Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
File:                     tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json)
Hash identifier:          B2LDQlj819dN7n3C0wYalR5uoAcfjuViMJwYRVnW9EU=
Subject key identifier:   F9:92:D5:0D:20:6C:EC:E9:BF:7D:A6:BC:0D:BE:3D:71:36:15:2D:CF
Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F
Certificate issuer:       /CN=b56daa6f850414a13f650df094506628a46dc12f
Certificate serial:       0197B7EAD80D046054C7B6C285FF4BF1B7DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
Manifest number:          10B1
Signing time:             Sat 28 Jun 2025 19:01:50 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:50 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:50 +0000
Files and hashes:         1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: 2nkAET7TAnRYcQYFAxRn5dHvnY8BMEN6tqW9IE8pxV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:d8:0d:04:60:54:c7:b6:c2:85:ff:4b:f1:b7:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f
        Validity
            Not Before: Jun 28 19:01:50 2025 GMT
            Not After : Jun 29 19:01:50 2025 GMT
        Subject: CN=f992d50d206cece9bf7da6bc0dbe3d7136152dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:4a:40:fd:85:a3:b3:e8:89:a4:1c:4d:d7:3e:
                    62:bb:e8:bb:92:72:39:23:5d:a3:12:e3:db:7d:18:
                    b3:5d:32:8c:13:e5:22:0e:4e:cd:76:ea:16:73:e2:
                    a0:d8:3a:a5:ba:17:71:5a:4e:20:ca:1c:30:26:90:
                    f4:12:83:59:96:dd:d1:ec:e7:db:b2:9f:0c:70:61:
                    21:4e:83:7d:ad:a3:b7:a0:0d:64:b9:13:af:40:f8:
                    fb:68:0e:a4:e6:de:2f:1c:1f:f3:19:f4:6b:b3:7b:
                    8a:24:38:4b:3b:bc:60:22:05:d7:bd:a4:fc:2a:c4:
                    c4:44:71:ce:93:f7:0b:f9:d6:12:56:d8:52:0f:ee:
                    92:5d:a9:bd:83:79:2d:1f:a3:a5:06:c7:e7:8b:60:
                    65:12:e2:d4:28:91:92:c2:64:68:19:bc:2f:72:24:
                    1d:de:f4:c2:f8:e3:65:be:01:33:fc:2f:d9:d4:16:
                    52:a2:e6:ac:e3:d8:af:de:4f:d9:da:4c:00:ff:d4:
                    9e:a4:50:7c:db:d6:34:a8:87:4a:dc:87:7b:40:63:
                    2d:e9:6b:e9:a2:33:d7:65:ee:f1:fd:bb:46:a3:65:
                    e7:91:c9:a5:54:e0:0f:6a:2e:d1:02:93:e3:cb:2d:
                    ee:70:93:74:1c:73:eb:8d:bd:8a:22:eb:51:4e:c1:
                    ca:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:92:D5:0D:20:6C:EC:E9:BF:7D:A6:BC:0D:BE:3D:71:36:15:2D:CF
            X509v3 Authority Key Identifier:
                keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:06:96:9a:92:75:dd:11:8d:3d:d0:35:ff:af:ca:62:a5:61:
         93:48:0a:6c:14:3c:af:a4:ec:5b:61:07:3a:97:34:bd:82:ca:
         f0:55:55:7c:ff:6f:2e:3a:bf:0a:65:25:c8:33:f8:86:73:36:
         cc:f2:2c:59:54:31:06:1a:df:de:5d:e3:be:83:6c:bd:29:1f:
         af:30:84:b5:15:bc:74:9a:42:de:32:80:1b:46:c0:86:7a:61:
         0e:93:c0:d6:63:80:ba:8f:70:8e:66:34:d6:ca:a9:99:b3:d6:
         83:7c:7b:27:a0:da:44:70:64:89:46:dc:d4:5f:90:31:07:eb:
         6e:38:a1:ff:b3:0a:14:5f:0e:fa:1c:c8:39:7d:97:52:59:f7:
         91:82:4f:61:b2:fd:32:cb:43:de:e6:a8:3f:59:20:6b:87:68:
         4a:3a:a3:78:46:fe:79:50:08:ca:52:35:34:eb:3a:48:32:f2:
         31:22:0a:1e:3a:b7:99:d3:2d:07:35:f8:3c:1d:eb:7b:28:09:
         f3:35:32:00:b8:f2:95:ec:24:af:1f:f7:5d:a0:fb:13:c3:06:
         18:8f:f0:12:4a:43:f9:c5:60:9f:27:83:6a:d6:c4:66:2c:91:
         9c:24:96:98:fb:4a:6c:3a:33:42:01:f5:4f:c4:66:9f:73:28:
         65:1c:22:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36tgNBGBUx7bChf9L8bfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2
ZGMxMmYwHhcNMjUwNjI4MTkwMTUwWhcNMjUwNjI5MTkwMTUwWjAzMTEwLwYDVQQD
EyhmOTkyZDUwZDIwNmNlY2U5YmY3ZGE2YmMwZGJlM2Q3MTM2MTUyZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UpA/YWjs+iJpBxN1z5iu+i7knI5
I12jEuPbfRizXTKME+UiDk7NduoWc+Kg2DqluhdxWk4gyhwwJpD0EoNZlt3R7Ofb
sp8McGEhToN9raO3oA1kuROvQPj7aA6k5t4vHB/zGfRrs3uKJDhLO7xgIgXXvaT8
KsTERHHOk/cL+dYSVthSD+6SXam9g3ktH6OlBsfni2BlEuLUKJGSwmRoGbwvciQd
3vTC+ONlvgEz/C/Z1BZSouas49iv3k/Z2kwA/9SepFB829Y0qIdK3Id7QGMt6Wvp
ojPXZe7x/btGo2XnkcmlVOAPai7RApPjyy3ucJN0HHPrjb2KIutRTsHKhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmS1Q0gbOzpv32mvA2+PXE2FS3PMB8GA1UdIwQY
MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt
ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm
LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQwaWmpJ1
3RGNPdA1/6/KYqVhk0gKbBQ8r6TsW2EHOpc0vYLK8FVVfP9vLjq/CmUlyDP4hnM2
zPIsWVQxBhrf3l3jvoNsvSkfrzCEtRW8dJpC3jKAG0bAhnphDpPA1mOAuo9wjmY0
1sqpmbPWg3x7J6DaRHBkiUbc1F+QMQfrbjih/7MKFF8O+hzIOX2XUln3kYJPYbL9
MstD3uaoP1kga4doSjqjeEb+eVAIylI1NOs6SDLyMSIKHjq3mdMtBzX4PB3reygJ
8zUyALjylewkrx/3XaD7E8MGGI/wEkpD+cVgnyeDatbEZiyRnCSWmPtKbDozQgH1
T8Rmn3MoZRwiKg==
-----END CERTIFICATE-----