Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          oonrrOoYljGseLTnn4YRwWLBa8f+bXTk5bZ+bdHGYJM=
Subject key identifier:   D1:E9:76:DC:75:87:76:F4:AB:13:E6:A7:D7:DF:40:69:38:97:69:6C
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       0197B88F49BE3963CBB677E8C0211D397466
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 22:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:27 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: tNw0FSVzowsFoqelZM0zoTImmnfKFUDum/V6YbERx0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:49:be:39:63:cb:b6:77:e8:c0:21:1d:39:74:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: Jun 28 22:01:27 2025 GMT
            Not After : Jun 29 22:01:27 2025 GMT
        Subject: CN=d1e976dc758776f4ab13e6a7d7df40693897696c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c8:46:af:72:fc:db:43:77:4f:94:17:c0:7f:
                    6d:96:8c:e3:4d:42:a1:3e:d0:a4:d7:1f:4d:06:cf:
                    8e:57:26:d7:62:5a:2e:93:ce:88:e9:ad:59:f5:fe:
                    ac:55:40:98:a3:08:a7:55:1f:47:18:64:06:e8:85:
                    3c:df:22:e3:12:cb:ec:ce:e9:c0:4e:0f:78:3b:62:
                    b4:ba:4e:e1:bb:54:43:e5:ec:02:56:fc:f8:26:3b:
                    65:34:a2:c7:63:b8:c2:96:3c:0b:5c:db:b4:cf:6a:
                    a7:e0:be:c0:aa:ec:de:f5:15:6e:40:ab:29:0f:34:
                    ec:c6:0a:d0:0c:80:9f:cb:a8:48:5c:12:62:76:7e:
                    b9:71:1d:21:b4:ee:80:d3:c1:88:7e:42:12:01:c8:
                    14:34:3a:a5:2b:fd:3b:dd:fb:c2:34:8f:ea:a6:6f:
                    af:05:4d:eb:23:1f:3a:05:e5:42:3c:09:e9:61:ba:
                    64:5b:71:25:98:86:a5:d7:20:0e:12:89:8a:24:41:
                    c9:4c:03:dc:6d:ed:5f:b5:4a:3a:ea:14:17:76:1a:
                    94:4a:77:f3:93:9b:b0:6f:52:70:e7:6a:fe:b7:63:
                    91:ae:23:e4:b9:b4:05:ca:84:ee:f7:cf:b7:50:bf:
                    e6:79:5b:74:32:b1:b8:9c:7f:3d:37:55:07:f6:d4:
                    3f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E9:76:DC:75:87:76:F4:AB:13:E6:A7:D7:DF:40:69:38:97:69:6C
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:5a:ef:5d:a9:f4:72:ea:5e:b2:3b:76:aa:e8:77:25:b9:fb:
         47:45:78:2d:f9:1f:06:29:50:74:f3:db:0c:f7:1c:8c:29:ac:
         35:90:9f:2b:20:82:52:ca:12:1f:38:8e:0d:2a:56:fd:42:71:
         12:ed:03:ed:01:b9:3c:92:27:20:34:42:e2:44:e2:4c:d6:a6:
         18:f5:1e:4c:96:5b:9e:74:f4:f6:ca:78:36:dd:67:a8:04:ed:
         1f:f8:45:4c:36:0e:17:dc:2b:19:db:da:5b:3c:39:f1:9f:89:
         42:1f:f3:b3:9e:8a:cf:a4:cd:08:2d:05:88:e3:cb:b3:c8:95:
         f3:43:f1:9f:d2:ef:dd:99:a0:fe:00:4d:d9:0a:15:0a:db:5c:
         21:ef:de:7a:05:0e:5c:07:cb:3d:44:5b:5d:47:d9:12:f2:1b:
         7c:7b:41:87:ec:d3:1d:e4:69:90:07:70:ba:a2:93:f2:59:db:
         36:9a:9e:6e:80:04:cd:77:44:d8:c3:94:9a:8a:ed:74:4b:91:
         b6:b6:ef:d5:b1:21:99:fd:ad:59:71:02:b4:7c:21:18:5d:0e:
         5e:f9:9a:21:1f:f3:a8:ed:09:27:b8:2c:74:1b:5c:9b:25:9c:
         af:59:91:62:14:64:0e:32:61:86:7b:d8:ca:cb:22:84:3d:65:
         38:20:92:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j0m+OWPLtnfowCEdOXRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjUwNjI4MjIwMTI3WhcNMjUwNjI5MjIwMTI3WjAzMTEwLwYDVQQD
EyhkMWU5NzZkYzc1ODc3NmY0YWIxM2U2YTdkN2RmNDA2OTM4OTc2OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMhGr3L820N3T5QXwH9tlozjTUKh
PtCk1x9NBs+OVybXYlouk86I6a1Z9f6sVUCYowinVR9HGGQG6IU83yLjEsvszunA
Tg94O2K0uk7hu1RD5ewCVvz4JjtlNKLHY7jCljwLXNu0z2qn4L7Aquze9RVuQKsp
DzTsxgrQDICfy6hIXBJidn65cR0htO6A08GIfkISAcgUNDqlK/073fvCNI/qpm+v
BU3rIx86BeVCPAnpYbpkW3ElmIal1yAOEomKJEHJTAPcbe1ftUo66hQXdhqUSnfz
k5uwb1Jw52r+t2ORriPkubQFyoTu98+3UL/meVt0MrG4nH89N1UH9tQ/3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHpdtx1h3b0qxPmp9ffQGk4l2lsMB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVrvXan0
cupesjt2quh3Jbn7R0V4LfkfBilQdPPbDPccjCmsNZCfKyCCUsoSHziODSpW/UJx
Eu0D7QG5PJInIDRC4kTiTNamGPUeTJZbnnT09sp4Nt1nqATtH/hFTDYOF9wrGdva
Wzw58Z+JQh/zs56Kz6TNCC0FiOPLs8iV80Pxn9Lv3Zmg/gBN2QoVCttcIe/eegUO
XAfLPURbXUfZEvIbfHtBh+zTHeRpkAdwuqKT8lnbNpqeboAEzXdE2MOUmortdEuR
trbv1bEhmf2tWXECtHwhGF0OXvmaIR/zqO0JJ7gsdBtcmyWcr1mRYhRkDjJhhnvY
yssihD1lOCCSyA==
-----END CERTIFICATE-----