Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          sst1L5AJdMh/9kcJ9OhqzMCoY5XJOLcDSWIfGCCgxi8=
Subject key identifier:   B3:4C:25:F1:82:95:EA:AD:0D:3C:01:7A:0B:61:1B:17:8C:A3:19:3D
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       01977B9E0A51810212F681D03B03680A85A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          09A3
Signing time:             Tue 17 Jun 2025 02:00:44 +0000
Manifest this update:     Tue 17 Jun 2025 02:00:44 +0000
Manifest next update:     Wed 18 Jun 2025 02:00:44 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: vJHdxFDwb/YO/YgNCKxmy5ZBLwTlW1pXY5ZIPWOnv6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 21:51:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7b:9e:0a:51:81:02:12:f6:81:d0:3b:03:68:0a:85:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Jun 17 02:00:44 2025 GMT
            Not After : Jun 18 02:00:44 2025 GMT
        Subject: CN=b34c25f18295eaad0d3c017a0b611b178ca3193d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:32:a0:57:00:31:ed:90:25:cc:8d:a4:51:bd:
                    e2:da:5e:2c:2d:19:de:6f:18:b8:99:12:75:77:27:
                    10:06:94:b7:ef:c9:f9:9e:90:0a:a4:ee:74:d9:77:
                    ab:42:01:eb:df:ef:01:be:2c:17:0c:90:78:f6:ec:
                    63:a5:54:d5:59:dc:88:4a:5a:05:d2:2f:1f:fc:cb:
                    7c:35:13:cf:b7:e7:cf:11:29:65:76:7a:e5:7f:e0:
                    97:c5:f0:a0:1a:b0:20:1a:12:5a:21:ee:42:e6:93:
                    47:c5:6b:a9:46:67:30:ea:b2:dc:24:09:40:cb:c0:
                    f9:74:af:95:bd:3a:fd:9b:6f:63:fa:4d:af:94:8d:
                    36:b9:d3:01:db:9d:65:e4:9a:cf:d3:6d:81:c3:15:
                    2d:05:76:64:c2:8d:f5:13:4c:4a:9a:1c:09:45:a5:
                    2e:5b:d4:aa:fe:3b:81:15:f7:72:6b:5e:6e:9f:e3:
                    db:b3:97:15:06:14:e9:1b:3c:ef:e1:46:92:34:71:
                    75:0e:ab:e1:c2:1b:ef:d7:99:3e:d9:af:5e:0a:86:
                    63:f6:65:95:36:69:af:fd:fe:9e:6f:6e:16:75:04:
                    51:33:ef:49:e5:0d:d6:d7:6b:ad:a1:bc:d9:a7:69:
                    6a:9d:75:c9:97:91:95:38:ff:24:8d:81:91:4c:5d:
                    73:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:4C:25:F1:82:95:EA:AD:0D:3C:01:7A:0B:61:1B:17:8C:A3:19:3D
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:36:2f:fb:75:52:78:7c:0d:11:48:4a:c9:27:1b:09:c6:cf:
         4a:24:96:c8:6d:29:8f:76:80:84:c9:aa:36:32:82:b8:7c:ab:
         e4:15:69:f4:70:f0:79:0d:da:87:ca:63:0d:30:c6:04:ee:c0:
         e8:cd:42:d9:07:bd:1a:30:74:2f:d0:28:ef:88:53:6e:75:db:
         33:28:b8:6e:9a:12:3a:fe:d9:37:7a:57:29:b5:a5:db:d6:bb:
         74:58:d5:58:db:6c:5c:ef:d0:16:f6:b1:b4:39:67:9b:3c:b7:
         fb:cb:f2:da:96:ce:12:6e:5a:4e:22:8b:4e:79:59:d7:15:f2:
         ba:33:79:c4:9a:4f:d5:82:88:8c:ca:0a:81:fc:3a:da:2e:1e:
         81:46:28:c8:90:53:99:f1:44:58:3d:dc:a3:65:02:e2:d7:f6:
         d7:8d:ec:a4:80:11:68:71:46:89:1a:02:c2:0b:a6:5a:1c:6c:
         2d:fb:36:36:c5:ad:c8:0c:d0:db:d2:7e:c0:6d:f6:87:1e:d0:
         40:aa:6e:69:e9:5a:e5:d6:9a:b7:f6:5a:d4:75:3e:f7:8d:91:
         3f:2a:39:82:87:2d:38:f1:cd:50:f3:cf:82:8a:95:06:b5:c6:
         d2:e9:c7:9f:c5:76:9b:05:a9:d3:ba:67:04:3d:40:98:8e:3c:
         e0:ad:94:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd7ngpRgQIS9oHQOwNoCoWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUwNjE3MDIwMDQ0WhcNMjUwNjE4MDIwMDQ0WjAzMTEwLwYDVQQD
EyhiMzRjMjVmMTgyOTVlYWFkMGQzYzAxN2EwYjYxMWIxNzhjYTMxOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDKgVwAx7ZAlzI2kUb3i2l4sLRne
bxi4mRJ1dycQBpS378n5npAKpO502XerQgHr3+8BviwXDJB49uxjpVTVWdyISloF
0i8f/Mt8NRPPt+fPESlldnrlf+CXxfCgGrAgGhJaIe5C5pNHxWupRmcw6rLcJAlA
y8D5dK+VvTr9m29j+k2vlI02udMB251l5JrP022BwxUtBXZkwo31E0xKmhwJRaUu
W9Sq/juBFfdya15un+Pbs5cVBhTpGzzv4UaSNHF1Dqvhwhvv15k+2a9eCoZj9mWV
Nmmv/f6eb24WdQRRM+9J5Q3W12utobzZp2lqnXXJl5GVOP8kjYGRTF1zbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNMJfGCleqtDTwBegthGxeMoxk9MB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiTYv+3VS
eHwNEUhKyScbCcbPSiSWyG0pj3aAhMmqNjKCuHyr5BVp9HDweQ3ah8pjDTDGBO7A
6M1C2Qe9GjB0L9Ao74hTbnXbMyi4bpoSOv7ZN3pXKbWl29a7dFjVWNtsXO/QFvax
tDlnmzy3+8vy2pbOEm5aTiKLTnlZ1xXyujN5xJpP1YKIjMoKgfw62i4egUYoyJBT
mfFEWD3co2UC4tf2143spIARaHFGiRoCwgumWhxsLfs2NsWtyAzQ29J+wG32hx7Q
QKpuaela5daat/Za1HU+942RPyo5goctOPHNUPPPgoqVBrXG0unHn8V2mwWp07pn
BD1AmI484K2Ucg==
-----END CERTIFICATE-----