Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          SUFlvouLInRmiqFrZ4vKNT9Pn+OT8hYklvlvMw2yNSI=
Subject key identifier:   3B:92:83:1A:0A:DB:1D:F5:70:6C:34:AD:B3:85:42:56:98:49:6B:49
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       01989DF0B893BF000A0273687DE7E2EF0B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          0392
Signing time:             Tue 12 Aug 2025 11:00:55 +0000
Manifest this update:     Tue 12 Aug 2025 11:00:55 +0000
Manifest next update:     Wed 13 Aug 2025 11:00:55 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: eQVkxMgQ4D2ULuui992HIkb/OBSp96stnyHMo20+3fE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 11:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9d:f0:b8:93:bf:00:0a:02:73:68:7d:e7:e2:ef:0b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Aug 12 11:00:55 2025 GMT
            Not After : Aug 13 11:00:55 2025 GMT
        Subject: CN=3b92831a0adb1df5706c34adb385425698496b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:db:ab:97:d9:16:d8:d6:b0:33:d4:52:91:6d:
                    eb:f1:26:b2:44:16:2f:cc:cd:06:49:9d:0e:61:c6:
                    50:3f:ab:e0:5c:45:9f:e9:18:47:cb:b9:5b:d6:43:
                    82:09:91:63:ed:27:cf:c9:16:e2:a5:eb:3f:0d:5b:
                    15:97:33:c2:50:e3:de:ff:1d:f5:d5:43:c0:8b:66:
                    f4:4e:44:d7:6f:48:bf:4b:7e:d0:9d:e0:72:48:e5:
                    62:ed:04:4e:a4:6b:ec:7a:53:ea:00:31:b8:a0:64:
                    05:eb:e1:ef:65:47:84:b9:11:36:64:8b:9d:7e:23:
                    40:55:03:0c:be:2d:e8:c3:3e:9c:42:d7:42:26:a5:
                    97:da:9e:45:22:27:b6:a2:1c:04:18:c8:49:36:45:
                    b3:b8:c1:da:5c:23:d6:45:9d:6b:89:e6:9d:f2:cb:
                    19:b4:63:73:d9:72:50:02:5f:2e:f2:0c:ad:3d:7a:
                    fc:70:63:25:7e:5e:ad:07:a0:c1:d9:7d:87:e4:64:
                    c9:ab:77:09:2d:33:fd:bd:94:c6:c3:c6:dd:a1:55:
                    fc:a9:31:af:48:00:28:e6:75:34:76:1f:79:31:7c:
                    9f:6a:c2:43:06:23:fb:82:e1:d1:f3:b5:59:52:69:
                    7a:db:36:7e:2b:f2:41:7d:07:04:91:aa:28:06:86:
                    9b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:92:83:1A:0A:DB:1D:F5:70:6C:34:AD:B3:85:42:56:98:49:6B:49
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:55:29:9c:57:12:b4:05:5d:30:91:b8:87:f9:15:f5:91:0a:
         f9:c5:84:d1:33:c1:fd:19:39:74:58:99:bd:df:31:f9:1e:58:
         44:e0:27:ba:8f:bd:c2:3e:b5:97:da:b8:23:66:64:39:eb:10:
         24:ab:97:71:f7:ca:13:9b:b5:95:8e:a8:83:76:7c:fe:77:42:
         aa:35:7c:38:3c:31:d6:6c:2e:48:a0:88:69:eb:19:42:8c:d9:
         10:bf:d9:1a:e4:7f:9e:8a:cf:30:4b:31:e3:aa:27:8a:6d:4e:
         65:3e:0f:23:dd:9f:30:b3:32:03:26:2c:ee:cb:23:b7:f3:b0:
         b0:21:50:3d:9d:02:76:7d:2b:07:22:b1:e3:94:f6:2a:2f:49:
         38:e5:47:32:50:3f:4a:88:b7:e3:84:7a:cf:18:ad:df:34:be:
         23:76:86:1a:ff:ab:19:35:60:c6:ff:72:49:7a:45:51:e3:e5:
         6e:55:ba:6b:a6:9f:6d:77:40:b1:69:d7:24:ad:cb:4e:e7:32:
         d0:0a:8d:fe:ed:5c:a6:e2:54:88:3b:c1:ab:79:98:fa:11:4b:
         75:95:d0:a5:ad:9a:df:fe:2c:12:21:07:50:81:d4:9a:ff:37:
         b1:41:d8:07:07:eb:ed:7c:f9:02:ae:a2:b3:4e:c2:f8:b6:40:
         9e:ff:3a:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZid8LiTvwAKAnNofefi7wtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUwODEyMTEwMDU1WhcNMjUwODEzMTEwMDU1WjAzMTEwLwYDVQQD
EygzYjkyODMxYTBhZGIxZGY1NzA2YzM0YWRiMzg1NDI1Njk4NDk2YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnturl9kW2NawM9RSkW3r8SayRBYv
zM0GSZ0OYcZQP6vgXEWf6RhHy7lb1kOCCZFj7SfPyRbipes/DVsVlzPCUOPe/x31
1UPAi2b0TkTXb0i/S37QneBySOVi7QROpGvselPqADG4oGQF6+HvZUeEuRE2ZIud
fiNAVQMMvi3owz6cQtdCJqWX2p5FIie2ohwEGMhJNkWzuMHaXCPWRZ1riead8ssZ
tGNz2XJQAl8u8gytPXr8cGMlfl6tB6DB2X2H5GTJq3cJLTP9vZTGw8bdoVX8qTGv
SAAo5nU0dh95MXyfasJDBiP7guHR87VZUml62zZ+K/JBfQcEkaooBoabLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuSgxoK2x31cGw0rbOFQlaYSWtJMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzVUpnFcS
tAVdMJG4h/kV9ZEK+cWE0TPB/Rk5dFiZvd8x+R5YROAnuo+9wj61l9q4I2ZkOesQ
JKuXcffKE5u1lY6og3Z8/ndCqjV8ODwx1mwuSKCIaesZQozZEL/ZGuR/norPMEsx
46onim1OZT4PI92fMLMyAyYs7ssjt/OwsCFQPZ0Cdn0rByKx45T2Ki9JOOVHMlA/
Soi344R6zxit3zS+I3aGGv+rGTVgxv9ySXpFUePlblW6a6afbXdAsWnXJK3LTucy
0AqN/u1cpuJUiDvBq3mY+hFLdZXQpa2a3/4sEiEHUIHUmv83sUHYBwfr7Xz5Aq6i
s07C+LZAnv86rQ==
-----END CERTIFICATE-----