Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          q4hzY6E6R9xlLTaxKFXST0j2t/bUbQOljvkyvJJz9VU=
Subject key identifier:   AA:D6:23:FE:9A:CF:94:AF:63:A5:50:EA:71:3A:52:A9:92:E3:C3:DA
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       0197B7EA5C6D231C8C35C068A19209747413
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0516
Signing time:             Sat 28 Jun 2025 19:01:18 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:18 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:18 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: wMJbg73K2DttdFjkxUuLB3bnkTL4QCoLGtgAEwxeFdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:5c:6d:23:1c:8c:35:c0:68:a1:92:09:74:74:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Jun 28 19:01:18 2025 GMT
            Not After : Jun 29 19:01:18 2025 GMT
        Subject: CN=aad623fe9acf94af63a550ea713a52a992e3c3da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a2:8c:ec:17:a0:cb:2b:57:e0:6a:e2:56:13:
                    33:31:5e:87:4f:77:80:4c:01:dc:fd:fc:a9:5e:da:
                    80:44:eb:a7:10:15:ce:6a:3a:84:d8:8c:cd:c4:75:
                    e5:d5:2a:a1:d6:db:f9:df:22:9c:59:5f:95:c6:13:
                    73:56:80:6f:67:9c:fb:1b:0e:af:b1:97:af:cd:9a:
                    66:14:c3:23:75:f4:ee:5d:d0:b2:56:ef:5a:53:c7:
                    04:a1:43:57:d8:f7:da:50:0c:47:1b:62:38:10:6d:
                    46:79:d4:e7:94:0f:f4:f8:fa:6a:5e:d6:f7:82:2e:
                    bf:fd:65:aa:86:99:d9:96:42:90:08:4a:3f:e1:3a:
                    7e:e1:28:4f:4f:a5:ef:d2:81:45:89:12:ed:99:b7:
                    c6:6c:3d:58:59:8f:94:8b:fd:d8:13:e1:a4:1a:fe:
                    d2:11:ca:f5:d3:24:90:e7:26:04:b8:ab:10:cf:bc:
                    02:1c:d2:8c:d3:1f:fa:9c:30:fc:95:b5:a5:53:a4:
                    aa:f9:80:1d:e0:7b:01:4c:ca:83:5e:b6:41:97:20:
                    45:cf:91:1e:2b:4b:9c:03:86:01:ce:05:3d:90:bf:
                    1f:6f:92:02:a7:44:29:59:53:e2:9a:48:4c:1b:b8:
                    08:3f:8e:f2:8e:2b:b9:5e:30:5f:ad:1c:68:82:b0:
                    fc:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:D6:23:FE:9A:CF:94:AF:63:A5:50:EA:71:3A:52:A9:92:E3:C3:DA
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:2d:ba:47:21:5b:e9:cc:3d:62:e2:e7:88:e6:a5:5c:21:98:
         37:fd:43:c4:b2:29:05:48:8b:ed:ab:84:9c:81:ce:06:f2:1a:
         ed:33:aa:eb:51:ad:10:2b:c4:b2:2d:a5:c8:a3:4b:cd:a5:51:
         b2:4b:24:83:8e:73:fa:5e:af:fe:3f:17:64:d5:c1:44:00:00:
         84:0f:b8:35:05:4f:8b:1f:53:f0:0c:70:2f:69:4c:46:38:c8:
         7f:78:6c:30:15:07:19:5c:63:fe:36:51:6d:b0:40:b6:7d:7c:
         93:1c:d0:5d:5e:6f:7a:81:33:2e:65:d7:ba:51:c8:24:8f:b4:
         11:2c:8a:73:c3:33:0e:64:3a:04:bd:1e:f3:84:08:d5:cc:d7:
         38:a3:fe:1d:64:f1:61:a5:10:3f:88:e3:6f:7c:4e:f9:05:ef:
         39:93:eb:d8:8a:9e:b0:3b:52:ef:e6:83:52:de:1a:74:b2:01:
         2b:b4:84:ab:38:9d:06:ea:60:23:ea:82:0f:ff:3f:ab:fa:95:
         0a:28:6b:52:c0:15:12:e6:68:ad:6e:44:a2:dc:a8:73:7c:d8:
         5a:b3:86:c2:20:22:a9:43:4f:29:30:de:25:f1:63:0e:d1:10:
         da:f4:c2:50:0d:cb:68:1f:9a:6f:b9:47:cb:cf:ed:cb:c7:29:
         85:9a:cc:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36lxtIxyMNcBooZIJdHQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwNjI4MTkwMTE4WhcNMjUwNjI5MTkwMTE4WjAzMTEwLwYDVQQD
EyhhYWQ2MjNmZTlhY2Y5NGFmNjNhNTUwZWE3MTNhNTJhOTkyZTNjM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qKM7BegyytX4GriVhMzMV6HT3eA
TAHc/fypXtqAROunEBXOajqE2IzNxHXl1Sqh1tv53yKcWV+VxhNzVoBvZ5z7Gw6v
sZevzZpmFMMjdfTuXdCyVu9aU8cEoUNX2PfaUAxHG2I4EG1GedTnlA/0+PpqXtb3
gi6//WWqhpnZlkKQCEo/4Tp+4ShPT6Xv0oFFiRLtmbfGbD1YWY+Ui/3YE+GkGv7S
Ecr10ySQ5yYEuKsQz7wCHNKM0x/6nDD8lbWlU6Sq+YAd4HsBTMqDXrZBlyBFz5Ee
K0ucA4YBzgU9kL8fb5ICp0QpWVPimkhMG7gIP47yjiu5XjBfrRxogrD8UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrWI/6az5SvY6VQ6nE6UqmS48PaMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4S26RyFb
6cw9YuLniOalXCGYN/1DxLIpBUiL7auEnIHOBvIa7TOq61GtECvEsi2lyKNLzaVR
skskg45z+l6v/j8XZNXBRAAAhA+4NQVPix9T8AxwL2lMRjjIf3hsMBUHGVxj/jZR
bbBAtn18kxzQXV5veoEzLmXXulHIJI+0ESyKc8MzDmQ6BL0e84QI1czXOKP+HWTx
YaUQP4jjb3xO+QXvOZPr2IqesDtS7+aDUt4adLIBK7SEqzidBupgI+qCD/8/q/qV
CihrUsAVEuZorW5Eotyoc3zYWrOGwiAiqUNPKTDeJfFjDtEQ2vTCUA3LaB+ab7lH
y8/ty8cphZrMnQ==
-----END CERTIFICATE-----