Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          +Lnd/MSl1N1zjzFzYgTP1JiVgeY1rqtWVqgXhEga0AU=
Subject key identifier:   0B:20:3C:96:8C:85:42:25:B1:58:66:9B:53:83:B2:61:91:E9:23:8B
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       0197B6D79F903F35B4E7B2A5F8DB36B8185A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 14:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:13 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: VX9eWcxuCn7X7CFiPWY+/v7vxFU9Ntn3Sgu0JM4btqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:9f:90:3f:35:b4:e7:b2:a5:f8:db:36:b8:18:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Jun 28 14:01:13 2025 GMT
            Not After : Jun 29 14:01:13 2025 GMT
        Subject: CN=0b203c968c854225b158669b5383b26191e9238b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:89:c4:0f:f7:0d:c1:b1:41:47:74:b9:24:77:
                    72:ef:dd:a5:7f:b9:97:29:c9:c8:fd:4b:84:cb:35:
                    b8:1e:58:e2:20:29:92:71:6e:1d:84:74:94:ef:1e:
                    34:16:59:84:6e:17:33:69:b9:8a:2e:4b:d0:f7:f7:
                    c4:d3:5f:89:56:f5:ed:13:f4:c0:f0:ff:49:af:16:
                    b8:a6:62:5d:66:cc:e9:2b:61:eb:fe:b2:cd:79:20:
                    d6:b1:43:b6:5f:bd:67:7b:ed:81:92:33:c1:1a:33:
                    d3:1d:82:4b:99:a7:c3:81:ce:3c:e5:a0:49:28:98:
                    39:bb:0a:61:20:ed:20:63:3a:8a:f5:8e:34:72:ad:
                    f0:fb:e4:3f:3f:5c:79:02:53:94:0a:9a:3e:22:87:
                    56:ee:73:34:e2:43:29:dd:8b:94:ea:fc:e6:53:1d:
                    f4:67:fb:7c:fd:09:65:1f:25:0b:2d:18:99:73:23:
                    90:d2:b3:43:28:16:45:d5:b9:a6:d2:3e:cc:19:6b:
                    d1:08:3d:46:fe:d4:01:a7:ba:69:d2:52:7d:0e:93:
                    d2:f3:59:81:aa:ee:c8:42:b1:ba:39:07:84:76:0a:
                    9d:70:22:47:d1:5b:cc:27:99:bb:cf:e0:1c:21:07:
                    25:da:a3:ff:e7:ca:13:49:e9:8c:d8:b3:f4:ed:e1:
                    99:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:20:3C:96:8C:85:42:25:B1:58:66:9B:53:83:B2:61:91:E9:23:8B
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:c3:8b:06:08:51:95:16:46:ce:59:bb:f0:ea:f3:4b:90:c0:
         54:35:d3:49:a9:e3:8c:75:a1:43:aa:96:3b:b9:3c:6c:7b:e2:
         b9:a1:1f:2b:88:12:57:5e:d5:ff:71:8f:59:87:d4:2c:58:01:
         5c:1c:30:cd:84:79:04:c4:e1:f5:ba:ff:4b:f8:0e:10:aa:7c:
         6c:6d:a0:f7:6a:8c:3d:97:59:5c:6c:3d:e3:1c:8c:f2:72:8f:
         78:00:16:89:8f:39:06:80:5f:f2:b8:be:9e:a2:41:68:46:99:
         bd:be:41:db:67:b5:fe:a8:ef:65:5c:4e:93:42:52:7e:2d:37:
         87:ee:62:a5:9b:5b:3c:a2:65:1f:63:2e:59:74:57:30:6e:32:
         5f:1e:2e:7c:f7:44:29:bf:03:fc:eb:3c:01:a1:d3:a7:6c:4e:
         78:b1:d7:69:47:3d:26:1d:e8:81:56:40:0f:46:98:72:c0:00:
         f1:7e:b3:14:c3:82:89:21:67:cb:e8:ef:b1:07:dc:f3:63:f8:
         8f:4c:6d:f1:60:a6:03:9d:fa:ea:e5:7f:45:8c:4a:c9:de:23:
         ce:b3:a1:8b:b3:25:a9:b1:79:c1:e2:85:20:e6:bb:a5:82:f3:
         44:d8:d5:79:93:7e:4e:d5:54:e8:b6:26:3d:c9:7e:3c:0a:d7:
         b8:2f:19:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe215+QPzW057Kl+Ns2uBhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwNjI4MTQwMTEzWhcNMjUwNjI5MTQwMTEzWjAzMTEwLwYDVQQD
EygwYjIwM2M5NjhjODU0MjI1YjE1ODY2OWI1MzgzYjI2MTkxZTkyMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAionED/cNwbFBR3S5JHdy792lf7mX
KcnI/UuEyzW4HljiICmScW4dhHSU7x40FlmEbhczabmKLkvQ9/fE01+JVvXtE/TA
8P9Jrxa4pmJdZszpK2Hr/rLNeSDWsUO2X71ne+2BkjPBGjPTHYJLmafDgc485aBJ
KJg5uwphIO0gYzqK9Y40cq3w++Q/P1x5AlOUCpo+IodW7nM04kMp3YuU6vzmUx30
Z/t8/QllHyULLRiZcyOQ0rNDKBZF1bmm0j7MGWvRCD1G/tQBp7pp0lJ9DpPS81mB
qu7IQrG6OQeEdgqdcCJH0VvMJ5m7z+AcIQcl2qP/58oTSemM2LP07eGZrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsgPJaMhUIlsVhmm1ODsmGR6SOLMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAccOLBghR
lRZGzlm78OrzS5DAVDXTSanjjHWhQ6qWO7k8bHviuaEfK4gSV17V/3GPWYfULFgB
XBwwzYR5BMTh9br/S/gOEKp8bG2g92qMPZdZXGw94xyM8nKPeAAWiY85BoBf8ri+
nqJBaEaZvb5B22e1/qjvZVxOk0JSfi03h+5ipZtbPKJlH2MuWXRXMG4yXx4ufPdE
Kb8D/Os8AaHTp2xOeLHXaUc9Jh3ogVZAD0aYcsAA8X6zFMOCiSFny+jvsQfc82P4
j0xt8WCmA5366uV/RYxKyd4jzrOhi7MlqbF5weKFIOa7pYLzRNjVeZN+TtVU6LYm
Pcl+PArXuC8ZVA==
-----END CERTIFICATE-----