Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          zHuUKB2UIEt+WC9zohgF3lA7QrMTYLtDKluWNNWjnu8=
Subject key identifier:   D3:66:9D:77:08:A3:21:95:1D:E8:CD:8E:B2:0E:F3:A1:29:43:29:DA
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       01977865AD07BD4EB6FFB8DB7892D9563C78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          021B
Signing time:             Mon 16 Jun 2025 11:00:18 +0000
Manifest this update:     Mon 16 Jun 2025 11:00:18 +0000
Manifest next update:     Tue 17 Jun 2025 11:00:18 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: wtNPbK6KalVf5DjIrzR+/DovG9KNb1Fpm8LfUpLGnnU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:65:ad:07:bd:4e:b6:ff:b8:db:78:92:d9:56:3c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Jun 16 11:00:18 2025 GMT
            Not After : Jun 17 11:00:18 2025 GMT
        Subject: CN=d3669d7708a321951de8cd8eb20ef3a1294329da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:be:af:70:a3:37:e3:e0:0d:ab:60:a4:68:eb:
                    d6:43:88:f2:38:c3:1f:3e:4a:a6:97:99:af:89:4c:
                    22:98:83:54:ea:c8:1c:c1:d5:48:f6:84:5f:51:b7:
                    08:51:1f:64:82:d5:76:41:44:5d:f9:fb:5d:4e:0e:
                    10:cd:32:2e:19:e8:d5:05:64:97:44:90:3e:c8:81:
                    6a:4e:3e:d1:db:9a:9d:86:6a:13:b6:69:35:86:1c:
                    5d:23:92:38:73:a5:ad:d5:d0:ed:31:17:b1:62:43:
                    96:e9:a4:a3:26:53:13:e2:c3:ce:72:1c:52:07:6e:
                    f8:c8:40:73:bd:b9:57:d1:91:bf:dc:51:cd:23:03:
                    4e:78:f0:27:ab:a6:6a:b5:22:0c:e3:2a:dc:53:63:
                    00:40:0b:18:06:0e:bd:13:2f:69:b4:5a:60:71:c4:
                    77:f5:70:f7:aa:4e:99:cd:8f:36:f9:0b:0e:39:11:
                    eb:e4:34:e6:0d:90:2f:5f:51:2c:ae:5a:43:04:d4:
                    78:9c:79:f1:f5:95:81:42:61:a3:1b:0e:fe:92:a5:
                    a6:9a:b2:08:9a:92:ba:02:b3:48:ac:8e:f1:7d:05:
                    95:b4:9f:62:33:92:44:7d:1c:32:b7:12:1e:09:8e:
                    3f:1b:8e:2a:b4:b0:52:39:85:0c:71:88:fd:ff:54:
                    d5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:66:9D:77:08:A3:21:95:1D:E8:CD:8E:B2:0E:F3:A1:29:43:29:DA
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:f6:c5:71:5f:44:4b:03:a1:94:c2:62:6f:57:ff:f2:ba:67:
         69:80:ac:dd:1b:ed:8f:b6:fc:2d:65:69:9d:8c:19:da:94:34:
         27:30:c9:d5:0e:31:4b:e9:84:2e:db:9a:b2:92:b8:a6:e3:23:
         75:2a:97:03:fa:eb:58:68:20:7c:96:50:52:7e:f5:72:d9:5e:
         f7:2b:26:0a:e8:75:9e:c6:fc:1a:58:73:e8:88:d6:e1:c0:1c:
         b7:92:04:12:65:2a:cc:0a:9b:d6:07:bd:6f:dc:03:67:63:0c:
         8d:45:38:83:6d:dc:37:af:ee:4e:3f:02:26:e8:51:82:f4:69:
         30:48:f7:97:73:c3:d6:2c:7e:98:65:70:3b:61:a9:f1:c6:e3:
         29:41:4f:77:d9:ff:7b:cb:8e:5d:5c:a0:95:bf:2d:f8:70:46:
         4d:fb:97:a0:b8:b6:99:7a:2c:5d:ac:aa:84:c6:f9:f1:a8:f1:
         f4:47:36:7c:64:c0:50:ab:21:e1:33:99:7a:87:52:c9:88:9e:
         a0:12:b3:b0:75:49:49:a2:54:a1:20:dc:38:ca:72:86:8b:1e:
         a2:d1:e2:a3:e3:4f:ac:fb:aa:fd:c8:dd:e2:07:38:2e:d5:2f:
         5e:36:2e:17:bc:13:d8:69:53:59:a3:88:9a:0d:cf:bd:ba:2a:
         1f:33:dc:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd4Za0HvU62/7jbeJLZVjx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwNjE2MTEwMDE4WhcNMjUwNjE3MTEwMDE4WjAzMTEwLwYDVQQD
EyhkMzY2OWQ3NzA4YTMyMTk1MWRlOGNkOGViMjBlZjNhMTI5NDMyOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL6vcKM34+ANq2CkaOvWQ4jyOMMf
Pkqml5mviUwimINU6sgcwdVI9oRfUbcIUR9kgtV2QURd+ftdTg4QzTIuGejVBWSX
RJA+yIFqTj7R25qdhmoTtmk1hhxdI5I4c6Wt1dDtMRexYkOW6aSjJlMT4sPOchxS
B274yEBzvblX0ZG/3FHNIwNOePAnq6ZqtSIM4yrcU2MAQAsYBg69Ey9ptFpgccR3
9XD3qk6ZzY82+QsOORHr5DTmDZAvX1EsrlpDBNR4nHnx9ZWBQmGjGw7+kqWmmrII
mpK6ArNIrI7xfQWVtJ9iM5JEfRwytxIeCY4/G44qtLBSOYUMcYj9/1TVfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNmnXcIoyGVHejNjrIO86EpQynaMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAafbFcV9E
SwOhlMJib1f/8rpnaYCs3Rvtj7b8LWVpnYwZ2pQ0JzDJ1Q4xS+mELtuaspK4puMj
dSqXA/rrWGggfJZQUn71ctle9ysmCuh1nsb8Glhz6IjW4cAct5IEEmUqzAqb1ge9
b9wDZ2MMjUU4g23cN6/uTj8CJuhRgvRpMEj3l3PD1ix+mGVwO2Gp8cbjKUFPd9n/
e8uOXVyglb8t+HBGTfuXoLi2mXosXayqhMb58ajx9Ec2fGTAUKsh4TOZeodSyYie
oBKzsHVJSaJUoSDcOMpyhoseotHio+NPrPuq/cjd4gc4LtUvXjYuF7wT2GlTWaOI
mg3PvboqHzPcuA==
-----END CERTIFICATE-----