Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          zHJ8LQvgZGlNYQngJXzXV9wKKAJ6ufk+9un5ybzDyLs=
Subject key identifier:   63:E7:61:24:C6:E9:6C:9B:FD:7D:5F:78:56:4C:95:A4:5F:C1:CA:14
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       0198D54E34C298F3818691D4C56A7A1D7B48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0453
Signing time:             Sat 23 Aug 2025 05:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:08 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: UwqvTVfmphjzUAy9qqm8jdMKsgIkr4b/y0QOx9llOHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:34:c2:98:f3:81:86:91:d4:c5:6a:7a:1d:7b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Aug 23 05:02:08 2025 GMT
            Not After : Aug 24 05:02:08 2025 GMT
        Subject: CN=63e76124c6e96c9bfd7d5f78564c95a45fc1ca14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d2:24:9f:a3:2b:b0:2f:a4:9f:9e:6f:58:d2:
                    9a:2a:63:99:18:75:8a:ac:f9:80:4c:ac:f7:42:e2:
                    f9:56:db:ec:1d:e9:64:1e:d7:c4:dd:db:d8:1d:0e:
                    3f:43:b8:ad:38:ef:b0:ea:af:03:f2:a8:2e:87:f6:
                    f8:e3:7e:73:56:10:bb:c4:2f:99:57:17:80:7d:4f:
                    08:4a:e4:01:4f:23:dc:27:8b:87:45:97:0f:60:6a:
                    6c:0d:26:39:33:2a:45:67:bb:97:d1:d0:43:a2:5b:
                    b2:6e:c5:6f:38:1d:fa:ef:7f:37:0c:78:e3:88:36:
                    a2:5f:f0:bf:fc:20:d1:ea:a8:8e:45:e8:40:6e:6c:
                    b5:d1:ff:f7:8c:4c:22:1b:a2:1c:32:c3:16:2b:53:
                    d3:67:15:64:68:49:57:46:6b:2b:96:35:7c:61:77:
                    0a:d9:13:26:59:28:11:56:16:46:ae:6a:fd:b1:f4:
                    0a:c3:a9:68:3b:ab:92:2e:8b:c9:38:2e:19:52:7e:
                    41:1e:b8:0f:30:ea:8f:fe:09:03:71:9c:55:d9:76:
                    55:a4:da:2a:15:ef:50:d0:ec:4e:0e:e7:14:42:62:
                    62:a5:d6:89:bb:f7:1e:11:50:48:ba:9d:a9:38:6d:
                    92:68:20:ea:b1:14:e4:f1:5e:32:44:1a:57:50:22:
                    a9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:E7:61:24:C6:E9:6C:9B:FD:7D:5F:78:56:4C:95:A4:5F:C1:CA:14
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:5e:40:ed:44:2e:34:a5:ae:37:d2:ef:25:89:bd:d3:09:75:
         cd:c3:72:9c:af:e1:5e:bc:88:7d:29:0e:36:99:88:8a:ff:0e:
         70:24:b7:fa:6f:a8:58:69:22:16:34:38:27:3c:8f:69:5c:78:
         f5:f4:a2:cf:76:e6:e9:64:af:db:5a:d6:21:12:d3:79:46:f8:
         a1:2e:d5:d6:1e:84:de:97:53:eb:22:0f:21:15:1c:fe:33:eb:
         39:80:e1:61:b3:6f:dd:83:30:db:d7:7d:f6:45:2f:75:ff:1e:
         c5:4c:07:49:31:b3:9f:05:e3:b8:8c:2a:b0:37:9e:35:46:6f:
         7a:20:75:88:e8:52:3e:75:4a:0d:8a:f7:b6:c9:b3:33:90:29:
         67:7d:49:c8:25:cc:7d:f6:e3:08:45:3b:ba:34:a9:3a:d3:2a:
         7e:5b:d2:99:e9:d0:8f:23:7c:2b:74:db:27:11:22:87:ca:69:
         ce:16:f4:4d:dd:98:5b:7f:8f:b0:7a:99:1b:63:b7:de:f5:73:
         2f:85:c4:fe:76:15:40:70:c3:fa:01:5a:ad:5e:c8:9a:90:8f:
         2e:d2:13:5a:13:f3:13:55:90:04:50:e6:fa:a8:a4:0c:9c:9f:
         ca:a2:14:93:10:62:d8:5a:f3:06:4c:c2:e8:02:ca:e0:d5:c8:
         d6:75:1d:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTjTCmPOBhpHUxWp6HXtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjUwODIzMDUwMjA4WhcNMjUwODI0MDUwMjA4WjAzMTEwLwYDVQQD
Eyg2M2U3NjEyNGM2ZTk2YzliZmQ3ZDVmNzg1NjRjOTVhNDVmYzFjYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNIkn6MrsC+kn55vWNKaKmOZGHWK
rPmATKz3QuL5VtvsHelkHtfE3dvYHQ4/Q7itOO+w6q8D8qguh/b4435zVhC7xC+Z
VxeAfU8ISuQBTyPcJ4uHRZcPYGpsDSY5MypFZ7uX0dBDoluybsVvOB367383DHjj
iDaiX/C//CDR6qiORehAbmy10f/3jEwiG6IcMsMWK1PTZxVkaElXRmsrljV8YXcK
2RMmWSgRVhZGrmr9sfQKw6loO6uSLovJOC4ZUn5BHrgPMOqP/gkDcZxV2XZVpNoq
Fe9Q0OxODucUQmJipdaJu/ceEVBIup2pOG2SaCDqsRTk8V4yRBpXUCKpUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPnYSTG6Wyb/X1feFZMlaRfwcoUMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI15A7UQu
NKWuN9LvJYm90wl1zcNynK/hXryIfSkONpmIiv8OcCS3+m+oWGkiFjQ4JzyPaVx4
9fSiz3bm6WSv21rWIRLTeUb4oS7V1h6E3pdT6yIPIRUc/jPrOYDhYbNv3YMw29d9
9kUvdf8exUwHSTGznwXjuIwqsDeeNUZveiB1iOhSPnVKDYr3tsmzM5ApZ31JyCXM
ffbjCEU7ujSpOtMqflvSmenQjyN8K3TbJxEih8ppzhb0Td2YW3+PsHqZG2O33vVz
L4XE/nYVQHDD+gFarV7ImpCPLtITWhPzE1WQBFDm+qikDJyfyqIUkxBi2FrzBkzC
6ALK4NXI1nUddA==
-----END CERTIFICATE-----