Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          eTMzITTEFOdcSWwO2JVdxQH/tsk5rYZ42UoDbXk+VCA=
Subject key identifier:   F8:2F:80:C5:EB:49:D3:53:1B:83:80:49:39:C2:22:31:30:79:2E:A3
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       01987D8C073B06D1AD42F37A0E384B5621B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0F21
Signing time:             Wed 06 Aug 2025 04:03:05 +0000
Manifest this update:     Wed 06 Aug 2025 04:03:05 +0000
Manifest next update:     Thu 07 Aug 2025 04:03:05 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: DNbCmaBIw31P2xgIWjPqXHx3zMC4WR43+SI5DfTJCt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:03:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8c:07:3b:06:d1:ad:42:f3:7a:0e:38:4b:56:21:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Aug  6 04:03:05 2025 GMT
            Not After : Aug  7 04:03:05 2025 GMT
        Subject: CN=f82f80c5eb49d3531b83804939c2223130792ea3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d2:2f:53:f5:e0:8b:98:0a:47:95:09:ab:e9:
                    13:0d:38:e4:a1:dc:d0:52:76:1d:10:5e:19:f8:55:
                    34:49:c3:b0:a6:f0:09:dd:52:98:c7:87:82:73:bf:
                    93:4d:17:89:f1:c6:3e:14:c1:66:3b:70:87:53:24:
                    49:37:20:38:be:9e:a5:1d:38:14:18:9c:22:4c:da:
                    5f:20:2b:20:db:15:93:d3:bb:5b:da:2c:8d:6e:ff:
                    86:73:4c:eb:87:5d:f2:9a:17:a3:ff:56:14:4f:03:
                    3f:7b:91:37:4f:6b:43:c1:b0:00:52:5e:8e:ed:2e:
                    df:63:58:90:9d:82:9b:7e:30:90:b3:4d:ad:74:1e:
                    81:e5:ef:8b:7b:90:8c:07:fa:d6:b2:bb:01:bb:86:
                    d6:4b:44:45:94:9a:86:f9:1f:4a:93:19:ae:ab:7c:
                    7a:82:2c:50:1a:0e:b8:60:e9:a0:43:70:67:78:8a:
                    cb:26:10:30:3c:5e:8d:4b:56:f7:c9:94:46:c2:54:
                    37:93:1a:23:2c:27:3f:f7:8e:7a:ca:95:5f:a7:4c:
                    2a:69:82:50:be:ae:51:16:42:12:27:0c:29:55:9c:
                    ba:8f:6a:84:2a:44:cf:fe:ef:a6:c5:7c:2b:1f:0d:
                    14:df:61:52:b4:eb:dc:f1:8f:bb:37:f7:02:59:7a:
                    ef:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:2F:80:C5:EB:49:D3:53:1B:83:80:49:39:C2:22:31:30:79:2E:A3
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:01:fb:b6:90:a6:cd:7f:cd:dc:25:ac:ce:aa:3c:d5:ca:f5:
         98:0d:bc:08:a6:66:36:03:5d:06:fb:42:b7:21:b7:14:28:36:
         f4:f0:56:8f:4b:8b:9d:30:92:49:b9:a2:a9:fc:d6:6f:fb:c7:
         e4:65:af:f6:7b:fd:ef:ad:ef:d8:10:61:cd:7c:4a:87:95:47:
         3a:a1:31:32:e6:c9:83:c8:97:21:a0:eb:d7:1e:3e:61:57:35:
         97:ca:d8:ec:9c:5c:f8:30:8a:1d:95:bd:3e:01:2c:27:89:b2:
         79:1f:db:4d:d4:5e:0b:52:c0:ff:4c:6e:18:4c:bb:d5:e8:0d:
         b8:c9:77:1e:3a:38:83:86:aa:e0:89:4c:99:26:d0:fa:e5:8f:
         65:1e:7a:96:e1:df:05:29:09:e8:28:78:96:22:2a:24:f5:d9:
         76:10:d2:fd:a2:17:af:ae:df:5e:7e:4a:16:df:7b:28:bb:dc:
         94:f9:5b:09:17:6d:fc:93:e8:ee:d1:a7:dd:5a:0e:85:eb:c9:
         45:c6:c2:ed:c8:e0:ea:8a:b4:e3:29:ab:a7:54:df:9c:a3:9a:
         ae:8f:16:8c:74:4f:33:40:89:c6:9c:47:52:06:f5:a3:23:be:
         2c:cc:36:eb:6f:ed:b6:1f:6f:b7:71:8a:f3:66:8b:e1:b6:8c:
         61:be:83:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9jAc7BtGtQvN6DjhLViGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUwODA2MDQwMzA1WhcNMjUwODA3MDQwMzA1WjAzMTEwLwYDVQQD
EyhmODJmODBjNWViNDlkMzUzMWI4MzgwNDkzOWMyMjIzMTMwNzkyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9IvU/Xgi5gKR5UJq+kTDTjkodzQ
UnYdEF4Z+FU0ScOwpvAJ3VKYx4eCc7+TTReJ8cY+FMFmO3CHUyRJNyA4vp6lHTgU
GJwiTNpfICsg2xWT07tb2iyNbv+Gc0zrh13ymhej/1YUTwM/e5E3T2tDwbAAUl6O
7S7fY1iQnYKbfjCQs02tdB6B5e+Le5CMB/rWsrsBu4bWS0RFlJqG+R9Kkxmuq3x6
gixQGg64YOmgQ3BneIrLJhAwPF6NS1b3yZRGwlQ3kxojLCc/9456ypVfp0wqaYJQ
vq5RFkISJwwpVZy6j2qEKkTP/u+mxXwrHw0U32FStOvc8Y+7N/cCWXrv+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgvgMXrSdNTG4OASTnCIjEweS6jMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQH7tpCm
zX/N3CWszqo81cr1mA28CKZmNgNdBvtCtyG3FCg29PBWj0uLnTCSSbmiqfzWb/vH
5GWv9nv9763v2BBhzXxKh5VHOqExMubJg8iXIaDr1x4+YVc1l8rY7Jxc+DCKHZW9
PgEsJ4myeR/bTdReC1LA/0xuGEy71egNuMl3Hjo4g4aq4IlMmSbQ+uWPZR56luHf
BSkJ6Ch4liIqJPXZdhDS/aIXr67fXn5KFt97KLvclPlbCRdt/JPo7tGn3VoOhevJ
RcbC7cjg6oq04ymrp1TfnKOaro8WjHRPM0CJxpxHUgb1oyO+LMw262/tth9vt3GK
82aL4baMYb6Dvw==
-----END CERTIFICATE-----