Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
File:                     egadopx7Yd3rzAUk_QjlTf80wWg.mft (raw, json)
Hash identifier:          MfdDeCGhmcdvEaGrI+bdGHULOjyV/P8kjDZG0T3q0Ys=
Subject key identifier:   41:0C:21:A9:39:C8:45:88:76:ED:2A:33:E9:02:85:63:D2:02:E9:E8
Authority key identifier: 7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68
Certificate issuer:       /CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
Certificate serial:       0197B6A11D04400D0690CDBA476D3F83E8A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:41 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:41 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:41 +0000
Files and hashes:         1: egadopx7Yd3rzAUk_QjlTf80wWg.crl (hash: hM0nxBwb9InX6q4vxAWaNK+8FX7srKWaUnpot5uZ7jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:1d:04:40:0d:06:90:cd:ba:47:6d:3f:83:e8:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a069da29c7b61ddebcc0524fd08e54dff34c168
        Validity
            Not Before: Jun 28 13:01:41 2025 GMT
            Not After : Jun 29 13:01:41 2025 GMT
        Subject: CN=410c21a939c8458876ed2a33e9028563d202e9e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:bf:19:2c:dd:6c:dd:1d:bb:3e:09:09:1c:92:
                    d5:2a:6b:e1:89:6b:a8:12:1d:ea:8f:b8:aa:73:3e:
                    66:18:1d:72:60:dc:b8:b2:c4:9f:f0:b7:6d:c9:b5:
                    92:d6:82:9e:a1:49:fc:9f:ed:78:d0:3e:93:03:e3:
                    c3:b8:67:c7:77:34:e8:73:d9:30:dc:bf:5e:5e:ca:
                    e6:1c:f3:e3:3a:87:d8:66:a2:fb:b9:ec:ee:b1:52:
                    01:26:0c:21:1f:bb:fa:59:d7:80:53:e8:80:84:75:
                    77:ae:db:fb:7a:df:7e:fe:85:77:0c:51:12:c0:6e:
                    fc:90:e3:89:c2:34:90:5f:41:3b:17:63:c8:c9:9f:
                    af:02:9a:32:f1:cf:f3:33:c2:02:1c:a3:42:60:f6:
                    19:99:1f:73:90:92:f4:82:34:20:78:b9:3e:9b:34:
                    7b:0a:a3:4d:97:8e:c4:e8:93:9e:a5:fa:aa:fc:d6:
                    93:a8:41:aa:34:ef:25:69:ca:ed:12:2f:24:02:a0:
                    cc:51:8b:7a:10:16:8f:cf:87:b6:2c:c8:88:f2:c5:
                    78:97:3f:d0:ba:06:24:93:f2:5e:e3:b4:8f:79:e5:
                    50:a8:be:3c:37:68:aa:10:b7:bc:bc:f5:13:1f:be:
                    61:92:90:a1:f7:c4:68:5b:0e:8e:41:3c:a5:27:dc:
                    c8:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:0C:21:A9:39:C8:45:88:76:ED:2A:33:E9:02:85:63:D2:02:E9:E8
            X509v3 Authority Key Identifier:
                keyid:7A:06:9D:A2:9C:7B:61:DD:EB:CC:05:24:FD:08:E5:4D:FF:34:C1:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egadopx7Yd3rzAUk_QjlTf80wWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6039e8-2d68-4310-a3ac-4bfefe416f26/1/egadopx7Yd3rzAUk_QjlTf80wWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:4f:03:71:95:a0:fd:7d:a4:a9:e7:3a:96:bc:e2:26:57:cb:
         69:05:47:90:54:0c:b6:ea:3f:e7:47:da:88:f3:bb:7b:c1:93:
         26:d5:80:33:e9:35:2d:55:15:5f:34:d0:75:3e:cb:a6:b5:c1:
         e2:66:2b:5e:8d:0a:c4:e6:3a:54:74:13:3a:35:ef:8f:6c:fa:
         66:5c:a0:64:7e:d3:87:a9:2f:c2:47:78:00:17:e2:c6:b1:b6:
         8b:e8:50:fc:ee:d8:54:de:c4:ec:6f:5c:e5:c9:64:d3:36:73:
         ba:51:d5:b7:3d:6c:07:d9:fe:14:46:06:49:8c:c2:4b:60:99:
         82:05:70:d9:7f:6c:23:a9:27:ec:04:2e:f8:72:ed:21:71:ee:
         e5:de:16:55:b8:6c:f5:12:4f:82:6f:5a:2b:81:f8:54:74:57:
         ec:dc:e6:10:25:a8:8c:af:e0:03:c3:ca:1b:65:74:dc:aa:1d:
         52:76:b7:8c:c7:9a:64:5a:bf:3a:9c:23:20:fc:86:46:1b:27:
         9e:85:c3:3d:71:28:2c:0a:9c:7a:f6:18:db:a4:de:06:44:dd:
         18:9e:0c:98:37:f9:d7:3a:0d:d2:ef:d1:5e:f4:ae:37:81:18:
         9f:aa:22:12:b1:26:a6:44:ad:bc:bf:0a:5f:8c:af:ff:6c:65:
         cf:a6:f7:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oR0EQA0GkM26R20/g+ihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDY5ZGEyOWM3YjYxZGRlYmNjMDUyNGZkMDhlNTRkZmYz
NGMxNjgwHhcNMjUwNjI4MTMwMTQxWhcNMjUwNjI5MTMwMTQxWjAzMTEwLwYDVQQD
Eyg0MTBjMjFhOTM5Yzg0NTg4NzZlZDJhMzNlOTAyODU2M2QyMDJlOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL8ZLN1s3R27PgkJHJLVKmvhiWuo
Eh3qj7iqcz5mGB1yYNy4ssSf8LdtybWS1oKeoUn8n+140D6TA+PDuGfHdzToc9kw
3L9eXsrmHPPjOofYZqL7uezusVIBJgwhH7v6WdeAU+iAhHV3rtv7et9+/oV3DFES
wG78kOOJwjSQX0E7F2PIyZ+vApoy8c/zM8ICHKNCYPYZmR9zkJL0gjQgeLk+mzR7
CqNNl47E6JOepfqq/NaTqEGqNO8lacrtEi8kAqDMUYt6EBaPz4e2LMiI8sV4lz/Q
ugYkk/Je47SPeeVQqL48N2iqELe8vPUTH75hkpCh98RoWw6OQTylJ9zI1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEMIak5yEWIdu0qM+kChWPSAunoMB8GA1UdIwQY
MBaAFHoGnaKce2Hd68wFJP0I5U3/NMFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMt
NGJmZWZlNDE2ZjI2LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82MDM5ZTgtMmQ2OC00MzEwLWEzYWMtNGJmZWZlNDE2ZjI2
LzEvZWdhZG9weDdZZDNyekFVa19RamxUZjgwd1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHk8DcZWg
/X2kqec6lrziJlfLaQVHkFQMtuo/50faiPO7e8GTJtWAM+k1LVUVXzTQdT7LprXB
4mYrXo0KxOY6VHQTOjXvj2z6ZlygZH7Th6kvwkd4ABfixrG2i+hQ/O7YVN7E7G9c
5clk0zZzulHVtz1sB9n+FEYGSYzCS2CZggVw2X9sI6kn7AQu+HLtIXHu5d4WVbhs
9RJPgm9aK4H4VHRX7NzmECWojK/gA8PKG2V03KodUna3jMeaZFq/OpwjIPyGRhsn
noXDPXEoLAqcevYY26TeBkTdGJ4MmDf51zoN0u/RXvSuN4EYn6oiErEmpkStvL8K
X4yv/2xlz6b3yg==
-----END CERTIFICATE-----