Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          kXANDyjT1Sj6gDKg6Dmsaz9HDMOr5zh6dc5CTUDEQzQ=
Subject key identifier:   1A:EC:D7:E7:12:1B:FB:0D:CE:46:FC:25:72:56:2B:8E:B1:88:14:9C
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019874503D887A528F80A2453F4BBB27C535
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          065D
Signing time:             Mon 04 Aug 2025 09:01:12 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:12 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:12 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: u8JwwimXb1ZPeQ6s6WBd752pz/2WlVS6Kuxqg8Ny85s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:3d:88:7a:52:8f:80:a2:45:3f:4b:bb:27:c5:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Aug  4 09:01:12 2025 GMT
            Not After : Aug  5 09:01:12 2025 GMT
        Subject: CN=1aecd7e7121bfb0dce46fc2572562b8eb188149c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d0:a6:78:8e:81:09:1f:e4:22:9c:38:16:93:
                    8f:c2:e5:19:df:90:b3:5d:b5:11:6e:a9:97:cd:d7:
                    4a:3e:3a:90:62:38:18:7e:b8:7a:40:0f:ff:89:38:
                    e7:a7:8b:e0:e7:94:83:3e:12:9d:70:88:13:f3:40:
                    ba:45:46:96:51:74:42:2d:95:29:2b:1e:ee:21:0a:
                    f9:59:04:de:bd:1f:d4:18:94:f9:d8:91:a5:35:92:
                    49:24:d0:c1:12:50:40:00:36:25:9f:18:80:3c:65:
                    f3:78:9f:02:ce:c7:3d:72:e2:2a:c6:56:db:58:91:
                    a1:29:61:40:50:2e:12:d8:01:26:ac:52:85:17:41:
                    04:69:21:c0:78:44:e1:72:38:d4:8e:03:68:02:bb:
                    94:a2:f1:8e:00:85:a3:80:c8:93:31:ad:cb:b9:c4:
                    d2:35:d6:5f:70:30:f9:30:11:78:59:4d:02:a7:34:
                    a3:97:1e:0e:a6:3f:1e:b2:13:be:51:7b:b1:ff:d7:
                    42:62:b1:2e:bc:7d:bc:25:58:7e:af:ff:19:0f:c6:
                    1d:ab:0e:d1:5f:43:ae:3e:da:8c:43:44:4c:8b:48:
                    bf:e4:1a:0c:9b:18:39:50:e8:ed:ff:56:7e:0a:e6:
                    68:49:d2:26:3d:7e:df:9e:32:df:de:37:44:a1:60:
                    5c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:EC:D7:E7:12:1B:FB:0D:CE:46:FC:25:72:56:2B:8E:B1:88:14:9C
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:b3:d1:32:bc:cf:52:81:03:6c:40:7c:94:76:12:a4:d6:bf:
         43:4b:cf:02:5b:d2:6c:df:9d:1f:40:49:51:8f:15:00:1b:79:
         89:2d:ff:0e:f4:59:28:17:6f:bc:fd:72:76:d2:8f:42:2a:73:
         0c:c9:13:e1:1e:d0:9b:1b:7c:18:c4:e9:b9:f6:00:d7:20:1d:
         89:df:76:06:d1:ce:0a:66:79:a3:a6:11:5a:f0:1b:19:c4:52:
         23:83:01:ce:15:9b:44:39:ce:e5:6a:35:f7:28:cc:18:0c:72:
         c7:fd:e4:02:aa:30:0a:99:14:de:a6:de:c9:04:cb:0a:f8:f3:
         1d:e1:a4:bd:50:20:65:71:22:a9:ed:a9:b7:58:2c:a7:66:4d:
         91:61:24:70:db:51:f1:39:a7:a9:85:81:8c:c7:a2:3e:f4:a7:
         66:2e:fa:da:7d:6d:9c:66:50:ab:54:17:4f:a0:01:a2:10:6e:
         31:30:5c:9e:4d:f8:e0:9e:69:8b:35:73:21:78:f9:a7:98:d0:
         39:82:a3:3d:88:63:e3:cb:ec:17:37:fd:2c:62:6c:14:44:f9:
         d9:8c:cd:03:a1:00:10:a4:e6:70:ee:3c:32:24:b6:2a:cf:f0:
         03:3f:08:cc:4b:33:78:33:08:f1:df:0c:a6:c7:5c:67:9f:ff:
         17:b2:4f:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UD2IelKPgKJFP0u7J8U1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUwODA0MDkwMTEyWhcNMjUwODA1MDkwMTEyWjAzMTEwLwYDVQQD
EygxYWVjZDdlNzEyMWJmYjBkY2U0NmZjMjU3MjU2MmI4ZWIxODgxNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttCmeI6BCR/kIpw4FpOPwuUZ35Cz
XbURbqmXzddKPjqQYjgYfrh6QA//iTjnp4vg55SDPhKdcIgT80C6RUaWUXRCLZUp
Kx7uIQr5WQTevR/UGJT52JGlNZJJJNDBElBAADYlnxiAPGXzeJ8Czsc9cuIqxlbb
WJGhKWFAUC4S2AEmrFKFF0EEaSHAeEThcjjUjgNoAruUovGOAIWjgMiTMa3LucTS
NdZfcDD5MBF4WU0CpzSjlx4Opj8eshO+UXux/9dCYrEuvH28JVh+r/8ZD8Ydqw7R
X0OuPtqMQ0RMi0i/5BoMmxg5UOjt/1Z+CuZoSdImPX7fnjLf3jdEoWBcVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrs1+cSG/sNzkb8JXJWK46xiBScMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7PRMrzP
UoEDbEB8lHYSpNa/Q0vPAlvSbN+dH0BJUY8VABt5iS3/DvRZKBdvvP1ydtKPQipz
DMkT4R7Qmxt8GMTpufYA1yAdid92BtHOCmZ5o6YRWvAbGcRSI4MBzhWbRDnO5Wo1
9yjMGAxyx/3kAqowCpkU3qbeyQTLCvjzHeGkvVAgZXEiqe2pt1gsp2ZNkWEkcNtR
8TmnqYWBjMeiPvSnZi762n1tnGZQq1QXT6ABohBuMTBcnk344J5pizVzIXj5p5jQ
OYKjPYhj48vsFzf9LGJsFET52YzNA6EAEKTmcO48MiS2Ks/wAz8IzEszeDMI8d8M
psdcZ5//F7JP3Q==
-----END CERTIFICATE-----