Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
File:                     2yNWAARVt7WJTO0UaYWgqIifnkw.mft (raw, json)
Hash identifier:          wKYfqaGmFFZeap7xg9FqiSfLsFznq6h68E38mLSZSzo=
Subject key identifier:   01:DE:D3:CA:71:6E:3C:3E:C9:A8:08:E0:FD:64:E9:BD:D5:15:CD:D5
Authority key identifier: DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
Certificate issuer:       /CN=db2356000455b7b5894ced146985a0a8889f9e4c
Certificate serial:       019771BF12C107D799B7ADA887DDB50467B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
Manifest number:          13AC
Signing time:             Sun 15 Jun 2025 04:00:36 +0000
Manifest this update:     Sun 15 Jun 2025 04:00:36 +0000
Manifest next update:     Mon 16 Jun 2025 04:00:36 +0000
Files and hashes:         1: 2yNWAARVt7WJTO0UaYWgqIifnkw.crl (hash: QR7hZn1vkExeqzbscmcbKP+cNDI9LR8LNOjfegfAPxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:12:c1:07:d7:99:b7:ad:a8:87:dd:b5:04:67:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db2356000455b7b5894ced146985a0a8889f9e4c
        Validity
            Not Before: Jun 15 04:00:36 2025 GMT
            Not After : Jun 16 04:00:36 2025 GMT
        Subject: CN=01ded3ca716e3c3ec9a808e0fd64e9bdd515cdd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:25:c1:ea:96:ae:d7:d9:c0:79:d4:33:18:f7:
                    4b:6b:0b:96:d7:15:bb:73:97:33:c8:74:9e:4f:31:
                    31:23:fe:06:16:d2:4a:e6:f8:09:e0:ce:d9:00:2d:
                    71:b9:55:30:d4:32:af:c0:0a:a4:76:96:f7:b3:84:
                    db:35:06:2d:ef:f4:5d:ab:30:f7:70:f9:37:4a:fb:
                    cf:54:94:86:7e:b2:b7:3b:a6:e9:0f:12:ce:af:73:
                    24:c7:67:8b:33:2c:3b:32:37:c6:74:e9:f3:6e:3a:
                    0a:71:30:71:49:ec:76:26:16:23:7b:a5:a1:f0:40:
                    30:fd:fe:51:80:13:aa:48:c7:88:41:4c:84:50:b5:
                    89:73:c1:0d:b8:77:b1:3a:c2:65:d7:08:41:56:86:
                    4c:fe:34:07:ab:01:70:e7:b8:28:25:4a:a2:fc:f1:
                    ed:06:da:ea:99:d4:48:94:17:f9:e1:e3:bf:9b:62:
                    4c:34:53:2d:3e:22:bc:79:ce:e0:c0:df:92:ca:5e:
                    11:39:05:80:d6:34:2c:ac:de:21:15:7b:5e:fc:64:
                    06:45:77:ca:f4:70:72:c5:7e:a8:27:c2:d6:0a:de:
                    52:28:27:01:58:f8:bc:98:e0:26:62:fe:7d:f9:11:
                    13:24:1c:13:d5:9d:f7:2b:51:93:e6:01:39:43:d0:
                    40:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:DE:D3:CA:71:6E:3C:3E:C9:A8:08:E0:FD:64:E9:BD:D5:15:CD:D5
            X509v3 Authority Key Identifier:
                keyid:DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:2f:b9:6f:01:80:67:02:c5:6a:20:f5:cb:51:31:b7:2b:69:
         01:c0:91:64:4f:92:5d:82:3a:0d:1a:29:55:46:1e:2a:83:8d:
         ee:10:00:82:a2:73:ff:d9:c4:aa:f7:13:58:14:d5:58:94:14:
         a0:f6:98:f6:e6:18:fa:63:b4:b4:16:96:01:cf:87:9f:05:bb:
         d8:b2:dc:a8:2d:0a:bc:25:a2:d9:05:07:a9:88:1e:f1:0f:a8:
         18:80:78:d0:52:85:b4:b2:16:c8:0f:9b:32:a8:b1:b0:cc:23:
         77:bf:63:2e:5f:bb:f6:8a:e4:1d:5c:14:6f:c3:9d:c5:7f:bb:
         55:0d:b7:e4:99:6e:72:0f:8a:c7:1a:cf:6d:11:cb:b5:11:5e:
         7d:f2:8c:08:0b:28:ef:71:d7:75:62:d4:ed:81:da:da:a8:aa:
         5e:03:20:f7:df:8a:c1:28:be:f9:77:19:26:97:96:bd:44:3e:
         8c:bf:ad:93:3e:1b:6d:b6:c2:ed:df:36:94:4e:7e:2f:1b:df:
         36:e1:50:2b:c9:28:94:0f:b0:58:4d:57:e7:da:56:da:e8:68:
         6d:cd:d3:f0:e3:01:e8:18:be:88:e2:a9:17:e2:ef:4e:7c:32:
         4b:74:7a:33:e3:11:f3:c5:45:72:1a:d8:65:8e:7c:b0:15:0a:
         98:42:7d:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxvxLBB9eZt62oh921BGezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM1NjAwMDQ1NWI3YjU4OTRjZWQxNDY5ODVhMGE4ODg5
ZjllNGMwHhcNMjUwNjE1MDQwMDM2WhcNMjUwNjE2MDQwMDM2WjAzMTEwLwYDVQQD
EygwMWRlZDNjYTcxNmUzYzNlYzlhODA4ZTBmZDY0ZTliZGQ1MTVjZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiXB6pau19nAedQzGPdLawuW1xW7
c5czyHSeTzExI/4GFtJK5vgJ4M7ZAC1xuVUw1DKvwAqkdpb3s4TbNQYt7/RdqzD3
cPk3SvvPVJSGfrK3O6bpDxLOr3Mkx2eLMyw7MjfGdOnzbjoKcTBxSex2JhYje6Wh
8EAw/f5RgBOqSMeIQUyEULWJc8ENuHexOsJl1whBVoZM/jQHqwFw57goJUqi/PHt
BtrqmdRIlBf54eO/m2JMNFMtPiK8ec7gwN+Syl4ROQWA1jQsrN4hFXte/GQGRXfK
9HByxX6oJ8LWCt5SKCcBWPi8mOAmYv59+RETJBwT1Z33K1GT5gE5Q9BA6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHe08pxbjw+yagI4P1k6b3VFc3VMB8GA1UdIwQY
MBaAFNsjVgAEVbe1iUztFGmFoKiIn55MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEt
NDg2MzkxMTQxMmZhLzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEtNDg2MzkxMTQxMmZh
LzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYi+5bwGA
ZwLFaiD1y1ExtytpAcCRZE+SXYI6DRopVUYeKoON7hAAgqJz/9nEqvcTWBTVWJQU
oPaY9uYY+mO0tBaWAc+HnwW72LLcqC0KvCWi2QUHqYge8Q+oGIB40FKFtLIWyA+b
MqixsMwjd79jLl+79orkHVwUb8OdxX+7VQ235Jlucg+KxxrPbRHLtRFeffKMCAso
73HXdWLU7YHa2qiqXgMg99+KwSi++XcZJpeWvUQ+jL+tkz4bbbbC7d82lE5+Lxvf
NuFQK8kolA+wWE1X59pW2uhobc3T8OMB6Bi+iOKpF+LvTnwyS3R6M+MR88VFchrY
ZY58sBUKmEJ9IA==
-----END CERTIFICATE-----