Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
File:                     2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft (raw, json)
Hash identifier:          86/uYpz+N+sbIsBBLYcc3os9dX3bJj7zIFbKDfKKuBc=
Subject key identifier:   99:D1:01:BF:4F:B5:91:78:B3:B4:B1:F7:1D:9D:57:A1:99:6F:D3:28
Authority key identifier: DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1
Certificate issuer:       /CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1
Certificate serial:       0197B6A0DDD4730974B44D70213A75BDFF83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
Manifest number:          13A5
Signing time:             Sat 28 Jun 2025 13:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:25 +0000
Files and hashes:         1: 2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl (hash: QTNLwL72k4c1D0+36ZVIPBIjMvKBtlPiJiC9QsEjrCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:dd:d4:73:09:74:b4:4d:70:21:3a:75:bd:ff:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1
        Validity
            Not Before: Jun 28 13:01:25 2025 GMT
            Not After : Jun 29 13:01:25 2025 GMT
        Subject: CN=99d101bf4fb59178b3b4b1f71d9d57a1996fd328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e2:81:e7:67:1c:00:83:42:c2:2e:b0:1a:0c:
                    8f:58:02:44:21:94:f8:a6:69:2d:9b:fe:c0:58:d5:
                    ac:fd:52:1b:d4:ab:18:53:23:51:ff:3c:e2:bd:6a:
                    9b:3a:3c:3f:23:24:db:5f:a7:f7:40:b4:8b:e2:e6:
                    ee:bc:c1:d6:d8:53:7a:c2:ac:fc:3b:2a:97:a3:bb:
                    29:a1:e5:03:70:9a:17:82:ef:55:7a:41:a1:20:c9:
                    7e:63:44:97:bd:bd:97:a2:82:76:75:b6:e7:3d:8b:
                    f5:3d:5a:00:5b:4c:ac:f6:96:6f:ae:6f:1e:31:30:
                    d4:c2:5b:f7:d2:cd:59:bc:5a:1d:12:6e:36:e0:5f:
                    3e:d5:e9:c5:17:8b:08:ff:78:ad:da:8c:1f:c5:02:
                    d4:89:1f:6b:3e:9a:ab:f1:d3:9f:98:52:b9:00:9d:
                    cb:ca:12:71:f7:1a:96:a0:a4:fb:20:af:c9:d8:1b:
                    65:19:1d:1c:08:92:2a:31:20:d2:e2:0d:c4:0e:2b:
                    a6:24:df:09:3e:e3:de:ab:11:7c:fb:45:ff:d7:45:
                    e4:5e:eb:f1:51:e0:43:f3:b0:b0:31:73:76:b7:c1:
                    ab:d3:64:51:25:f4:6e:33:3f:5e:10:ec:9a:e3:81:
                    16:e2:3b:af:de:af:8c:c9:e7:3b:9d:4d:83:9b:3a:
                    93:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D1:01:BF:4F:B5:91:78:B3:B4:B1:F7:1D:9D:57:A1:99:6F:D3:28
            X509v3 Authority Key Identifier:
                keyid:DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:6f:20:a7:5c:3f:9c:a4:d2:81:c3:77:19:38:69:59:cf:27:
         ae:be:cc:49:29:bb:5b:90:08:38:61:0c:f7:e4:1d:ab:b3:5d:
         ca:c8:d7:9c:26:cb:e9:0f:68:38:c2:f7:a5:95:40:f5:bb:09:
         63:36:18:8d:f4:8c:1a:1a:73:b8:ba:75:4d:78:3b:7a:cf:81:
         f0:7b:b6:31:a1:bd:6e:51:26:27:6f:45:c3:f4:f0:a8:6d:0b:
         28:8f:8d:54:60:7b:b4:9d:4f:d8:fc:6f:94:f3:41:91:e6:49:
         99:b2:77:9e:0a:c5:63:bc:33:6b:9c:36:8a:f7:28:4f:ec:c2:
         44:9b:84:d8:4b:bb:7c:f5:30:67:90:f2:90:33:03:23:8f:54:
         6a:73:38:0b:a2:3d:d3:2d:d7:4d:6d:dc:bd:9e:22:a0:34:8c:
         17:c0:ce:8a:ef:48:55:97:4d:86:b6:91:23:f3:94:24:93:e0:
         c5:90:46:02:a8:83:85:6f:35:50:49:2e:68:0b:10:e6:d6:ad:
         0e:b2:e6:43:44:6e:12:ef:97:14:25:ec:f5:88:4e:e2:02:ef:
         6f:0e:33:41:a1:f3:76:be:9d:39:89:a3:79:5f:69:84:1a:d8:
         ad:f6:4b:46:3a:16:a9:bc:53:93:c9:f2:0c:fc:a3:75:b7:8d:
         3b:55:8f:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oN3Ucwl0tE1wITp1vf+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZjViY2I5MWM2NDBhMGEzNDI5MDVlNWE1MTcwNzUyOGY1
YTMzYTEwHhcNMjUwNjI4MTMwMTI1WhcNMjUwNjI5MTMwMTI1WjAzMTEwLwYDVQQD
Eyg5OWQxMDFiZjRmYjU5MTc4YjNiNGIxZjcxZDlkNTdhMTk5NmZkMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+KB52ccAINCwi6wGgyPWAJEIZT4
pmktm/7AWNWs/VIb1KsYUyNR/zzivWqbOjw/IyTbX6f3QLSL4ubuvMHW2FN6wqz8
OyqXo7spoeUDcJoXgu9VekGhIMl+Y0SXvb2XooJ2dbbnPYv1PVoAW0ys9pZvrm8e
MTDUwlv30s1ZvFodEm424F8+1enFF4sI/3it2owfxQLUiR9rPpqr8dOfmFK5AJ3L
yhJx9xqWoKT7IK/J2BtlGR0cCJIqMSDS4g3EDiumJN8JPuPeqxF8+0X/10XkXuvx
UeBD87CwMXN2t8Gr02RRJfRuMz9eEOya44EW4juv3q+Myec7nU2DmzqTcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnRAb9PtZF4s7Sx9x2dV6GZb9MoMB8GA1UdIwQY
MBaAFNv1vLkcZAoKNCkF5aUXB1KPWjOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yN2VkMmQtMDdjNy00MWQ4LTljMjQt
MTJiNGViYzQxNDUxLzEvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yN2VkMmQtMDdjNy00MWQ4LTljMjQtMTJiNGViYzQxNDUx
LzEvMl9XOHVSeGtDZ28wS1FYbHBSY0hVbzlhTTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACG8gp1w/
nKTSgcN3GThpWc8nrr7MSSm7W5AIOGEM9+Qdq7NdysjXnCbL6Q9oOML3pZVA9bsJ
YzYYjfSMGhpzuLp1TXg7es+B8Hu2MaG9blEmJ29Fw/TwqG0LKI+NVGB7tJ1P2Pxv
lPNBkeZJmbJ3ngrFY7wza5w2ivcoT+zCRJuE2Eu7fPUwZ5DykDMDI49UanM4C6I9
0y3XTW3cvZ4ioDSMF8DOiu9IVZdNhraRI/OUJJPgxZBGAqiDhW81UEkuaAsQ5tat
DrLmQ0RuEu+XFCXs9YhO4gLvbw4zQaHzdr6dOYmjeV9phBrYrfZLRjoWqbxTk8ny
DPyjdbeNO1WPkA==
-----END CERTIFICATE-----