Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          mpOISo8XckScXalkPtA/5kThcxnFU8oXyEbpMCF6Wqk=
Subject key identifier:   A2:3A:16:D8:4E:AA:8D:E6:A5:EC:05:A9:A7:8C:22:17:7C:A2:EE:B6
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       0197B6A03B0A25FBFD950FDCFEC38A1D78D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 13:00:43 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:43 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:43 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: 13W9EVMqDqg162dup5/mEFruJBimWGw4woDpcklMdJo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:3b:0a:25:fb:fd:95:0f:dc:fe:c3:8a:1d:78:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Jun 28 13:00:43 2025 GMT
            Not After : Jun 29 13:00:43 2025 GMT
        Subject: CN=a23a16d84eaa8de6a5ec05a9a78c22177ca2eeb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:85:43:09:89:0d:2d:9c:b7:84:76:0f:72:63:
                    c5:d3:e8:1c:36:43:e4:df:50:b7:f3:36:3c:48:5c:
                    03:7b:f3:3e:c7:f4:86:80:ff:c6:ec:c2:a3:9b:49:
                    cf:cc:49:a7:9a:2e:01:1b:8f:ee:a6:c2:da:27:93:
                    78:3f:c4:98:7c:43:69:c0:a1:13:d5:83:af:f4:f2:
                    6c:d9:18:47:27:46:d2:e0:11:4b:97:55:c0:50:b1:
                    fd:1c:ff:6d:98:34:69:71:45:ba:33:80:e9:bd:4f:
                    6b:4a:3b:f6:d7:c0:9b:bd:df:2f:3d:a7:73:16:41:
                    2d:32:b8:3c:b7:fa:3c:ab:3d:60:7f:b6:ed:08:5f:
                    bf:18:a6:c4:81:c2:20:19:cb:94:74:f5:a3:9c:4d:
                    ea:40:11:e0:c1:1a:a9:90:13:f2:b3:79:6c:04:83:
                    51:94:a2:f5:3a:c7:2b:e4:f6:e8:a5:57:3f:56:8e:
                    be:e8:b0:46:1b:6c:00:27:74:e6:b9:e2:51:1c:45:
                    b2:03:82:df:62:87:24:5d:94:ec:11:8f:c7:01:88:
                    63:f5:31:9b:ea:62:8c:c8:b6:41:d1:20:49:8a:a7:
                    d4:a2:ad:ca:33:74:81:3d:26:d7:0e:cc:58:01:ee:
                    f2:a9:f7:76:3a:ed:bb:0d:e8:fb:f9:f2:ef:85:eb:
                    f3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:3A:16:D8:4E:AA:8D:E6:A5:EC:05:A9:A7:8C:22:17:7C:A2:EE:B6
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:a3:0c:79:d0:7f:e3:fd:32:5f:10:be:94:21:74:8e:86:9f:
         28:6e:53:95:95:9f:18:e9:94:b7:a1:0f:89:59:a3:ad:98:72:
         2d:4c:3e:fa:10:ae:eb:41:5c:78:7d:8b:37:a2:3b:d1:7d:21:
         b9:e0:d9:ca:86:0b:91:df:7e:0b:86:64:dd:b2:82:f1:59:eb:
         f4:e6:a4:4b:a3:3c:a5:63:a0:7e:c8:6e:3a:13:bc:4e:27:27:
         4d:e6:ba:a1:5f:81:b4:90:83:63:97:05:eb:5b:93:00:34:1c:
         cf:25:d1:4e:74:c7:f6:77:d7:0b:4a:f8:d7:3b:3c:9d:0e:7e:
         79:bc:fb:7e:25:a1:d0:19:0d:d7:1b:26:60:81:a7:07:09:36:
         cb:c0:86:42:1c:98:5e:64:58:70:25:10:36:f7:10:29:02:20:
         f4:1b:84:21:00:17:e1:a8:0c:a4:a1:d9:34:4a:ec:28:d1:c8:
         60:3b:03:83:97:b9:b5:5e:4e:24:b4:fd:80:02:0a:7b:8c:90:
         37:96:0e:f6:72:a1:de:a4:ca:18:dd:34:a1:c6:62:cb:20:d6:
         6c:a4:5a:e9:b9:0d:d5:6d:58:6c:6a:e7:0c:73:85:06:28:e1:
         90:36:40:8c:69:5e:40:22:62:ef:f6:1d:1e:0f:b8:09:dd:a5:
         92:74:8f:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oDsKJfv9lQ/c/sOKHXjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwNjI4MTMwMDQzWhcNMjUwNjI5MTMwMDQzWjAzMTEwLwYDVQQD
EyhhMjNhMTZkODRlYWE4ZGU2YTVlYzA1YTlhNzhjMjIxNzdjYTJlZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoVDCYkNLZy3hHYPcmPF0+gcNkPk
31C38zY8SFwDe/M+x/SGgP/G7MKjm0nPzEmnmi4BG4/upsLaJ5N4P8SYfENpwKET
1YOv9PJs2RhHJ0bS4BFLl1XAULH9HP9tmDRpcUW6M4DpvU9rSjv218Cbvd8vPadz
FkEtMrg8t/o8qz1gf7btCF+/GKbEgcIgGcuUdPWjnE3qQBHgwRqpkBPys3lsBINR
lKL1Oscr5PbopVc/Vo6+6LBGG2wAJ3TmueJRHEWyA4LfYockXZTsEY/HAYhj9TGb
6mKMyLZB0SBJiqfUoq3KM3SBPSbXDsxYAe7yqfd2Ou27Dej7+fLvhevziwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI6FthOqo3mpewFqaeMIhd8ou62MB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyKMMedB/
4/0yXxC+lCF0joafKG5TlZWfGOmUt6EPiVmjrZhyLUw++hCu60FceH2LN6I70X0h
ueDZyoYLkd9+C4Zk3bKC8Vnr9OakS6M8pWOgfshuOhO8TicnTea6oV+BtJCDY5cF
61uTADQczyXRTnTH9nfXC0r41zs8nQ5+ebz7fiWh0BkN1xsmYIGnBwk2y8CGQhyY
XmRYcCUQNvcQKQIg9BuEIQAX4agMpKHZNErsKNHIYDsDg5e5tV5OJLT9gAIKe4yQ
N5YO9nKh3qTKGN00ocZiyyDWbKRa6bkN1W1YbGrnDHOFBijhkDZAjGleQCJi7/Yd
Hg+4Cd2lknSPZw==
-----END CERTIFICATE-----