Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          56KM49IECM+0EUx4h9vFNKmcJetZR/ZNSyVpwWp4pls=
Subject key identifier:   D3:44:C3:A1:7E:08:BC:1F:6C:B0:38:D3:98:AE:7D:0D:15:45:14:81
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       0197B77CCFDE0EA24A2C5FDC6FD4F97A9E10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          12D7
Signing time:             Sat 28 Jun 2025 17:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:39 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: Er7rrAQjbNSXWpMJl4e+0VZkpenT71PJRWt79tOiX7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:cf:de:0e:a2:4a:2c:5f:dc:6f:d4:f9:7a:9e:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: Jun 28 17:01:39 2025 GMT
            Not After : Jun 29 17:01:39 2025 GMT
        Subject: CN=d344c3a17e08bc1f6cb038d398ae7d0d15451481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:43:7a:a8:35:d4:8d:be:37:fc:cb:2d:1b:3d:
                    2a:ba:55:fb:46:da:c6:e1:41:a9:74:57:51:2a:4b:
                    14:91:25:99:8a:d1:53:1a:89:df:d1:ea:f2:e6:08:
                    76:32:b4:48:f8:2c:49:4c:0d:f8:b6:e7:ed:40:4f:
                    13:bb:2f:e3:a8:c3:4c:5b:a0:b8:ad:d4:be:90:5c:
                    dd:bb:c4:34:93:9b:4f:f3:e2:17:3c:3b:ee:dc:1c:
                    0e:05:a3:40:68:e5:f8:f7:62:8e:81:18:5c:53:ff:
                    a9:1d:22:33:db:5e:6c:f1:54:b1:03:ec:2e:4c:cb:
                    dc:cd:55:f7:8e:d5:e2:38:27:5e:93:b3:cf:8a:c8:
                    57:5b:b9:ba:d7:84:7f:b4:a9:a8:6d:e0:eb:77:80:
                    50:ec:27:80:df:5f:d6:2e:a8:4c:99:ff:69:40:58:
                    24:db:c7:83:eb:60:58:57:df:4d:5a:09:1c:2c:f4:
                    ee:08:f4:1a:23:e0:e5:65:20:59:bf:65:7f:2e:aa:
                    5d:e8:3b:1a:f7:de:62:3d:05:ac:08:31:2b:81:f7:
                    75:20:9d:63:c9:08:ec:ed:14:3f:29:eb:d8:52:77:
                    a0:c0:e6:29:c9:b0:f5:8d:a8:91:48:27:91:1e:ae:
                    2b:ca:73:47:0d:45:71:75:57:cd:e7:e0:b8:c8:b1:
                    fa:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:44:C3:A1:7E:08:BC:1F:6C:B0:38:D3:98:AE:7D:0D:15:45:14:81
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:80:44:b2:2c:b6:c5:2d:4e:87:c7:5d:10:fa:2f:77:90:b6:
         ea:76:49:45:a0:84:88:4d:d5:dd:b5:df:94:25:97:a7:1e:20:
         4f:12:95:4a:42:6b:5d:d2:00:51:cf:24:4a:98:24:2c:27:87:
         0f:30:5f:b0:d0:95:52:58:53:36:d5:b4:6d:2b:f0:72:cb:ec:
         2b:7b:12:e3:87:c3:c2:38:a1:6e:bf:62:e9:77:91:71:c1:e1:
         36:89:68:49:33:9f:6b:cc:be:40:c0:4a:f6:4a:b2:51:dd:88:
         4a:14:d3:f7:2b:88:2e:f9:49:6e:bb:4b:a6:53:6c:5d:c3:ef:
         d0:6f:1d:2c:7f:38:67:34:2d:de:4d:25:8b:f3:bc:9d:47:1f:
         e2:78:1a:20:26:c4:c7:6c:36:6f:fa:ee:bf:7b:35:ab:22:71:
         a8:a5:05:e8:89:15:e9:2b:01:0d:97:af:a9:42:cc:e0:17:83:
         75:0b:8f:4e:22:62:48:c2:54:6e:5f:8e:1a:f5:e3:a2:8a:7c:
         9e:8b:a2:29:da:53:93:8f:82:0f:6d:cc:32:8a:2b:98:fe:26:
         6a:4f:28:ba:76:81:4c:3f:e7:26:cd:4f:ec:64:f0:9b:2b:d7:
         b8:df:a0:48:6e:88:47:6e:0a:9f:73:4b:39:47:ab:71:bf:c8:
         9d:26:c1:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fM/eDqJKLF/cb9T5ep4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjUwNjI4MTcwMTM5WhcNMjUwNjI5MTcwMTM5WjAzMTEwLwYDVQQD
EyhkMzQ0YzNhMTdlMDhiYzFmNmNiMDM4ZDM5OGFlN2QwZDE1NDUxNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0N6qDXUjb43/MstGz0qulX7RtrG
4UGpdFdRKksUkSWZitFTGonf0ery5gh2MrRI+CxJTA34tuftQE8Tuy/jqMNMW6C4
rdS+kFzdu8Q0k5tP8+IXPDvu3BwOBaNAaOX492KOgRhcU/+pHSIz215s8VSxA+wu
TMvczVX3jtXiOCdek7PPishXW7m614R/tKmobeDrd4BQ7CeA31/WLqhMmf9pQFgk
28eD62BYV99NWgkcLPTuCPQaI+DlZSBZv2V/Lqpd6Dsa995iPQWsCDErgfd1IJ1j
yQjs7RQ/KevYUnegwOYpybD1jaiRSCeRHq4rynNHDUVxdVfN5+C4yLH68QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNEw6F+CLwfbLA405iufQ0VRRSBMB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqYBEsiy2
xS1Oh8ddEPovd5C26nZJRaCEiE3V3bXflCWXpx4gTxKVSkJrXdIAUc8kSpgkLCeH
DzBfsNCVUlhTNtW0bSvwcsvsK3sS44fDwjihbr9i6XeRccHhNoloSTOfa8y+QMBK
9kqyUd2IShTT9yuILvlJbrtLplNsXcPv0G8dLH84ZzQt3k0li/O8nUcf4ngaICbE
x2w2b/ruv3s1qyJxqKUF6IkV6SsBDZevqULM4BeDdQuPTiJiSMJUbl+OGvXjoop8
nouiKdpTk4+CD23MMoormP4mak8ounaBTD/nJs1P7GTwmyvXuN+gSG6IR24Kn3NL
OUercb/InSbBhg==
-----END CERTIFICATE-----