c:be:fc:b3:75:a4:78:65:df:d8:90:0a:4d:7b:b9:
                    ac:7e:d1:4c:06:e8:44:8f:80:29:15:ab:f5:13:33:
                    39:9a:06:0a:30:0f:44:00:ce:71:e1:6b:03:10:b3:
                    41:81:d9:14:10:70:f8:6d:5d:b4:e1:a2:6f:a8:79:
                    9b:82:de:75:0c:a2:be:5a:8e:22:93:64:b9:0b:99:
                    46:70:d3:ec:d9:af:34:8b:84:3c:27:e9:c6:b4:5f:
                    72:9f:19:8f:0e:64:6f:cd:c3:a3:78:5b:94:76:74:
                    81:ca:0c:2d:60:bd:bf:62:f0:3e:59:24:98:1f:04:
                    6e:cd:0b:78:de:e1:56:5c:cb:b6:e2:3d:1f:88:b8:
                    ac:da:72:eb:b3:b1:88:80:14:a4:b5:75:f0:6b:0a:
                    43:1c:ba:24:fe:80:63:d2:e8:38:4c:42:02:47:5e:
                    e3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:8E:B3:EB:F3:CC:85:70:FF:36:27:94:96:5A:78:A1:5F:D1:4A:A7
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:ed:87:63:21:31:9e:d7:07:d0:c9:29:04:d1:73:0f:01:4a:
         82:cc:ce:74:c6:a1:ef:d4:59:75:9d:15:32:a1:e7:4a:14:d1:
         db:18:bf:d2:f7:a2:da:e0:46:54:62:7b:0b:d8:cd:4a:ec:94:
         8d:fd:d6:ef:92:5d:f9:52:2d:da:89:c7:7b:c9:d9:ab:14:de:
         b3:0f:24:cb:6c:b2:80:8d:51:e6:d1:e8:81:39:9b:b8:87:d1:
         f1:ab:7e:1d:72:64:8f:bc:dd:f7:0d:66:08:c3:0f:99:98:2b:
         8b:66:ca:77:f3:ab:c6:91:59:04:ee:f0:55:de:8f:9d:6b:7e:
         75:9c:21:81:a9:b8:3d:99:e0:71:af:bf:57:c9:e4:2a:ad:5c:
         3a:59:91:48:3d:44:0e:c3:3f:21:9c:4a:13:07:fe:fc:cc:7c:
         8f:02:68:cc:8a:6b:2a:50:3b:02:58:2a:50:76:4b:66:80:f7:
         05:b6:2c:03:0f:42:22:51:37:34:fc:81:d2:a4:46:6b:90:4a:
         5e:a9:ad:ef:c3:c5:47:fa:e2:26:48:a5:ab:e4:97:b6:1d:a3:
         1a:e0:e0:cf:2f:8f:2a:72:fa:0f:c6:95:f5:5c:17:39:d3:61:
         ef:02:95:c2:32:e6:50:3b:53:eb:6b:49:43:57:10:18:c6:d4:
         a9:18:b0:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUVd6UGXSoUzb7PpbEEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUwNjI4MTMwMTUxWhcNMjUwNjI5MTMwMTUxWjAzMTEwLwYDVQQD
EygxYjhlYjNlYmYzY2M4NTcwZmYzNjI3OTQ5NjVhNzhhMTVmZDE0YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/e/4eI5b+ZXSTKo/xNA4VC4V8QE
x0A+xR7p+ypgAz4dCmITDi8nKeJKz52YyafGg/ii1G0d4fE0TSvBU+myscigtCEp
PVd42E8okfccMici4xdUBO56EpEsvvyzdaR4Zd/YkApNe7msftFMBuhEj4ApFav1
EzM5mgYKMA9EAM5x4WsDELNBgdkUEHD4bV204aJvqHmbgt51DKK+Wo4ik2S5C5lG
cNPs2a80i4Q8J+nGtF9ynxmPDmRvzcOjeFuUdnSBygwtYL2/YvA+WSSYHwRuzQt4
3uFWXMu24j0fiLis2nLrs7GIgBSktXXwawpDHLok/oBj0ug4TEICR17jqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuOs+vzzIVw/zYnlJZaeKFf0UqnMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOe2HYyEx
ntcH0MkpBNFzDwFKgszOdMah79RZdZ0VMqHnShTR2xi/0vei2uBGVGJ7C9jNSuyU
jf3W75Jd+VIt2onHe8nZqxTesw8ky2yygI1R5tHogTmbuIfR8at+HXJkj7zd9w1m
CMMPmZgri2bKd/OrxpFZBO7wVd6PnWt+dZwhgam4PZngca+/V8nkKq1cOlmRSD1E
DsM/IZxKEwf+/Mx8jwJozIprKlA7AlgqUHZLZoD3BbYsAw9CIlE3NPyB0qRGa5BK
Xqmt78PFR/riJkilq+SXth2jGuDgzy+PKnL6D8aV9VwXOdNh7wKVwjLmUDtT62tJ
Q1cQGMbUqRiwhQ==
-----END CERTIFICATE-----