Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
File:                     2Bytep8KCbPVTabNzedDEvrMbXc.mft (raw, json)
Hash identifier:          gjGtJLF7l8j0TRsZYSLayFEuJVcIZMel/JiSlJLNxrE=
Subject key identifier:   D3:4D:23:D3:70:AA:0C:2C:23:AA:3B:E5:E0:10:98:0D:40:9C:B7:C8
Authority key identifier: D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77
Certificate issuer:       /CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
Certificate serial:       0197B8FD2D264341A0585E19DCD3B4FC2057
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
Manifest number:          0820
Signing time:             Sun 29 Jun 2025 00:01:29 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:29 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:29 +0000
Files and hashes:         1: 2Bytep8KCbPVTabNzedDEvrMbXc.crl (hash: AIO2euO9pZcZv/38oBQ4mriHpm7QLuV476QROcFgBec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:2d:26:43:41:a0:58:5e:19:dc:d3:b4:fc:20:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
        Validity
            Not Before: Jun 29 00:01:29 2025 GMT
            Not After : Jun 30 00:01:29 2025 GMT
        Subject: CN=d34d23d370aa0c2c23aa3be5e010980d409cb7c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:70:11:34:55:47:35:27:bb:97:55:fa:93:82:
                    48:c7:97:42:69:72:ab:fb:a0:21:00:b8:46:37:ee:
                    22:54:97:cc:64:da:20:e1:a0:0e:b8:bd:07:72:cd:
                    cb:4f:5e:0e:dd:ea:b1:f8:56:a8:3d:50:59:c0:0b:
                    da:d5:7f:2e:23:9e:32:ce:59:a7:e0:08:61:cf:d2:
                    be:bf:55:51:34:0c:c9:01:93:68:33:1b:21:84:d7:
                    57:da:25:3c:d3:ee:e7:b8:8c:60:3d:a9:43:81:2e:
                    fb:0f:0a:31:14:79:31:3f:94:bb:dc:31:cb:3a:10:
                    f2:67:88:d9:de:eb:fa:4d:5d:86:98:9a:82:89:d2:
                    65:a6:26:51:d5:f6:b7:d2:b8:fe:e3:3a:0e:82:db:
                    6b:53:27:51:06:58:09:48:49:1d:b1:04:b8:89:36:
                    5c:73:02:1a:25:73:f5:6e:9e:91:28:e6:4f:27:de:
                    52:13:e4:4b:b9:35:53:85:b5:52:db:9a:71:25:6a:
                    dc:d1:ad:a4:e7:c6:ef:5f:37:39:e0:9b:d3:d1:3b:
                    5a:ac:51:27:46:25:b8:85:6a:9a:dc:44:9f:b2:fc:
                    66:9d:cc:c9:49:e3:1f:27:c7:72:18:8c:12:c6:de:
                    e0:8b:6d:50:64:f3:3f:5f:b7:af:2c:93:c0:7b:00:
                    e7:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:4D:23:D3:70:AA:0C:2C:23:AA:3B:E5:E0:10:98:0D:40:9C:B7:C8
            X509v3 Authority Key Identifier:
                keyid:D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:15:ce:38:66:47:96:7e:a8:08:57:ed:00:f7:5b:36:71:61:
         63:72:66:f4:6b:90:0c:53:8d:c7:93:c3:1f:5b:80:f7:ac:24:
         51:c7:99:4c:ba:21:8b:a8:66:f2:14:81:77:c1:cd:26:33:82:
         e4:cb:c1:cd:08:a4:ae:2b:ba:30:67:2c:c0:31:e4:e1:4a:b9:
         5c:dd:bb:d8:3f:c0:5c:f7:ae:14:d2:da:b8:49:41:8c:51:54:
         95:fc:c2:3e:6c:1e:86:56:f0:9e:6d:8f:e7:59:47:2d:06:2a:
         ec:86:07:7a:c8:69:26:83:cc:e5:96:28:78:17:e0:4d:3b:b2:
         91:b5:8a:27:78:53:1d:ae:da:31:b4:5e:60:1a:91:e6:92:a6:
         b1:a5:45:e0:f2:46:31:39:8a:2a:14:73:9c:c4:d5:f8:7c:42:
         ea:97:b2:f4:bb:a1:b0:d5:b8:86:00:8b:eb:7c:f4:a5:2e:9e:
         0a:da:b6:a6:6a:f1:e0:62:cb:c3:b7:aa:3d:24:0d:a6:5f:4f:
         9b:de:da:76:1d:ec:a9:99:67:37:b7:ad:ac:2a:78:83:dc:d4:
         7c:b1:65:9f:d0:00:64:fe:f8:db:53:02:23:5c:91:29:68:bf:
         d8:2d:5f:53:dd:68:b7:02:58:32:2e:9e:28:44:de:1e:aa:47:
         34:0b:bc:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/S0mQ0GgWF4Z3NO0/CBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNhZDdhOWYwYTA5YjNkNTRkYTZjZGNkZTc0MzEyZmFj
YzZkNzcwHhcNMjUwNjI5MDAwMTI5WhcNMjUwNjMwMDAwMTI5WjAzMTEwLwYDVQQD
EyhkMzRkMjNkMzcwYWEwYzJjMjNhYTNiZTVlMDEwOTgwZDQwOWNiN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHARNFVHNSe7l1X6k4JIx5dCaXKr
+6AhALhGN+4iVJfMZNog4aAOuL0Hcs3LT14O3eqx+FaoPVBZwAva1X8uI54yzlmn
4Ahhz9K+v1VRNAzJAZNoMxshhNdX2iU80+7nuIxgPalDgS77DwoxFHkxP5S73DHL
OhDyZ4jZ3uv6TV2GmJqCidJlpiZR1fa30rj+4zoOgttrUydRBlgJSEkdsQS4iTZc
cwIaJXP1bp6RKOZPJ95SE+RLuTVThbVS25pxJWrc0a2k58bvXzc54JvT0TtarFEn
RiW4hWqa3ESfsvxmnczJSeMfJ8dyGIwSxt7gi21QZPM/X7evLJPAewDnbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNNI9NwqgwsI6o75eAQmA1AnLfIMB8GA1UdIwQY
MBaAFNgcrXqfCgmz1U2mzc3nQxL6zG13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAt
ZDNlYTcwN2M4ZjE4LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAtZDNlYTcwN2M4ZjE4
LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhXOOGZH
ln6oCFftAPdbNnFhY3Jm9GuQDFONx5PDH1uA96wkUceZTLohi6hm8hSBd8HNJjOC
5MvBzQikriu6MGcswDHk4Uq5XN272D/AXPeuFNLauElBjFFUlfzCPmwehlbwnm2P
51lHLQYq7IYHeshpJoPM5ZYoeBfgTTuykbWKJ3hTHa7aMbReYBqR5pKmsaVF4PJG
MTmKKhRznMTV+HxC6pey9LuhsNW4hgCL63z0pS6eCtq2pmrx4GLLw7eqPSQNpl9P
m97adh3sqZlnN7etrCp4g9zUfLFln9AAZP7421MCI1yRKWi/2C1fU91otwJYMi6e
KETeHqpHNAu87A==
-----END CERTIFICATE-----