Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          UxvBtwz4XGpDP8LBC+RU5NVFxWMncQap5g6DWoTsvoY=
Subject key identifier:   53:3B:F6:4C:C2:F8:D8:43:80:26:2D:88:44:10:B1:EF:B3:50:B3:8A
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       0198D5BBAC0ADF3D05E83BF106B38D0F8748
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          05AA
Signing time:             Sat 23 Aug 2025 07:01:42 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:42 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:42 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: TOTFyFwXe7PcqzA8X9ZfRYObbgLestxUUTtxxo9Z4ZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ac:0a:df:3d:05:e8:3b:f1:06:b3:8d:0f:87:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Aug 23 07:01:42 2025 GMT
            Not After : Aug 24 07:01:42 2025 GMT
        Subject: CN=533bf64cc2f8d84380262d884410b1efb350b38a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:30:f3:5b:24:34:07:00:cd:1c:3b:4e:a8:43:
                    bf:77:72:be:72:e3:46:a7:c2:37:d6:a9:35:35:82:
                    61:63:66:cd:2d:b8:5c:1b:59:c0:be:70:34:3b:1c:
                    36:0e:9d:69:0f:74:73:ca:b3:6d:47:79:3f:f2:f0:
                    f8:d0:bb:25:04:14:a6:14:9e:6e:a4:e9:ff:39:39:
                    f6:5c:a6:a3:5e:c1:72:13:19:9a:36:40:4c:20:df:
                    cf:07:b4:52:04:05:c1:b7:02:cb:73:57:63:a8:35:
                    9d:13:e6:40:c9:41:11:5a:00:89:d5:b7:3d:11:94:
                    02:14:52:45:5e:73:c5:f1:27:63:a2:cb:6d:5c:d8:
                    68:3a:58:f9:6e:79:dd:df:2c:ac:ae:fd:6d:be:47:
                    d5:6f:bf:80:91:41:53:b5:4a:7a:b1:5e:a2:c5:81:
                    07:20:21:7f:cd:18:56:9c:04:3a:5b:d3:52:39:e0:
                    55:f6:88:94:37:28:bb:19:bc:a1:11:11:74:0a:da:
                    7a:e9:86:5e:74:76:0b:3a:dc:81:ba:fa:af:3e:39:
                    0f:dc:02:03:9e:07:5b:f1:55:d9:dd:aa:6e:da:e1:
                    84:7f:82:4c:cb:16:a6:a7:1d:9d:03:58:33:07:e6:
                    22:cf:3f:f6:9d:89:66:f1:5d:0f:f0:e9:03:d1:7f:
                    bb:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:3B:F6:4C:C2:F8:D8:43:80:26:2D:88:44:10:B1:EF:B3:50:B3:8A
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:01:d5:0b:b9:58:48:31:ef:a8:68:1b:31:19:ae:a2:37:83:
         b4:ad:2d:b1:47:56:2d:01:35:0b:f0:72:e6:9b:97:9e:94:4b:
         d2:ca:d7:3d:4f:79:3f:8f:bb:e2:c3:06:1b:c6:1b:7c:17:23:
         54:3a:67:37:b7:ac:f1:cb:73:6c:75:76:1d:7b:90:69:83:94:
         57:54:d4:b6:d9:7c:5c:29:e3:b0:da:0d:12:7c:29:a6:2d:35:
         ca:2e:72:dd:6e:aa:1c:e3:20:1c:be:2a:58:87:e5:7d:5b:fd:
         ec:ab:15:d9:67:75:b3:97:d6:c1:49:88:90:b4:65:87:3f:78:
         28:e3:84:da:b9:2a:1b:aa:04:46:22:9b:9e:de:88:0f:ee:6e:
         85:00:9d:35:a0:3d:58:8c:b2:d3:5d:fe:77:39:f6:a3:27:8f:
         c8:b4:24:bc:34:c2:63:b2:22:37:42:91:0b:ba:45:6d:87:ce:
         3b:3b:dd:4f:2a:c7:df:86:80:28:18:63:78:f5:a1:af:a8:43:
         5a:e0:f8:3f:5e:44:48:54:cd:21:1f:7c:a1:90:82:bb:3c:e9:
         58:44:a9:3c:79:66:2f:99:bf:92:b3:fd:f9:ca:6a:69:ee:1e:
         cc:cb:c1:dc:82:e7:b4:e5:0f:44:f5:90:dc:59:cd:f4:71:06:
         af:94:fe:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu6wK3z0F6DvxBrOND4dIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwODIzMDcwMTQyWhcNMjUwODI0MDcwMTQyWjAzMTEwLwYDVQQD
Eyg1MzNiZjY0Y2MyZjhkODQzODAyNjJkODg0NDEwYjFlZmIzNTBiMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TDzWyQ0BwDNHDtOqEO/d3K+cuNG
p8I31qk1NYJhY2bNLbhcG1nAvnA0Oxw2Dp1pD3RzyrNtR3k/8vD40LslBBSmFJ5u
pOn/OTn2XKajXsFyExmaNkBMIN/PB7RSBAXBtwLLc1djqDWdE+ZAyUERWgCJ1bc9
EZQCFFJFXnPF8SdjosttXNhoOlj5bnnd3yysrv1tvkfVb7+AkUFTtUp6sV6ixYEH
ICF/zRhWnAQ6W9NSOeBV9oiUNyi7GbyhERF0Ctp66YZedHYLOtyBuvqvPjkP3AID
ngdb8VXZ3apu2uGEf4JMyxampx2dA1gzB+Yizz/2nYlm8V0P8OkD0X+7fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFM79kzC+NhDgCYtiEQQse+zULOKMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAHVC7lY
SDHvqGgbMRmuojeDtK0tsUdWLQE1C/By5puXnpRL0srXPU95P4+74sMGG8YbfBcj
VDpnN7es8ctzbHV2HXuQaYOUV1TUttl8XCnjsNoNEnwppi01yi5y3W6qHOMgHL4q
WIflfVv97KsV2Wd1s5fWwUmIkLRlhz94KOOE2rkqG6oERiKbnt6ID+5uhQCdNaA9
WIyy013+dzn2oyePyLQkvDTCY7IiN0KRC7pFbYfOOzvdTyrH34aAKBhjePWhr6hD
WuD4P15ESFTNIR98oZCCuzzpWESpPHlmL5m/krP9+cpqae4ezMvB3ILntOUPRPWQ
3FnN9HEGr5T+lA==
-----END CERTIFICATE-----