Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          4qbH0IrTlISe6VmlE3WPdFbt4XgqFKPwMZj3KKSApAA=
Subject key identifier:   C2:1A:83:F0:86:8E:EC:5F:E2:85:75:9D:31:D9:1A:BF:34:A8:39:7D
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       0197B7EA113E9AA057C388485A894F70D9C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 19:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 19:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 19:00:59 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: nu7RTa5bfTzv5V22rm17ockvYJqUIR5X7iPiwQhRSPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:11:3e:9a:a0:57:c3:88:48:5a:89:4f:70:d9:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Jun 28 19:00:59 2025 GMT
            Not After : Jun 29 19:00:59 2025 GMT
        Subject: CN=c21a83f0868eec5fe285759d31d91abf34a8397d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:54:1e:c1:d3:da:4c:6f:b4:64:c7:23:87:
                    15:1b:13:ee:c4:bd:12:a0:60:4f:44:1c:fa:1a:13:
                    c1:d5:e5:de:2e:7f:29:7b:bd:9f:c6:1b:46:1e:7f:
                    51:28:87:e2:80:fe:94:e9:60:21:d3:c7:4a:16:ba:
                    38:4e:40:03:c7:3e:d2:1c:0c:1d:06:81:1f:32:d2:
                    96:d4:98:9f:bc:ce:53:55:4a:26:b4:60:0a:23:a1:
                    80:2e:94:9d:e2:ce:5d:77:8d:d2:78:ad:ae:44:5c:
                    a9:53:a5:b2:fd:43:94:15:53:e0:12:8b:19:17:31:
                    7f:2a:5d:55:b9:2b:bf:a8:b3:29:cf:9b:cd:ea:e6:
                    3d:be:ea:ac:04:6f:e1:b1:42:eb:d1:1e:05:4a:2f:
                    52:f8:cf:9b:51:f8:fc:78:17:0d:d3:a5:b0:2f:1e:
                    f2:74:40:ed:a7:d6:3d:d8:99:8f:43:38:40:aa:2b:
                    60:d5:2b:13:86:29:8b:e4:94:37:87:a0:2c:71:26:
                    ba:70:1a:e0:95:54:2f:e2:4f:c4:ea:70:95:0b:2d:
                    da:6f:41:e7:5a:11:f6:0a:45:31:36:19:9f:90:ef:
                    ad:69:7d:cf:39:29:79:6f:fa:e4:d5:81:d2:c8:61:
                    2f:14:ff:48:35:9e:02:7b:53:1d:a0:4d:45:4b:96:
                    31:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:1A:83:F0:86:8E:EC:5F:E2:85:75:9D:31:D9:1A:BF:34:A8:39:7D
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:3e:bc:35:5f:53:7c:25:c7:92:35:43:2b:7d:c4:71:f6:c2:
         7c:86:4d:76:28:4c:d4:81:24:1c:81:c3:23:8d:66:32:ff:c0:
         b3:b4:ad:a5:90:7a:f8:15:1c:51:1e:8a:fb:5a:a1:d6:00:b0:
         52:f9:7b:90:68:cb:20:20:7c:50:80:96:37:9e:bc:84:69:93:
         6b:05:e9:d5:0e:df:39:db:29:d0:c7:9c:ba:18:8b:96:9e:ec:
         c7:5d:b2:ed:76:9c:61:92:7c:21:f6:24:c1:48:fd:68:2c:df:
         71:4b:b0:c3:5e:8d:1f:01:22:f4:2c:fd:7c:62:14:1e:16:2f:
         5d:f9:e3:0b:ab:f8:58:73:b7:85:c6:64:0e:1b:6d:ca:e3:4b:
         e9:26:22:78:53:73:31:1e:83:fc:ba:4f:a6:e0:21:1e:14:21:
         dc:ff:08:f9:ad:d7:9a:c9:e3:c7:69:30:10:d9:35:3d:1a:10:
         87:0a:31:fe:f7:c1:d7:ea:dd:52:c6:0f:de:3c:b3:a9:c3:db:
         1a:7a:94:fb:fc:1a:2c:9f:9c:e3:f9:82:4e:69:57:b4:de:aa:
         8f:ee:47:93:58:eb:96:67:c7:e7:43:22:c1:a6:a1:31:3a:45:
         48:bf:ba:0c:7b:b4:77:27:13:51:e6:4f:13:55:1a:1d:98:5c:
         c8:f8:04:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36hE+mqBXw4hIWolPcNnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUwNjI4MTkwMDU5WhcNMjUwNjI5MTkwMDU5WjAzMTEwLwYDVQQD
EyhjMjFhODNmMDg2OGVlYzVmZTI4NTc1OWQzMWQ5MWFiZjM0YTgzOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukpUHsHT2kxvtGTHI4cVGxPuxL0S
oGBPRBz6GhPB1eXeLn8pe72fxhtGHn9RKIfigP6U6WAh08dKFro4TkADxz7SHAwd
BoEfMtKW1JifvM5TVUomtGAKI6GALpSd4s5dd43SeK2uRFypU6Wy/UOUFVPgEosZ
FzF/Kl1VuSu/qLMpz5vN6uY9vuqsBG/hsULr0R4FSi9S+M+bUfj8eBcN06WwLx7y
dEDtp9Y92JmPQzhAqitg1SsThimL5JQ3h6AscSa6cBrglVQv4k/E6nCVCy3ab0Hn
WhH2CkUxNhmfkO+taX3POSl5b/rk1YHSyGEvFP9INZ4Ce1MdoE1FS5YxzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIag/CGjuxf4oV1nTHZGr80qDl9MB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuj68NV9T
fCXHkjVDK33EcfbCfIZNdihM1IEkHIHDI41mMv/As7StpZB6+BUcUR6K+1qh1gCw
Uvl7kGjLICB8UICWN568hGmTawXp1Q7fOdsp0MecuhiLlp7sx12y7XacYZJ8IfYk
wUj9aCzfcUuww16NHwEi9Cz9fGIUHhYvXfnjC6v4WHO3hcZkDhttyuNL6SYieFNz
MR6D/LpPpuAhHhQh3P8I+a3Xmsnjx2kwENk1PRoQhwox/vfB1+rdUsYP3jyzqcPb
GnqU+/waLJ+c4/mCTmlXtN6qj+5Hk1jrlmfH50MiwaahMTpFSL+6DHu0dycTUeZP
E1UaHZhcyPgEWw==
-----END CERTIFICATE-----