Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
File:                     2Bytep8KCbPVTabNzedDEvrMbXc.mft (raw, json)
Hash identifier:          dwTE91h294F+0vV+el04plmqollAm0wRObatrcLia5Y=
Subject key identifier:   C5:2F:D3:C6:78:7A:11:96:1A:00:C6:C2:F7:71:4C:4B:D6:0C:82:CF
Authority key identifier: D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77
Certificate issuer:       /CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
Certificate serial:       0198D6CDA907639A0FFC4C46BB8836F6816C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
Manifest number:          08B4
Signing time:             Sat 23 Aug 2025 12:00:59 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:59 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:59 +0000
Files and hashes:         1: 2Bytep8KCbPVTabNzedDEvrMbXc.crl (hash: Hg/C6PgCF0lU4YuJB3DC0L5E7bXYAKbe+v5j/JzP84g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:a9:07:63:9a:0f:fc:4c:46:bb:88:36:f6:81:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
        Validity
            Not Before: Aug 23 12:00:59 2025 GMT
            Not After : Aug 24 12:00:59 2025 GMT
        Subject: CN=c52fd3c6787a11961a00c6c2f7714c4bd60c82cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:84:4f:0b:b8:65:28:74:fe:2f:b5:cf:03:6c:
                    b9:32:00:22:ca:2f:40:73:f9:4f:2d:a5:b8:93:16:
                    95:c7:eb:cc:89:6d:19:05:01:cc:a5:7d:f3:7f:36:
                    5d:82:23:bc:0d:25:ee:81:2b:87:82:5d:f9:ef:b0:
                    f8:84:ba:02:84:27:f0:b5:28:80:97:ec:b4:14:82:
                    98:45:56:0e:fc:8c:16:ac:c0:16:98:88:31:ea:9e:
                    c1:c8:5f:de:8e:32:f2:7a:ef:6b:02:b0:15:4a:02:
                    ad:27:f1:8c:6c:d6:dd:34:7f:50:3a:a6:be:69:67:
                    d6:11:99:7b:cb:b6:c8:98:fd:d1:16:92:ac:21:0f:
                    64:42:4e:74:cf:0f:be:fd:07:4a:5e:ea:61:18:fe:
                    95:fc:4c:51:25:aa:24:0c:3d:87:14:9a:42:42:08:
                    b0:f9:46:e5:32:1b:80:f5:60:8a:d9:ff:f7:9a:44:
                    65:0b:59:75:d6:84:d4:03:c6:d0:44:11:aa:e1:1a:
                    28:2e:67:9b:d1:35:a0:bf:5c:84:5e:b1:58:a3:cc:
                    3d:fa:11:1d:66:c4:71:b3:71:20:01:ad:c3:d1:8c:
                    ff:80:67:13:1b:93:7f:b9:68:64:54:d6:00:55:06:
                    6d:55:fa:dc:6e:c3:22:b5:27:c1:ff:d2:21:af:0d:
                    41:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:2F:D3:C6:78:7A:11:96:1A:00:C6:C2:F7:71:4C:4B:D6:0C:82:CF
            X509v3 Authority Key Identifier:
                keyid:D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:c5:73:78:67:f4:66:04:3f:55:aa:4e:17:f8:cb:b1:35:cf:
         9f:79:c8:68:7b:9c:24:91:50:65:13:4a:52:1d:d9:f2:34:ac:
         31:45:c9:3e:85:03:27:24:35:15:d4:06:4b:27:e7:65:fc:2e:
         bb:f4:21:10:c3:dc:78:29:64:5c:8b:18:52:df:8c:cc:f1:72:
         f2:96:a0:36:32:5b:c8:9d:89:0d:13:ca:45:38:62:d5:a4:dc:
         68:9b:f6:fa:f0:b5:26:56:ff:3a:8e:4b:51:9a:a6:13:d0:42:
         e5:11:c6:2e:b1:7a:b9:c5:a2:f7:8c:1f:62:0a:bb:f4:94:86:
         fe:80:e5:e8:34:b6:5c:60:8d:5f:c9:fd:30:53:ec:3e:d2:13:
         86:1f:0a:55:3b:0c:5e:40:18:27:3f:10:15:28:d5:29:c7:c0:
         fb:3f:4a:ae:f2:1b:c7:33:ae:16:08:58:89:47:fb:a8:78:8e:
         b9:41:5c:4d:82:2a:fa:ec:2e:50:4e:18:82:11:21:11:9e:4d:
         7f:0a:37:95:a1:8f:7d:6a:f2:05:90:19:71:eb:2d:4f:78:a4:
         6d:88:80:2f:25:93:05:41:4e:f1:ac:b1:4f:97:df:d9:58:f6:
         28:f9:b0:96:80:64:3b:d3:d7:ba:b1:3a:01:d3:a6:68:8a:90:
         4e:c4:d6:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzakHY5oP/ExGu4g29oFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNhZDdhOWYwYTA5YjNkNTRkYTZjZGNkZTc0MzEyZmFj
YzZkNzcwHhcNMjUwODIzMTIwMDU5WhcNMjUwODI0MTIwMDU5WjAzMTEwLwYDVQQD
EyhjNTJmZDNjNjc4N2ExMTk2MWEwMGM2YzJmNzcxNGM0YmQ2MGM4MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoRPC7hlKHT+L7XPA2y5MgAiyi9A
c/lPLaW4kxaVx+vMiW0ZBQHMpX3zfzZdgiO8DSXugSuHgl3577D4hLoChCfwtSiA
l+y0FIKYRVYO/IwWrMAWmIgx6p7ByF/ejjLyeu9rArAVSgKtJ/GMbNbdNH9QOqa+
aWfWEZl7y7bImP3RFpKsIQ9kQk50zw++/QdKXuphGP6V/ExRJaokDD2HFJpCQgiw
+UblMhuA9WCK2f/3mkRlC1l11oTUA8bQRBGq4RooLmeb0TWgv1yEXrFYo8w9+hEd
ZsRxs3EgAa3D0Yz/gGcTG5N/uWhkVNYAVQZtVfrcbsMitSfB/9Ihrw1BKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUv08Z4ehGWGgDGwvdxTEvWDILPMB8GA1UdIwQY
MBaAFNgcrXqfCgmz1U2mzc3nQxL6zG13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAt
ZDNlYTcwN2M4ZjE4LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAtZDNlYTcwN2M4ZjE4
LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8VzeGf0
ZgQ/VapOF/jLsTXPn3nIaHucJJFQZRNKUh3Z8jSsMUXJPoUDJyQ1FdQGSyfnZfwu
u/QhEMPceClkXIsYUt+MzPFy8pagNjJbyJ2JDRPKRThi1aTcaJv2+vC1Jlb/Oo5L
UZqmE9BC5RHGLrF6ucWi94wfYgq79JSG/oDl6DS2XGCNX8n9MFPsPtIThh8KVTsM
XkAYJz8QFSjVKcfA+z9KrvIbxzOuFghYiUf7qHiOuUFcTYIq+uwuUE4YghEhEZ5N
fwo3laGPfWryBZAZcestT3ikbYiALyWTBUFO8ayxT5ff2Vj2KPmwloBkO9PXurE6
AdOmaIqQTsTWAQ==
-----END CERTIFICATE-----