Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
File:                     2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json)
Hash identifier:          m5FfzeYCdneM5qONdbcZFbbEbxdEIZ2yvg0swCd+G7c=
Subject key identifier:   67:AA:2C:F4:54:24:23:AE:5C:3C:62:09:7E:AF:50:B5:2E:19:A4:03
Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
Certificate issuer:       /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Certificate serial:       0197B7B323E13D2A959DB7E555E0997BA723
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
Manifest number:          52
Signing time:             Sat 28 Jun 2025 18:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:59 +0000
Files and hashes:         1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: cteHyWVQnwOM9C6qAFoL0ivmko7MvEBDGb5zAtgd+AY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:23:e1:3d:2a:95:9d:b7:e5:55:e0:99:7b:a7:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
        Validity
            Not Before: Jun 28 18:00:59 2025 GMT
            Not After : Jun 29 18:00:59 2025 GMT
        Subject: CN=67aa2cf4542423ae5c3c62097eaf50b52e19a403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:df:8f:d7:82:5e:fa:de:b1:77:c2:c5:5a:cc:
                    63:39:96:53:5d:f9:ba:b2:4a:39:03:64:17:a0:bb:
                    60:df:18:75:40:9c:16:20:72:f3:08:32:39:dc:ed:
                    6e:95:bf:28:95:f0:58:ec:39:a6:c8:a6:ba:82:1b:
                    b3:e7:96:02:4b:2d:4e:31:95:84:a2:cd:f3:5d:b7:
                    ba:1e:cb:40:27:c8:cd:c5:a6:b5:7d:08:fc:79:a5:
                    c1:10:d6:25:3e:e9:0f:67:cc:1d:a1:e4:56:b0:8c:
                    4a:4a:bc:0a:8a:e7:03:c0:d9:3e:41:f3:38:af:c2:
                    b7:33:b8:9b:f3:68:69:15:83:44:70:56:2e:27:e1:
                    ae:0d:b2:88:95:64:3b:c3:be:32:87:86:50:ba:08:
                    44:fb:40:87:25:1a:90:d3:b1:a5:32:27:de:47:51:
                    b4:af:b4:68:85:de:f2:5f:b9:ff:23:4d:61:ce:c8:
                    7c:18:96:9c:95:4c:b4:75:06:51:e4:10:dc:64:8f:
                    45:67:5f:b4:e7:8c:38:ec:b7:78:fa:3b:4a:da:a8:
                    e5:b9:07:7b:98:b4:f6:44:55:70:0f:d2:5b:31:3d:
                    e4:9e:21:bb:e2:19:2c:3a:62:dd:d8:b6:cb:1a:86:
                    dc:81:19:d9:3f:7a:73:f1:5d:17:05:c9:f6:38:8c:
                    05:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:AA:2C:F4:54:24:23:AE:5C:3C:62:09:7E:AF:50:B5:2E:19:A4:03
            X509v3 Authority Key Identifier:
                keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:33:8a:2b:95:ce:b6:cc:87:c3:1c:1d:1d:cf:db:af:04:74:
         de:88:3a:f0:f0:2d:8c:16:27:11:0a:4f:6b:0d:e4:6c:cc:23:
         be:66:58:66:07:f9:70:1e:0b:f2:ae:de:41:74:85:0e:2e:ca:
         e7:d5:a4:ce:a1:06:89:ba:1f:78:33:27:1f:b8:30:6f:46:6f:
         b6:53:03:e4:8b:6f:d4:0a:89:f0:ff:d1:cb:23:9d:55:f7:ba:
         29:3b:f6:c6:35:02:7d:fa:03:59:7e:a7:ab:97:66:a7:03:6d:
         00:8e:24:14:35:1c:c5:a2:7d:51:67:42:4e:b7:66:1d:98:30:
         08:ce:5a:de:8c:c1:a5:a9:10:0f:ed:ef:85:c2:3d:58:15:53:
         86:fb:cd:c4:34:96:d4:37:5b:9f:73:15:80:6b:90:87:d8:c7:
         0c:1c:3b:5a:53:e8:fa:f6:0d:51:de:98:82:49:f2:9c:fc:1c:
         f3:4e:ad:48:e9:d1:9b:f5:01:0e:ea:14:54:9b:0c:f8:ab:ff:
         b5:c3:38:49:30:b6:db:bd:26:9a:22:07:b5:db:35:4f:9d:e0:
         a2:4f:03:c9:b3:33:3a:16:41:3c:3b:ca:09:9b:b9:23:e2:67:
         dd:6f:34:07:c1:c2:63:65:2b:af:a9:5d:f3:7e:03:5e:8f:44:
         73:f9:e8:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3syPhPSqVnbflVeCZe6cjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw
MWJiNTEwHhcNMjUwNjI4MTgwMDU5WhcNMjUwNjI5MTgwMDU5WjAzMTEwLwYDVQQD
Eyg2N2FhMmNmNDU0MjQyM2FlNWMzYzYyMDk3ZWFmNTBiNTJlMTlhNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9+P14Je+t6xd8LFWsxjOZZTXfm6
sko5A2QXoLtg3xh1QJwWIHLzCDI53O1ulb8olfBY7DmmyKa6ghuz55YCSy1OMZWE
os3zXbe6HstAJ8jNxaa1fQj8eaXBENYlPukPZ8wdoeRWsIxKSrwKiucDwNk+QfM4
r8K3M7ib82hpFYNEcFYuJ+GuDbKIlWQ7w74yh4ZQughE+0CHJRqQ07GlMifeR1G0
r7Rohd7yX7n/I01hzsh8GJaclUy0dQZR5BDcZI9FZ1+054w47Ld4+jtK2qjluQd7
mLT2RFVwD9JbMT3kniG74hksOmLd2LbLGobcgRnZP3pz8V0XBcn2OIwFIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGeqLPRUJCOuXDxiCX6vULUuGaQDMB8GA1UdIwQY
MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct
NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5
LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTOKK5XO
tsyHwxwdHc/brwR03og68PAtjBYnEQpPaw3kbMwjvmZYZgf5cB4L8q7eQXSFDi7K
59WkzqEGibofeDMnH7gwb0ZvtlMD5Itv1AqJ8P/RyyOdVfe6KTv2xjUCffoDWX6n
q5dmpwNtAI4kFDUcxaJ9UWdCTrdmHZgwCM5a3ozBpakQD+3vhcI9WBVThvvNxDSW
1Ddbn3MVgGuQh9jHDBw7WlPo+vYNUd6YgknynPwc806tSOnRm/UBDuoUVJsM+Kv/
tcM4STC2270mmiIHtds1T53gok8DybMzOhZBPDvKCZu5I+Jn3W80B8HCY2Urr6ld
834DXo9Ec/no8Q==
-----END CERTIFICATE-----