Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          Rqt4MSe+a0XQmnwAR4LjC12Xgz15sYV09hhmM5mg5Kw=
Subject key identifier:   71:F1:A1:BF:51:C9:CD:42:8F:88:F6:EA:B0:EC:9D:6C:C1:79:83:64
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       019882B06980A57DFE4517E21FAF11F42A70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          10EA
Signing time:             Thu 07 Aug 2025 04:00:55 +0000
Manifest this update:     Thu 07 Aug 2025 04:00:55 +0000
Manifest next update:     Fri 08 Aug 2025 04:00:55 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: /ghx5QV4JZmt89+Eas3Q/mtPlDVbGohB/k+O8DfdQVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 23:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:b0:69:80:a5:7d:fe:45:17:e2:1f:af:11:f4:2a:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Aug  7 04:00:55 2025 GMT
            Not After : Aug  8 04:00:55 2025 GMT
        Subject: CN=71f1a1bf51c9cd428f88f6eab0ec9d6cc1798364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:22:e0:48:da:8c:0d:57:db:28:1a:fd:c1:3e:
                    44:18:07:34:26:36:4c:6a:8e:04:00:d3:b6:c2:39:
                    20:ca:e1:ef:96:da:83:66:45:11:bc:a9:e1:bf:3f:
                    70:4b:ce:5f:04:a1:0b:b8:76:12:31:c7:84:6e:ec:
                    45:5e:ad:ad:bc:89:f6:c8:9f:3a:c3:60:99:59:4b:
                    15:74:66:dd:1c:db:39:fd:3e:75:94:f8:a2:86:34:
                    bc:a6:37:fc:cb:27:91:ed:47:f1:c1:78:21:44:1d:
                    86:5e:5d:2b:2e:56:37:68:28:9f:64:a1:28:ce:f5:
                    f5:b6:72:84:88:38:52:e4:05:c0:ca:68:df:af:9a:
                    64:68:61:37:8f:07:9a:03:d8:be:52:b2:0a:83:fb:
                    1a:06:eb:9d:ff:6e:c5:92:e7:bc:3e:c8:67:79:8c:
                    12:16:c5:6b:09:45:61:fd:69:b3:69:25:1a:fe:93:
                    1c:e9:fb:39:26:15:d2:50:57:fc:a5:a1:71:1a:8f:
                    6f:2b:1c:82:05:22:4f:0b:8b:aa:4d:03:65:74:56:
                    b0:04:e3:9d:2d:62:e3:36:53:a8:d9:b4:5c:81:bf:
                    5a:49:d5:10:9c:29:0d:dd:d9:4e:e7:6d:72:ae:62:
                    8f:85:28:64:5d:46:3d:12:11:5f:f8:33:01:de:eb:
                    9d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:F1:A1:BF:51:C9:CD:42:8F:88:F6:EA:B0:EC:9D:6C:C1:79:83:64
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:e1:26:f1:79:9f:f6:09:0d:73:1a:52:d6:5a:0d:c4:d2:e7:
         bc:1b:0a:26:96:e9:f3:af:9a:87:38:28:d7:14:7b:6c:42:91:
         f8:bc:40:8a:f4:0b:df:ab:54:04:d7:16:37:3b:1a:b4:48:1d:
         35:20:9f:5b:34:36:66:36:4d:99:2c:c2:bc:63:54:fe:fa:11:
         03:70:4a:79:d3:e5:13:5f:4a:41:b9:ef:26:a1:e6:31:60:23:
         67:89:f3:6e:2b:69:53:b0:9b:b8:d7:14:0b:42:e6:fe:5c:c6:
         fb:e6:33:b2:4e:f1:78:3e:a0:98:cc:04:0b:39:60:98:9d:68:
         ee:38:dc:14:ac:ec:26:fb:32:df:9a:0c:1c:0a:8f:4e:c2:e7:
         6e:92:0e:28:b8:ea:59:4a:b3:ba:e4:01:e1:83:9e:c4:f5:53:
         0c:23:57:54:de:b2:01:99:e2:83:2e:4d:7b:d7:d2:15:c8:6a:
         f0:00:57:86:5d:33:a9:d7:f7:83:57:af:03:9e:59:01:b6:17:
         ee:aa:ec:2d:83:06:5c:47:a9:60:8c:42:9f:73:4f:cf:0b:14:
         f6:81:17:eb:e8:2e:9a:94:6d:3e:38:a9:78:08:7e:4d:f8:44:
         e6:2b:d0:79:89:6d:2e:e1:db:e9:f2:00:87:80:a6:37:a4:a9:
         22:2b:1c:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCsGmApX3+RRfiH68R9CpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjUwODA3MDQwMDU1WhcNMjUwODA4MDQwMDU1WjAzMTEwLwYDVQQD
Eyg3MWYxYTFiZjUxYzljZDQyOGY4OGY2ZWFiMGVjOWQ2Y2MxNzk4MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyLgSNqMDVfbKBr9wT5EGAc0JjZM
ao4EANO2wjkgyuHvltqDZkURvKnhvz9wS85fBKELuHYSMceEbuxFXq2tvIn2yJ86
w2CZWUsVdGbdHNs5/T51lPiihjS8pjf8yyeR7UfxwXghRB2GXl0rLlY3aCifZKEo
zvX1tnKEiDhS5AXAymjfr5pkaGE3jweaA9i+UrIKg/saBuud/27Fkue8PshneYwS
FsVrCUVh/WmzaSUa/pMc6fs5JhXSUFf8paFxGo9vKxyCBSJPC4uqTQNldFawBOOd
LWLjNlOo2bRcgb9aSdUQnCkN3dlO521yrmKPhShkXUY9EhFf+DMB3uudkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHxob9Ryc1Cj4j26rDsnWzBeYNkMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOEm8Xmf
9gkNcxpS1loNxNLnvBsKJpbp86+ahzgo1xR7bEKR+LxAivQL36tUBNcWNzsatEgd
NSCfWzQ2ZjZNmSzCvGNU/voRA3BKedPlE19KQbnvJqHmMWAjZ4nzbitpU7CbuNcU
C0Lm/lzG++Yzsk7xeD6gmMwECzlgmJ1o7jjcFKzsJvsy35oMHAqPTsLnbpIOKLjq
WUqzuuQB4YOexPVTDCNXVN6yAZnigy5Ne9fSFchq8ABXhl0zqdf3g1evA55ZAbYX
7qrsLYMGXEepYIxCn3NPzwsU9oEX6+gumpRtPjipeAh+TfhE5ivQeYltLuHb6fIA
h4CmN6SpIiscnw==
-----END CERTIFICATE-----