Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          HXSMkkgUr4Aj7v0NTuAKkvaId/28CgbOXMvlSVWqgTQ=
Subject key identifier:   C6:4A:02:9D:37:E8:A8:A9:82:47:F1:52:89:B4:73:DE:85:18:E8:50
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       01976DABEC83067FBAF2620E8D56B5C94611
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          05D5
Signing time:             Sat 14 Jun 2025 09:01:13 +0000
Manifest this update:     Sat 14 Jun 2025 09:01:13 +0000
Manifest next update:     Sun 15 Jun 2025 09:01:13 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: lyzvWqszYXDuXwJVJ4M+Hd1SQyOv77fxhprzbE2Xbqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 09:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:ec:83:06:7f:ba:f2:62:0e:8d:56:b5:c9:46:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Jun 14 09:01:13 2025 GMT
            Not After : Jun 15 09:01:13 2025 GMT
        Subject: CN=c64a029d37e8a8a98247f15289b473de8518e850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3d:2f:3a:a7:b4:53:5c:93:4b:5a:9e:8c:dd:
                    79:4d:cd:2a:c1:45:ad:c5:e6:ce:8b:01:6b:d3:f0:
                    10:94:73:41:d9:c4:e1:40:0f:11:29:a1:56:02:ac:
                    3b:8d:98:b7:19:1a:ce:78:00:f7:23:92:8d:fc:87:
                    a1:e2:4a:90:fe:e6:49:62:41:54:11:28:17:0e:35:
                    5e:d1:63:25:d6:d5:a6:e9:1d:f0:12:79:6c:b3:0e:
                    ca:1b:a0:af:85:bd:2d:17:d1:2d:27:c6:fb:4a:9d:
                    a0:c2:b0:eb:60:9b:86:78:31:8d:64:ee:5a:21:b2:
                    7b:7b:1e:77:c7:9b:6f:f1:a4:b0:4f:59:ff:48:34:
                    5a:f5:9b:5c:1c:4d:f6:76:0e:86:ff:15:a2:3b:f0:
                    af:7f:40:10:83:f4:30:36:d3:b9:e3:41:7b:26:64:
                    22:74:9e:38:d5:7c:9b:58:d0:6b:28:de:1a:00:74:
                    fb:48:8f:65:eb:46:85:51:f5:2a:6e:85:6d:1b:24:
                    0d:10:53:ca:6e:8a:68:3c:b8:c8:01:fb:0e:8d:20:
                    ef:e6:0a:b6:ce:ac:46:c5:92:35:53:87:d5:a4:e3:
                    e5:ba:64:cc:09:aa:37:dd:dd:83:52:f7:e4:7f:c3:
                    f4:b7:8f:ef:50:14:ac:71:e7:c2:b4:01:43:5b:db:
                    7f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:4A:02:9D:37:E8:A8:A9:82:47:F1:52:89:B4:73:DE:85:18:E8:50
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:49:14:c7:e7:f5:96:ad:86:7b:09:02:d7:4d:1f:36:e7:1e:
         45:6b:c6:f7:ba:69:86:c2:68:7c:38:e5:2c:a5:3e:12:f0:b3:
         87:18:c9:04:67:b3:19:b2:42:84:bb:eb:30:56:9c:b0:74:15:
         0f:ac:e1:a7:1e:a2:ce:da:c8:eb:f2:d4:cb:69:02:3e:87:94:
         4c:7c:e5:9c:67:8c:d2:c0:e4:05:d4:14:72:17:68:d2:d6:91:
         b6:cb:fd:da:72:3b:0d:3f:ca:a9:a3:1d:27:44:a3:68:b9:f2:
         d5:43:bf:1a:83:02:33:d4:c2:ba:44:64:87:d7:dc:6f:a4:84:
         90:8f:aa:09:90:21:c0:5b:39:77:53:14:f8:4d:0d:7c:ee:df:
         6e:cf:66:7b:e4:70:f1:d1:a6:25:22:e8:4e:31:3f:74:a0:ed:
         00:92:59:77:52:30:05:b8:23:e2:c2:f7:fb:f5:87:0f:84:b8:
         e7:f3:63:93:42:de:4f:a7:88:80:05:1e:df:fe:6a:8f:ed:03:
         7e:33:c6:1e:01:e7:7a:1b:ea:fd:a1:15:ab:52:47:4a:5e:c3:
         07:72:7c:19:50:bd:4a:ff:4d:27:91:dc:35:43:d8:aa:7c:b5:
         28:a1:fd:85:d9:35:82:43:ac:2a:38:b2:9c:62:90:be:2c:2c:
         0d:0b:4b:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq+yDBn+68mIOjVa1yUYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUwNjE0MDkwMTEzWhcNMjUwNjE1MDkwMTEzWjAzMTEwLwYDVQQD
EyhjNjRhMDI5ZDM3ZThhOGE5ODI0N2YxNTI4OWI0NzNkZTg1MThlODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj0vOqe0U1yTS1qejN15Tc0qwUWt
xebOiwFr0/AQlHNB2cThQA8RKaFWAqw7jZi3GRrOeAD3I5KN/Ieh4kqQ/uZJYkFU
ESgXDjVe0WMl1tWm6R3wEnlssw7KG6Cvhb0tF9EtJ8b7Sp2gwrDrYJuGeDGNZO5a
IbJ7ex53x5tv8aSwT1n/SDRa9ZtcHE32dg6G/xWiO/Cvf0AQg/QwNtO540F7JmQi
dJ441XybWNBrKN4aAHT7SI9l60aFUfUqboVtGyQNEFPKbopoPLjIAfsOjSDv5gq2
zqxGxZI1U4fVpOPlumTMCao33d2DUvfkf8P0t4/vUBSscefCtAFDW9t/hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMZKAp036KipgkfxUom0c96FGOhQMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr0kUx+f1
lq2GewkC100fNuceRWvG97pphsJofDjlLKU+EvCzhxjJBGezGbJChLvrMFacsHQV
D6zhpx6iztrI6/LUy2kCPoeUTHzlnGeM0sDkBdQUchdo0taRtsv92nI7DT/KqaMd
J0SjaLny1UO/GoMCM9TCukRkh9fcb6SEkI+qCZAhwFs5d1MU+E0NfO7fbs9me+Rw
8dGmJSLoTjE/dKDtAJJZd1IwBbgj4sL3+/WHD4S45/Njk0LeT6eIgAUe3/5qj+0D
fjPGHgHnehvq/aEVq1JHSl7DB3J8GVC9Sv9NJ5HcNUPYqny1KKH9hdk1gkOsKjiy
nGKQviwsDQtLag==
-----END CERTIFICATE-----