Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          LjPmQvoTjC0aQJ3ciOUoeMr08Q+QqKTTJ+iHo8EkhIo=
Subject key identifier:   34:ED:B6:B4:63:3E:49:04:AF:BB:B9:30:EE:C0:06:A6:0A:61:71:8F
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       0197B8900B5F33C955A4F82E2538DEEFB871
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          1051
Signing time:             Sat 28 Jun 2025 22:02:17 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:17 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:17 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: kbBSfAzvOTC+wh6+7kYoDuQgtGDn6R5pJayhjjwGTAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:0b:5f:33:c9:55:a4:f8:2e:25:38:de:ef:b8:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: Jun 28 22:02:17 2025 GMT
            Not After : Jun 29 22:02:17 2025 GMT
        Subject: CN=34edb6b4633e4904afbbb930eec006a60a61718f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b3:06:c4:a0:d8:48:e0:73:44:62:5b:dc:58:
                    a1:8f:75:e6:71:77:3b:b2:51:16:d5:a3:af:9b:23:
                    27:7a:1b:75:1f:88:ea:42:11:6b:f3:44:18:4d:32:
                    f9:ae:77:6b:bf:e3:22:a8:1c:d9:09:af:d7:fc:71:
                    83:63:34:21:85:ae:d0:00:c5:aa:1a:8c:b8:f3:02:
                    2c:72:29:de:d9:5f:8f:27:44:17:c2:3a:68:c8:be:
                    2b:3e:fd:ea:d9:02:29:44:8f:bd:e5:e4:31:3f:fa:
                    fc:27:01:af:24:13:bd:bb:c9:33:eb:c2:c9:14:a6:
                    67:aa:db:39:81:c3:8f:dc:58:6d:41:b3:81:8d:0e:
                    65:bb:f6:f4:61:3a:f5:c1:9a:14:65:7e:53:ee:1d:
                    81:d2:78:c9:9e:3b:a9:5f:7a:bf:e1:4c:bf:77:3e:
                    9f:1a:3a:9e:b3:58:ef:86:a5:2d:8a:62:01:da:47:
                    9b:5f:14:a5:b1:61:3e:f9:d9:b5:1a:c2:96:90:27:
                    7e:c5:4d:ae:5c:42:2f:14:a5:88:b5:1d:95:63:3c:
                    30:93:64:e8:75:b2:eb:be:71:99:b1:c7:1d:53:8c:
                    a8:b0:48:d5:3d:09:03:64:3d:a0:25:b1:03:81:a1:
                    ce:6e:7a:c5:da:5a:3d:a1:e4:e6:cd:c1:98:f0:80:
                    d2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:ED:B6:B4:63:3E:49:04:AF:BB:B9:30:EE:C0:06:A6:0A:61:71:8F
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:60:2e:f5:d2:a9:78:c9:93:26:03:2b:a8:23:6a:9f:55:f0:
         44:ed:b6:80:ee:af:9a:c9:38:70:01:bd:a9:60:de:91:19:ff:
         e3:79:02:23:8d:0c:3d:e4:66:bb:f8:79:8b:f9:2e:c7:1d:95:
         c8:69:e4:b4:e3:cc:f3:87:2c:6b:2f:b8:a3:c1:c0:ca:60:f5:
         86:12:02:c6:30:fb:c5:19:0c:8e:da:3b:ab:e7:8e:43:b9:da:
         19:2e:4b:98:49:28:0b:02:d4:01:e6:3d:00:75:00:64:bb:00:
         5a:62:60:0b:ff:53:ad:8e:8f:ad:68:c3:2a:ad:81:34:5d:eb:
         34:49:b1:49:17:0c:67:bd:fc:9c:2b:4a:b4:1b:bd:05:2f:f4:
         c9:55:eb:e4:a9:fd:f1:74:65:4c:6a:1c:5a:3b:92:59:27:03:
         f8:03:ef:24:a7:99:97:98:bf:de:42:29:48:7d:5d:97:98:96:
         73:21:01:57:15:e2:b6:ef:bc:f5:9f:9c:77:cd:06:9c:35:4e:
         81:d7:f7:f3:49:d1:5b:df:2f:44:5d:9c:36:fe:92:58:79:73:
         7a:13:5c:57:e2:09:da:55:6d:cb:b2:d8:6f:73:3d:96:22:43:
         15:8e:bb:41:06:63:ea:a1:9a:04:cf:5c:28:30:98:d6:a0:f1:
         e3:46:dd:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kAtfM8lVpPguJTje77hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUwNjI4MjIwMjE3WhcNMjUwNjI5MjIwMjE3WjAzMTEwLwYDVQQD
EygzNGVkYjZiNDYzM2U0OTA0YWZiYmI5MzBlZWMwMDZhNjBhNjE3MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrMGxKDYSOBzRGJb3Fihj3XmcXc7
slEW1aOvmyMneht1H4jqQhFr80QYTTL5rndrv+MiqBzZCa/X/HGDYzQhha7QAMWq
Goy48wIscine2V+PJ0QXwjpoyL4rPv3q2QIpRI+95eQxP/r8JwGvJBO9u8kz68LJ
FKZnqts5gcOP3FhtQbOBjQ5lu/b0YTr1wZoUZX5T7h2B0njJnjupX3q/4Uy/dz6f
Gjqes1jvhqUtimIB2kebXxSlsWE++dm1GsKWkCd+xU2uXEIvFKWItR2VYzwwk2To
dbLrvnGZsccdU4yosEjVPQkDZD2gJbEDgaHObnrF2lo9oeTmzcGY8IDSxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTttrRjPkkEr7u5MO7ABqYKYXGPMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGAu9dKp
eMmTJgMrqCNqn1XwRO22gO6vmsk4cAG9qWDekRn/43kCI40MPeRmu/h5i/kuxx2V
yGnktOPM84csay+4o8HAymD1hhICxjD7xRkMjto7q+eOQ7naGS5LmEkoCwLUAeY9
AHUAZLsAWmJgC/9TrY6PrWjDKq2BNF3rNEmxSRcMZ738nCtKtBu9BS/0yVXr5Kn9
8XRlTGocWjuSWScD+APvJKeZl5i/3kIpSH1dl5iWcyEBVxXitu+89Z+cd80GnDVO
gdf380nRW98vRF2cNv6SWHlzehNcV+IJ2lVty7LYb3M9liJDFY67QQZj6qGaBM9c
KDCY1qDx40bdGQ==
-----END CERTIFICATE-----