Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          dNqe9eUdUVkgOqcl53zRyg99wrz1jrU9nia/WSweuyQ=
Subject key identifier:   38:86:8C:35:56:99:13:DF:FB:FA:B3:50:74:25:6A:70:8A:74:E5:5C
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       0197B6A17300BCAD77DBFEEB1BCC68B615DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          14B0
Signing time:             Sat 28 Jun 2025 13:02:03 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:03 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:03 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: h7Y4pI3EuF1D5XXtk4aB/vbngyjVo7vc3trdU/d6l5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:73:00:bc:ad:77:db:fe:eb:1b:cc:68:b6:15:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Jun 28 13:02:03 2025 GMT
            Not After : Jun 29 13:02:03 2025 GMT
        Subject: CN=38868c35569913dffbfab35074256a708a74e55c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0f:0b:bc:95:59:26:4a:c0:23:2a:0d:55:6b:
                    55:21:ee:46:52:d5:66:60:f4:db:a0:43:de:40:47:
                    bf:2b:51:87:f4:99:16:85:e2:88:b7:43:56:01:ed:
                    37:75:be:7f:b3:5c:0f:ee:c0:f3:47:ca:83:05:71:
                    d5:2e:58:be:53:f9:2a:57:0b:54:da:86:91:bb:f6:
                    fc:5d:71:15:e2:8e:6f:23:d4:d0:de:5a:ef:28:93:
                    70:b1:c9:4c:28:ef:f4:3c:3e:2a:4c:d5:59:d2:7a:
                    fa:80:3e:e9:22:99:a9:be:03:a7:f7:4e:d9:17:ff:
                    0b:4c:96:67:b4:00:b8:ba:dc:cf:a5:f0:13:74:81:
                    af:aa:13:0b:48:63:4a:21:f1:9a:5c:82:66:47:7f:
                    05:48:62:d4:8a:53:22:06:18:ff:af:89:49:2c:16:
                    a3:b4:66:89:81:ce:fe:c5:b7:4d:e1:cc:10:42:01:
                    12:dc:94:1e:9a:20:72:43:07:c7:58:67:34:c9:5e:
                    da:28:db:e6:6e:2d:9a:be:5d:1d:bc:d9:00:eb:c0:
                    51:1b:7b:8d:e1:53:7f:31:a1:aa:85:b8:a3:fc:27:
                    c1:25:95:3e:ad:be:e2:be:ae:46:13:86:72:4c:59:
                    7f:93:fa:8d:d4:40:5c:8e:98:8f:b3:03:4c:a6:0d:
                    04:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:86:8C:35:56:99:13:DF:FB:FA:B3:50:74:25:6A:70:8A:74:E5:5C
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:e5:ab:af:76:0a:be:bd:b2:8d:15:86:a4:fd:1e:8d:8d:cc:
         42:9f:7a:a0:be:1f:01:e2:0c:6b:ae:2b:fd:77:87:bf:2d:ff:
         fa:22:3a:03:87:d6:09:7f:b7:a0:e4:15:2a:48:6d:35:60:73:
         df:d5:05:bf:2e:b0:86:b8:97:1f:9d:48:d9:08:e7:63:60:7d:
         c7:a3:b5:5b:db:d6:80:ba:61:e0:5c:f2:93:a3:7e:f2:08:7c:
         e7:e1:94:93:ee:6b:d9:12:64:a0:51:ec:39:8d:4a:cc:46:0f:
         08:4e:17:0a:a1:86:38:e3:c0:56:15:a9:9e:46:2a:34:6c:d9:
         b1:8c:04:81:93:d6:f8:44:b5:07:c4:00:85:ca:a0:11:d7:6d:
         1d:76:fe:2d:18:63:c7:bc:d3:8b:1f:10:b2:ba:de:14:14:a7:
         f0:42:f2:ed:15:8b:1e:94:42:03:97:53:5b:be:82:da:fe:38:
         d2:83:24:a7:12:19:bc:a9:d4:00:f0:64:9c:ec:c2:f6:32:e4:
         24:9b:c9:2a:dd:f0:2d:9c:a5:33:0b:e7:fe:a6:89:f6:ed:cd:
         78:b8:0e:a2:4c:60:fe:bf:bf:1d:02:70:f9:5a:b9:b9:a2:69:
         da:d2:d8:65:ba:5c:05:6a:f5:88:46:bb:5d:cc:12:c0:88:3c:
         a2:6e:cf:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oXMAvK132/7rG8xothXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUwNjI4MTMwMjAzWhcNMjUwNjI5MTMwMjAzWjAzMTEwLwYDVQQD
EygzODg2OGMzNTU2OTkxM2RmZmJmYWIzNTA3NDI1NmE3MDhhNzRlNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA8LvJVZJkrAIyoNVWtVIe5GUtVm
YPTboEPeQEe/K1GH9JkWheKIt0NWAe03db5/s1wP7sDzR8qDBXHVLli+U/kqVwtU
2oaRu/b8XXEV4o5vI9TQ3lrvKJNwsclMKO/0PD4qTNVZ0nr6gD7pIpmpvgOn907Z
F/8LTJZntAC4utzPpfATdIGvqhMLSGNKIfGaXIJmR38FSGLUilMiBhj/r4lJLBaj
tGaJgc7+xbdN4cwQQgES3JQemiByQwfHWGc0yV7aKNvmbi2avl0dvNkA68BRG3uN
4VN/MaGqhbij/CfBJZU+rb7ivq5GE4ZyTFl/k/qN1EBcjpiPswNMpg0EVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiGjDVWmRPf+/qzUHQlanCKdOVcMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlOWrr3YK
vr2yjRWGpP0ejY3MQp96oL4fAeIMa64r/XeHvy3/+iI6A4fWCX+3oOQVKkhtNWBz
39UFvy6whriXH51I2QjnY2B9x6O1W9vWgLph4Fzyk6N+8gh85+GUk+5r2RJkoFHs
OY1KzEYPCE4XCqGGOOPAVhWpnkYqNGzZsYwEgZPW+ES1B8QAhcqgEddtHXb+LRhj
x7zTix8QsrreFBSn8ELy7RWLHpRCA5dTW76C2v440oMkpxIZvKnUAPBknOzC9jLk
JJvJKt3wLZylMwvn/qaJ9u3NeLgOokxg/r+/HQJw+Vq5uaJp2tLYZbpcBWr1iEa7
XcwSwIg8om7PMQ==
-----END CERTIFICATE-----