Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          R1TxKR8ZEsPe3O69lUG/oxepbMaUSgRfYkP0BJEZ9FA=
Subject key identifier:   6E:C8:61:A2:75:88:A2:76:24:C9:C2:62:80:81:CD:A3:B0:59:90:F7
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       0197B77C5B3EB467390EEAC1A4B3C47AC13A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          03BF
Signing time:             Sat 28 Jun 2025 17:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:09 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: w+rXlRPKuoESts8GIso4+o1EmpHH0/e03aSHsk3f3vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:5b:3e:b4:67:39:0e:ea:c1:a4:b3:c4:7a:c1:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Jun 28 17:01:09 2025 GMT
            Not After : Jun 29 17:01:09 2025 GMT
        Subject: CN=6ec861a27588a27624c9c2628081cda3b05990f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e3:1a:a9:ec:70:56:dc:f6:a1:34:94:a1:e0:
                    cc:d8:5e:f0:05:32:67:20:3b:7a:ee:0c:f5:b8:3d:
                    f3:c4:bf:ae:30:f9:a5:4e:1d:1d:2d:31:a8:8e:49:
                    51:e7:ad:02:df:a8:0c:3f:4d:bb:51:cc:77:ac:b4:
                    ba:12:0d:7b:77:c6:1a:79:60:1d:af:d0:ab:5a:66:
                    07:c1:9f:ce:76:96:e7:22:45:28:f2:94:dd:e8:83:
                    04:1c:95:39:3e:3a:88:82:41:2f:bb:e2:45:f1:a9:
                    64:30:7c:cf:58:0d:9a:85:0b:3a:ad:8b:42:5b:04:
                    99:8b:cf:f4:8c:8b:b3:00:62:59:a8:5f:e9:45:ce:
                    93:7d:72:77:e2:13:95:31:df:40:12:e4:6c:c5:04:
                    2f:7b:ea:97:03:20:34:2d:ac:a9:ad:f8:76:8e:b6:
                    11:ce:81:1e:93:7b:fb:50:61:0f:9f:cf:0e:5e:46:
                    61:20:78:e0:93:64:62:71:e1:94:f5:8b:a7:6a:8c:
                    3b:62:2b:c5:ef:9e:47:83:8d:8f:77:f8:a0:25:88:
                    72:b2:6b:e1:96:83:d9:c8:ca:86:35:59:bd:44:e4:
                    92:a2:0a:a7:c3:b3:c5:08:ac:67:d3:d6:a8:62:e1:
                    56:f5:b8:0e:25:d4:0e:f7:f0:02:ed:a2:c1:5e:aa:
                    e4:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C8:61:A2:75:88:A2:76:24:C9:C2:62:80:81:CD:A3:B0:59:90:F7
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:0e:e6:15:0c:be:bd:e8:05:74:53:1d:32:d8:4a:fb:66:fb:
         b1:9c:9d:8f:02:5c:42:0b:c7:ed:9f:6e:34:a0:2d:6e:b8:83:
         4c:a9:79:53:02:f1:05:26:49:02:64:85:cd:28:6b:db:42:2f:
         3e:cd:06:80:e7:d0:ef:47:d7:ce:87:ae:fd:6f:ba:b9:6f:67:
         4d:ad:44:cb:cf:b0:e7:5b:d1:27:e8:09:83:bf:89:6a:31:a3:
         d8:3b:5f:c8:4c:0b:39:0b:ce:0d:34:8e:c4:44:a9:7a:0f:03:
         8e:ef:d3:dd:0e:fa:9e:81:0e:d9:80:35:34:ea:ba:ef:16:3f:
         1e:e6:cd:44:ef:dc:bb:06:d9:1c:d8:b9:63:70:14:71:69:b2:
         2d:8a:03:ce:de:4b:87:19:fe:97:34:5b:ba:af:b0:fe:e1:2c:
         c9:30:d7:38:55:07:d8:bd:61:83:2c:41:7a:ea:36:eb:59:97:
         08:18:25:20:60:68:39:5c:2f:c1:3d:d5:e9:d0:a6:1b:12:d3:
         e1:5e:8d:ea:e8:f3:a8:6d:59:5a:52:d5:55:70:84:9e:4c:82:
         dc:07:76:c8:5b:4d:8f:3d:8b:e7:94:ba:0e:46:a1:b4:8b:3b:
         62:e4:9c:7c:22:2b:09:8e:82:45:42:a1:de:40:4d:df:6a:ad:
         42:65:50:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fFs+tGc5DurBpLPEesE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwNjI4MTcwMTA5WhcNMjUwNjI5MTcwMTA5WjAzMTEwLwYDVQQD
Eyg2ZWM4NjFhMjc1ODhhMjc2MjRjOWMyNjI4MDgxY2RhM2IwNTk5MGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uMaqexwVtz2oTSUoeDM2F7wBTJn
IDt67gz1uD3zxL+uMPmlTh0dLTGojklR560C36gMP027Ucx3rLS6Eg17d8YaeWAd
r9CrWmYHwZ/OdpbnIkUo8pTd6IMEHJU5PjqIgkEvu+JF8alkMHzPWA2ahQs6rYtC
WwSZi8/0jIuzAGJZqF/pRc6TfXJ34hOVMd9AEuRsxQQve+qXAyA0Layprfh2jrYR
zoEek3v7UGEPn88OXkZhIHjgk2RiceGU9Yunaow7YivF755Hg42Pd/igJYhysmvh
loPZyMqGNVm9ROSSogqnw7PFCKxn09aoYuFW9bgOJdQO9/AC7aLBXqrkFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7IYaJ1iKJ2JMnCYoCBzaOwWZD3MB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArQ7mFQy+
vegFdFMdMthK+2b7sZydjwJcQgvH7Z9uNKAtbriDTKl5UwLxBSZJAmSFzShr20Iv
Ps0GgOfQ70fXzoeu/W+6uW9nTa1Ey8+w51vRJ+gJg7+JajGj2DtfyEwLOQvODTSO
xESpeg8Dju/T3Q76noEO2YA1NOq67xY/HubNRO/cuwbZHNi5Y3AUcWmyLYoDzt5L
hxn+lzRbuq+w/uEsyTDXOFUH2L1hgyxBeuo261mXCBglIGBoOVwvwT3V6dCmGxLT
4V6N6ujzqG1ZWlLVVXCEnkyC3Ad2yFtNjz2L55S6DkahtIs7YuScfCIrCY6CRUKh
3kBN32qtQmVQOQ==
-----END CERTIFICATE-----