Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          7A7a/0imgT4SokAyysItBFH1Iu927G4QldezYzoiboA=
Subject key identifier:   3E:06:63:0D:3B:E3:C0:A5:F4:3C:78:C0:B1:36:87:FA:B0:5C:10:58
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       01989636DEE8CB4DDD8DC78F5D9D0C07763E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          02AF
Signing time:             Sun 10 Aug 2025 23:00:35 +0000
Manifest this update:     Sun 10 Aug 2025 23:00:35 +0000
Manifest next update:     Mon 11 Aug 2025 23:00:35 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: c6Yw/MT3GOnCfWARxca8MiaVAsoEIqHAOP2GCeHhQJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 23:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:36:de:e8:cb:4d:dd:8d:c7:8f:5d:9d:0c:07:76:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Aug 10 23:00:35 2025 GMT
            Not After : Aug 11 23:00:35 2025 GMT
        Subject: CN=3e06630d3be3c0a5f43c78c0b13687fab05c1058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:74:97:d5:aa:14:cb:10:65:f4:10:30:b1:5b:
                    28:e6:25:65:cc:e0:22:fe:72:0d:13:3f:55:ed:59:
                    e6:b9:2a:25:32:d6:b3:a8:48:4e:2b:6a:02:30:8e:
                    ed:d8:ca:c8:79:2d:6c:7d:e9:b6:5a:b7:b5:a5:4c:
                    0f:9e:1f:ce:5d:4e:d8:3c:e5:da:d1:78:24:b6:92:
                    bd:e6:a3:a0:10:d5:b4:0a:dd:f5:08:5a:eb:a7:4f:
                    93:38:1d:c3:69:66:cc:c4:dc:08:bf:e5:e5:42:a7:
                    8b:22:ee:7b:79:90:e9:b3:7a:d8:c7:82:33:9a:c4:
                    aa:48:67:fb:a2:62:20:f2:47:47:1a:3b:55:cf:00:
                    70:39:11:5e:93:0c:68:d6:0b:2c:09:22:3d:f3:08:
                    a6:96:0a:b6:6a:de:a0:2a:f4:1a:40:e9:3e:97:5a:
                    fb:b5:b9:28:e5:c1:52:df:56:7b:94:4c:0e:bc:a7:
                    3e:d2:2f:e1:83:b5:cc:7d:be:ed:3f:7c:d9:58:59:
                    da:a7:a2:34:6e:d0:23:59:0b:e7:02:0c:de:0e:bf:
                    22:83:7c:7f:a3:aa:6c:b0:1d:55:75:d9:10:e2:a1:
                    a2:37:03:09:13:c7:c4:4b:54:f1:3e:96:bf:29:39:
                    30:e9:4c:1e:84:47:99:60:9c:0b:23:33:57:38:23:
                    5d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:06:63:0D:3B:E3:C0:A5:F4:3C:78:C0:B1:36:87:FA:B0:5C:10:58
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:72:d5:28:af:8a:25:4f:a0:de:e1:4e:a9:44:ff:4c:f6:3b:
         1f:1c:ff:1d:5e:f7:04:98:8c:a5:e0:da:2f:cc:0f:28:7a:19:
         bb:f3:e2:c0:e6:22:de:20:20:9f:97:4f:32:43:f7:4d:f5:5f:
         7c:97:5e:11:9b:d2:0d:06:93:40:f2:3e:6e:fb:7a:03:34:29:
         63:97:d1:6f:0d:60:66:ce:1f:f9:c5:2f:a9:df:bd:b2:c1:56:
         b2:41:f6:17:4f:52:91:e7:30:ca:b0:de:cb:1f:c2:48:dd:60:
         c8:fc:50:9e:a1:a8:5c:aa:76:dc:b2:42:c1:e2:5e:fe:8b:8a:
         9b:14:23:42:65:e5:cd:a5:ab:09:c0:a9:1c:c7:65:73:f6:15:
         20:d1:bf:af:18:56:e0:03:c8:4a:b9:a8:e6:a8:b8:58:dd:99:
         25:dd:20:0d:cd:82:48:76:38:69:6b:26:f0:aa:b0:2d:30:bd:
         26:80:19:f8:58:a9:ca:55:c9:34:66:71:c8:b1:02:d7:36:77:
         1b:83:75:d8:99:e3:2d:6d:c6:57:aa:c5:be:90:4b:1b:f0:59:
         a8:fc:35:24:22:12:fd:13:3a:42:5c:b0:b0:4b:a4:61:53:ae:
         f2:7e:f0:ee:44:7e:f1:0d:9f:42:26:a1:42:2d:1a:01:ed:e4:
         cb:d0:6e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWNt7oy03djcePXZ0MB3Y+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUwODEwMjMwMDM1WhcNMjUwODExMjMwMDM1WjAzMTEwLwYDVQQD
EygzZTA2NjMwZDNiZTNjMGE1ZjQzYzc4YzBiMTM2ODdmYWIwNWMxMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnSX1aoUyxBl9BAwsVso5iVlzOAi
/nINEz9V7VnmuSolMtazqEhOK2oCMI7t2MrIeS1sfem2Wre1pUwPnh/OXU7YPOXa
0XgktpK95qOgENW0Ct31CFrrp0+TOB3DaWbMxNwIv+XlQqeLIu57eZDps3rYx4Iz
msSqSGf7omIg8kdHGjtVzwBwORFekwxo1gssCSI98wimlgq2at6gKvQaQOk+l1r7
tbko5cFS31Z7lEwOvKc+0i/hg7XMfb7tP3zZWFnap6I0btAjWQvnAgzeDr8ig3x/
o6pssB1VddkQ4qGiNwMJE8fES1TxPpa/KTkw6UwehEeZYJwLIzNXOCNd9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4GYw0748Cl9Dx4wLE2h/qwXBBYMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXLVKK+K
JU+g3uFOqUT/TPY7Hxz/HV73BJiMpeDaL8wPKHoZu/PiwOYi3iAgn5dPMkP3TfVf
fJdeEZvSDQaTQPI+bvt6AzQpY5fRbw1gZs4f+cUvqd+9ssFWskH2F09SkecwyrDe
yx/CSN1gyPxQnqGoXKp23LJCweJe/ouKmxQjQmXlzaWrCcCpHMdlc/YVING/rxhW
4APISrmo5qi4WN2ZJd0gDc2CSHY4aWsm8KqwLTC9JoAZ+FipylXJNGZxyLEC1zZ3
G4N12JnjLW3GV6rFvpBLG/BZqPw1JCIS/RM6QlywsEukYVOu8n7w7kR+8Q2fQiah
Qi0aAe3ky9BuKw==
-----END CERTIFICATE-----