Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          mMmZGLqHNjBIoXzbul//DP+gQhoWpVYF5Yk18fQfR5s=
Subject key identifier:   54:C4:01:76:23:0A:30:6C:26:A0:71:06:AD:65:D6:75:29:19:C9:F9
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       0198D7E1609FDA9D7E32FB4E6B974B0A280A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          03D2
Signing time:             Sat 23 Aug 2025 17:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 17:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 17:02:08 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: laQdvx2lNYOmo3lXt4S60WS/bCM1uW4XfFjQoPje4XE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:e1:60:9f:da:9d:7e:32:fb:4e:6b:97:4b:0a:28:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: Aug 23 17:02:08 2025 GMT
            Not After : Aug 24 17:02:08 2025 GMT
        Subject: CN=54c40176230a306c26a07106ad65d6752919c9f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:95:24:0c:70:40:cb:d0:4e:64:2a:e1:31:f1:
                    e1:44:41:5f:8a:bd:8e:2c:a2:71:04:ae:35:60:e2:
                    46:ee:6d:f6:34:3d:9d:09:e1:90:a3:67:2d:a4:8f:
                    de:89:0e:fe:f0:17:e5:8e:35:2c:af:c2:37:64:86:
                    c6:03:62:e5:44:67:c3:d1:ae:c4:96:25:b4:39:8c:
                    b7:1c:3a:ed:a1:8a:93:c0:7b:65:c8:61:24:78:80:
                    c3:04:d7:6d:47:a3:68:66:7b:6c:90:e1:3c:f4:8e:
                    ae:2b:9e:93:ef:c2:d1:cf:3e:2f:d5:31:ae:d0:1a:
                    30:e5:b1:b1:1d:a2:d0:47:7e:47:e5:b2:53:a7:48:
                    e0:db:a8:e7:99:95:86:70:94:f4:4f:ed:60:fc:8b:
                    5d:fd:a6:53:f2:c9:f6:d9:9b:e9:ef:70:4b:e9:f4:
                    c3:cc:98:2f:37:0f:cc:40:af:12:02:a7:00:f9:9f:
                    3a:28:6b:72:12:1c:bb:29:ff:c2:62:1f:f7:40:91:
                    37:73:37:0d:a7:68:30:c1:57:65:81:5e:10:49:f0:
                    75:fe:f0:48:2a:c1:16:b7:02:0e:c1:74:d8:df:92:
                    1c:22:f7:03:50:bc:09:4e:3d:ba:b5:60:6b:0b:58:
                    a9:1a:64:b4:20:88:b2:31:cb:50:b7:d6:41:2c:b2:
                    2d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C4:01:76:23:0A:30:6C:26:A0:71:06:AD:65:D6:75:29:19:C9:F9
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:c5:66:19:44:7b:b6:35:b1:f0:e8:b8:60:88:01:77:ae:42:
         3b:06:6f:08:a1:db:14:9f:02:e0:83:d7:58:bc:e2:d4:8d:c0:
         1f:20:1d:88:a9:ff:c1:93:f2:45:ed:3a:3a:dd:49:78:33:7c:
         ef:cb:ff:f4:6f:df:ac:3a:e4:c3:00:3d:c8:b4:3a:c7:4c:00:
         5c:e5:80:2c:92:3b:98:53:90:23:ad:4a:33:a2:ef:8f:ec:0a:
         47:a6:7b:8f:be:df:d8:97:c5:15:00:96:8f:79:cf:48:e5:1f:
         95:30:f3:81:82:d2:95:58:c4:34:6d:26:6b:88:36:c4:17:8b:
         cc:33:99:31:36:3b:02:4f:6d:47:61:c4:c3:da:c6:14:34:e2:
         92:cd:be:9c:c6:ed:ab:c2:ad:bd:bb:3b:a2:b8:89:79:25:d9:
         5f:c7:3a:ac:68:ce:d3:ab:4d:d1:ae:33:97:4a:ba:6f:05:97:
         66:c5:ac:7b:51:ba:16:94:c9:58:e3:fb:7b:f0:32:ff:65:69:
         71:b9:d0:09:ef:44:9c:cb:79:05:69:da:db:22:20:6c:dd:5f:
         2d:d1:46:16:f7:ca:57:9c:ba:da:31:9c:0f:31:5b:16:9d:e4:
         03:86:85:d7:d8:01:22:36:23:96:2d:67:06:9f:8e:79:09:5e:
         ba:85:fa:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjX4WCf2p1+MvtOa5dLCigKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjUwODIzMTcwMjA4WhcNMjUwODI0MTcwMjA4WjAzMTEwLwYDVQQD
Eyg1NGM0MDE3NjIzMGEzMDZjMjZhMDcxMDZhZDY1ZDY3NTI5MTljOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZUkDHBAy9BOZCrhMfHhREFfir2O
LKJxBK41YOJG7m32ND2dCeGQo2ctpI/eiQ7+8BfljjUsr8I3ZIbGA2LlRGfD0a7E
liW0OYy3HDrtoYqTwHtlyGEkeIDDBNdtR6NoZntskOE89I6uK56T78LRzz4v1TGu
0Bow5bGxHaLQR35H5bJTp0jg26jnmZWGcJT0T+1g/Itd/aZT8sn22Zvp73BL6fTD
zJgvNw/MQK8SAqcA+Z86KGtyEhy7Kf/CYh/3QJE3czcNp2gwwVdlgV4QSfB1/vBI
KsEWtwIOwXTY35IcIvcDULwJTj26tWBrC1ipGmS0IIiyMctQt9ZBLLItQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTEAXYjCjBsJqBxBq1l1nUpGcn5MB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcVmGUR7
tjWx8Oi4YIgBd65COwZvCKHbFJ8C4IPXWLzi1I3AHyAdiKn/wZPyRe06Ot1JeDN8
78v/9G/frDrkwwA9yLQ6x0wAXOWALJI7mFOQI61KM6Lvj+wKR6Z7j77f2JfFFQCW
j3nPSOUflTDzgYLSlVjENG0ma4g2xBeLzDOZMTY7Ak9tR2HEw9rGFDTiks2+nMbt
q8Ktvbs7oriJeSXZX8c6rGjO06tN0a4zl0q6bwWXZsWse1G6FpTJWOP7e/Ay/2Vp
cbnQCe9EnMt5BWna2yIgbN1fLdFGFvfKV5y62jGcDzFbFp3kA4aF19gBIjYjli1n
Bp+OeQleuoX6vQ==
-----END CERTIFICATE-----