Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          C0qhM1S3nyPviLFibcaGvYwMB9tFodvJ0IdoKcpr+9E=
Subject key identifier:   EE:8B:B8:D8:52:7A:FC:6C:82:93:A1:F3:DC:3D:B8:EC:37:84:AB:71
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       0198D5BBD40F79CAFB86AC3C0465AAA0B45C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 07:01:53 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:53 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:53 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: 8+iFQ4gRmTPOY/xOQ4eazFmWbE+TGFT90P7/y/2faH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:d4:0f:79:ca:fb:86:ac:3c:04:65:aa:a0:b4:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Aug 23 07:01:53 2025 GMT
            Not After : Aug 24 07:01:53 2025 GMT
        Subject: CN=ee8bb8d8527afc6c8293a1f3dc3db8ec3784ab71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4e:17:57:e2:ca:d6:ba:ec:d7:bf:26:83:48:
                    c8:3f:70:ba:15:a3:98:82:9a:5b:c7:b6:4e:b2:3c:
                    b1:d1:4f:7e:44:1f:d3:0c:56:33:2a:db:df:bd:79:
                    0d:62:c0:6a:28:91:6e:74:cb:d1:0a:ca:f9:da:62:
                    6f:10:34:d5:4e:50:c0:57:c1:f3:d7:62:bf:85:b0:
                    bb:70:35:42:e1:d7:f6:20:9a:29:ae:b5:b2:f0:6e:
                    de:8a:ce:c3:92:f5:59:98:6d:c1:ba:62:40:e7:7d:
                    5c:0f:19:6d:dd:55:b7:5e:70:dd:b3:3a:f3:d1:68:
                    63:40:4b:ed:c9:f6:62:89:90:5c:62:09:05:2d:72:
                    a4:8f:33:d0:06:bf:5b:48:6e:49:d3:5b:8d:5b:3d:
                    00:c8:9d:2a:60:95:a6:c2:a8:bb:d7:a1:e3:77:8b:
                    ed:16:b6:87:ac:42:d8:7d:dc:ab:9f:62:a4:98:44:
                    20:29:6b:ca:a5:bd:18:2d:3f:f8:c6:25:38:bc:f1:
                    13:5b:31:9a:42:5c:f0:d3:d6:79:da:af:a7:64:a1:
                    b4:d0:2e:ef:bf:d3:62:b3:12:f6:43:2a:fb:21:36:
                    6d:e3:36:54:9e:6d:26:8a:2f:54:2f:ad:7e:d5:45:
                    c9:f3:6d:7d:7c:73:60:82:0f:cf:0c:9b:6b:40:9a:
                    7d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:8B:B8:D8:52:7A:FC:6C:82:93:A1:F3:DC:3D:B8:EC:37:84:AB:71
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:83:0a:a3:4f:ff:db:51:76:eb:c3:c8:0c:14:30:a1:a8:8a:
         45:37:92:df:63:75:9d:31:b5:a7:8a:78:33:97:a2:00:77:fa:
         f2:5c:84:63:78:60:ad:46:38:91:d1:5b:3b:5e:44:ac:a6:9d:
         b0:ad:c2:60:b3:89:14:55:73:c4:62:15:b6:19:1e:31:ce:08:
         66:90:c3:80:16:a9:32:fd:78:73:70:d7:05:1c:d3:d2:01:e6:
         1b:eb:23:06:96:ca:e3:61:0d:2c:5a:f2:a6:22:a2:7a:1e:2d:
         35:17:fa:93:25:f2:e7:54:84:46:83:72:12:3a:88:1f:6c:24:
         ac:bc:f0:e8:b0:6e:c2:96:cf:45:7b:38:16:88:e6:4e:58:ac:
         59:98:af:0e:f2:e9:3c:b3:e7:e5:2e:6a:1a:12:0a:99:a7:c3:
         fe:77:5b:b7:61:2b:ea:5f:52:e8:27:34:a1:84:db:3d:56:ec:
         e0:f5:cd:cc:18:6e:de:f5:5d:3e:1c:84:b6:fa:3b:8e:b8:fa:
         83:db:b5:73:18:c4:b6:95:12:d4:f4:5a:3f:05:f2:06:42:81:
         bc:a9:0b:9a:f4:8b:b0:63:11:d4:89:b2:62:47:b2:ad:2d:48:
         69:80:77:b0:89:83:17:84:a3:be:d4:63:40:b2:ef:7d:9c:e5:
         c7:e2:77:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu9QPecr7hqw8BGWqoLRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUwODIzMDcwMTUzWhcNMjUwODI0MDcwMTUzWjAzMTEwLwYDVQQD
EyhlZThiYjhkODUyN2FmYzZjODI5M2ExZjNkYzNkYjhlYzM3ODRhYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk4XV+LK1rrs178mg0jIP3C6FaOY
gppbx7ZOsjyx0U9+RB/TDFYzKtvfvXkNYsBqKJFudMvRCsr52mJvEDTVTlDAV8Hz
12K/hbC7cDVC4df2IJoprrWy8G7eis7DkvVZmG3BumJA531cDxlt3VW3XnDdszrz
0WhjQEvtyfZiiZBcYgkFLXKkjzPQBr9bSG5J01uNWz0AyJ0qYJWmwqi716Hjd4vt
FraHrELYfdyrn2KkmEQgKWvKpb0YLT/4xiU4vPETWzGaQlzw09Z52q+nZKG00C7v
v9NisxL2Qyr7ITZt4zZUnm0mii9UL61+1UXJ8219fHNggg/PDJtrQJp9pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6LuNhSevxsgpOh89w9uOw3hKtxMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkYMKo0//
21F268PIDBQwoaiKRTeS32N1nTG1p4p4M5eiAHf68lyEY3hgrUY4kdFbO15ErKad
sK3CYLOJFFVzxGIVthkeMc4IZpDDgBapMv14c3DXBRzT0gHmG+sjBpbK42ENLFry
piKieh4tNRf6kyXy51SERoNyEjqIH2wkrLzw6LBuwpbPRXs4FojmTlisWZivDvLp
PLPn5S5qGhIKmafD/ndbt2Er6l9S6Cc0oYTbPVbs4PXNzBhu3vVdPhyEtvo7jrj6
g9u1cxjEtpUS1PRaPwXyBkKBvKkLmvSLsGMR1ImyYkeyrS1IaYB3sImDF4SjvtRj
QLLvfZzlx+J3uQ==
-----END CERTIFICATE-----