Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          drn+uZunWgqXGdpVQXv54KHyw7TgGAa52V7SesYR6BA=
Subject key identifier:   B5:3D:F5:7B:26:23:1C:9F:08:F5:B5:8F:53:11:76:6F:AE:E2:65:28
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       0197B6D73386E128AC46C6213B74EB10C8E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0CBD
Signing time:             Sat 28 Jun 2025 14:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 14:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 14:00:46 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: mZSWi6FjpjzByMfWAwUHq9+WxbHUev6OQY1ESdDaI6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:33:86:e1:28:ac:46:c6:21:3b:74:eb:10:c8:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Jun 28 14:00:46 2025 GMT
            Not After : Jun 29 14:00:46 2025 GMT
        Subject: CN=b53df57b26231c9f08f5b58f5311766faee26528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e5:1d:30:0a:88:8b:82:48:fa:88:2e:13:32:
                    fa:4a:d8:66:d5:31:69:56:34:71:d3:65:8e:c8:b5:
                    d8:ef:35:57:54:fb:67:9c:7c:bf:01:cc:3a:14:27:
                    77:a1:1d:3a:a1:8a:d1:c6:7b:37:0f:1c:35:54:b5:
                    9a:52:30:47:92:89:fa:ec:69:96:9c:9b:6a:cf:47:
                    b0:c5:06:27:ee:2b:8a:f2:77:02:93:bd:91:f1:56:
                    25:e1:35:f5:b5:67:bc:c7:a3:59:28:c7:fe:2d:6e:
                    66:72:ae:4c:22:de:f0:58:d5:6a:f4:e9:fb:5e:17:
                    91:d2:d5:ae:0f:fb:4f:c9:fe:34:d7:e5:c7:fd:3f:
                    7d:92:b8:08:95:1b:29:78:a9:2e:ad:b6:5b:c0:99:
                    ce:62:86:43:4e:48:4c:a2:21:a6:41:18:0e:7b:9d:
                    4f:94:1b:97:e5:20:e4:3c:f7:9c:2c:89:78:2d:2a:
                    79:46:47:1c:2f:d1:d4:34:37:b3:90:d4:25:46:e5:
                    96:83:d3:05:04:81:32:76:0d:23:e9:ae:56:13:f5:
                    1a:32:3b:2e:a2:20:8f:93:88:e7:85:28:ab:d2:be:
                    26:03:bb:0d:10:b6:a4:ff:2e:c2:f2:c1:75:6c:ac:
                    ba:d6:0c:c0:1a:44:c7:07:e7:ee:af:ec:63:31:d3:
                    07:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:3D:F5:7B:26:23:1C:9F:08:F5:B5:8F:53:11:76:6F:AE:E2:65:28
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:23:bc:c7:8f:f3:dc:2d:01:a7:5f:96:be:32:e4:8f:aa:46:
         6b:40:1e:cf:9e:e6:24:4c:fe:8a:8f:15:e3:61:40:5e:d2:33:
         41:ff:3d:38:4f:7e:a4:f3:86:64:7a:cf:b6:73:d8:c2:5d:da:
         a1:03:bd:51:ec:e2:7f:05:6e:5f:9e:81:69:ef:04:d6:86:c0:
         1b:e6:a8:c4:56:86:32:42:41:53:dc:90:d6:1a:81:ee:f8:bf:
         e1:1e:8c:6a:f0:8f:5b:85:05:72:80:4f:ec:e1:1c:2a:d2:3e:
         2a:20:7b:3e:d3:c0:f6:1d:f9:75:19:d6:c4:ae:4c:89:93:1c:
         f3:87:90:62:98:4f:14:7d:64:a2:51:9b:a5:bb:fb:34:25:eb:
         d9:ed:09:a4:ab:c5:3a:98:9b:8f:2c:2f:29:96:a0:fe:c6:6d:
         5c:93:c9:8a:a4:d1:b6:87:df:ff:e9:51:b4:b5:4d:93:c1:6e:
         44:5e:26:17:9e:60:9a:96:0b:9c:55:57:0e:3f:21:6e:dc:a6:
         2b:14:f1:88:1b:ee:98:0c:ea:b8:1a:1f:f5:6d:ef:67:bd:6d:
         99:c3:1e:48:1e:e1:c2:d5:9d:bd:05:18:4f:33:bb:77:92:c7:
         2c:e7:e2:76:46:c5:be:66:f4:e8:b1:94:80:04:8d:13:9f:a7:
         21:50:33:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe21zOG4SisRsYhO3TrEMjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUwNjI4MTQwMDQ2WhcNMjUwNjI5MTQwMDQ2WjAzMTEwLwYDVQQD
EyhiNTNkZjU3YjI2MjMxYzlmMDhmNWI1OGY1MzExNzY2ZmFlZTI2NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueUdMAqIi4JI+oguEzL6Sthm1TFp
VjRx02WOyLXY7zVXVPtnnHy/Acw6FCd3oR06oYrRxns3Dxw1VLWaUjBHkon67GmW
nJtqz0ewxQYn7iuK8ncCk72R8VYl4TX1tWe8x6NZKMf+LW5mcq5MIt7wWNVq9On7
XheR0tWuD/tPyf401+XH/T99krgIlRspeKkurbZbwJnOYoZDTkhMoiGmQRgOe51P
lBuX5SDkPPecLIl4LSp5RkccL9HUNDezkNQlRuWWg9MFBIEydg0j6a5WE/UaMjsu
oiCPk4jnhSir0r4mA7sNELak/y7C8sF1bKy61gzAGkTHB+fur+xjMdMHFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLU99XsmIxyfCPW1j1MRdm+u4mUoMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQyO8x4/z
3C0Bp1+WvjLkj6pGa0Aez57mJEz+io8V42FAXtIzQf89OE9+pPOGZHrPtnPYwl3a
oQO9UezifwVuX56Bae8E1obAG+aoxFaGMkJBU9yQ1hqB7vi/4R6MavCPW4UFcoBP
7OEcKtI+KiB7PtPA9h35dRnWxK5MiZMc84eQYphPFH1kolGbpbv7NCXr2e0JpKvF
OpibjywvKZag/sZtXJPJiqTRtoff/+lRtLVNk8FuRF4mF55gmpYLnFVXDj8hbtym
KxTxiBvumAzquBof9W3vZ71tmcMeSB7hwtWdvQUYTzO7d5LHLOfidkbFvmb06LGU
gASNE5+nIVAz5g==
-----END CERTIFICATE-----