Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          8c2zCIiQYUJHKqo/YLjs5DRpJa0OApJ02aLZQrCQbXs=
Subject key identifier:   1D:FC:0A:7F:AC:EF:E4:B0:6A:14:DA:79:F7:88:57:C7:55:BE:6F:03
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       0197790A988BCFEB3B885FC05315AE952C9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          0244
Signing time:             Mon 16 Jun 2025 14:00:26 +0000
Manifest this update:     Mon 16 Jun 2025 14:00:26 +0000
Manifest next update:     Tue 17 Jun 2025 14:00:26 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: chi66hL++DWIY5/chf2Kffx4AtLP+mMVa5z3GmD9+h4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:0a:98:8b:cf:eb:3b:88:5f:c0:53:15:ae:95:2c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Jun 16 14:00:26 2025 GMT
            Not After : Jun 17 14:00:26 2025 GMT
        Subject: CN=1dfc0a7facefe4b06a14da79f78857c755be6f03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c7:ba:e6:e2:0f:6c:d9:9c:eb:36:6a:18:0b:
                    98:d9:78:ec:69:32:6e:83:7e:67:6c:e4:a4:7c:11:
                    08:19:d5:7b:e4:f7:7e:83:c6:04:cf:ab:4a:00:8b:
                    d6:e9:75:44:8b:43:8d:cf:07:5b:df:61:23:42:c5:
                    f4:71:bd:4b:3b:04:95:7c:85:52:dd:3d:b7:26:00:
                    1b:80:6e:7f:06:1e:31:52:59:2b:83:6b:87:88:de:
                    62:15:a3:63:e5:b7:7b:38:08:90:76:40:f8:7e:9b:
                    53:02:e8:43:e7:cc:62:a6:a6:b2:d4:89:b9:49:53:
                    c9:b7:62:31:8c:3e:1f:9a:30:39:67:c4:aa:b1:54:
                    c1:3b:60:45:31:bf:e1:1b:fc:73:e6:7f:cc:33:8b:
                    99:6f:d5:96:83:4a:1d:d0:44:19:69:fd:28:27:a6:
                    18:73:f3:c3:4f:b8:d9:13:79:d3:db:d0:fd:26:f4:
                    95:34:22:f1:e8:fb:9d:c9:ec:84:f5:ed:ab:cd:d4:
                    4f:a5:ef:e7:b1:c4:f8:41:34:71:50:f9:26:73:aa:
                    d8:b0:2b:e6:8a:a9:c8:a1:fd:cb:21:8a:f2:57:e2:
                    c3:29:13:88:e9:36:30:f6:7a:6f:74:99:20:a9:ba:
                    6d:fa:35:1a:b4:50:61:ed:e3:93:dc:ce:fb:21:5b:
                    6d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:FC:0A:7F:AC:EF:E4:B0:6A:14:DA:79:F7:88:57:C7:55:BE:6F:03
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:9c:e1:5b:67:05:cb:e0:d9:c5:22:c9:a8:e1:3a:d3:8b:72:
         90:d5:9c:7e:66:f2:e1:8b:ca:be:90:44:fb:16:5b:89:8d:21:
         f8:24:32:64:01:85:fc:f4:09:58:08:b9:1b:b9:ca:90:49:22:
         73:09:4e:4f:01:fd:eb:17:ec:a0:b5:34:78:83:1b:60:dc:ab:
         74:95:45:09:86:71:50:ea:87:b0:b8:2a:ce:68:e3:28:09:7e:
         46:9e:82:ed:c7:4d:d2:b5:2d:eb:24:bf:3e:52:ca:24:ed:b2:
         8b:16:9c:cb:85:57:fa:f5:cc:41:2e:a7:ca:97:6e:33:2a:cc:
         12:97:43:3f:c1:bd:2e:03:30:08:20:29:be:8a:d5:87:99:8a:
         6c:28:7f:4b:ce:14:6e:ef:0c:16:09:cc:2c:22:ef:06:b9:e5:
         95:cf:cc:df:43:b7:44:63:2f:01:b0:4b:2d:2f:e4:58:ea:15:
         d3:50:b2:18:83:9f:9a:c5:f1:00:68:6e:f4:42:78:25:bf:16:
         75:85:44:7d:3f:4c:1e:67:a6:d0:7c:20:6e:12:7a:01:54:50:
         8d:af:12:b7:5a:24:dd:72:ac:26:d2:71:24:69:ec:67:0b:3d:
         75:ea:75:30:92:c6:1d:18:d7:2b:29:34:c6:4e:f4:d9:42:e5:
         a5:e3:38:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5CpiLz+s7iF/AUxWulSyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUwNjE2MTQwMDI2WhcNMjUwNjE3MTQwMDI2WjAzMTEwLwYDVQQD
EygxZGZjMGE3ZmFjZWZlNGIwNmExNGRhNzlmNzg4NTdjNzU1YmU2ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38e65uIPbNmc6zZqGAuY2XjsaTJu
g35nbOSkfBEIGdV75Pd+g8YEz6tKAIvW6XVEi0ONzwdb32EjQsX0cb1LOwSVfIVS
3T23JgAbgG5/Bh4xUlkrg2uHiN5iFaNj5bd7OAiQdkD4fptTAuhD58xipqay1Im5
SVPJt2IxjD4fmjA5Z8SqsVTBO2BFMb/hG/xz5n/MM4uZb9WWg0od0EQZaf0oJ6YY
c/PDT7jZE3nT29D9JvSVNCLx6PudyeyE9e2rzdRPpe/nscT4QTRxUPkmc6rYsCvm
iqnIof3LIYryV+LDKROI6TYw9npvdJkgqbpt+jUatFBh7eOT3M77IVttWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB38Cn+s7+SwahTaefeIV8dVvm8DMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5zhW2cF
y+DZxSLJqOE604tykNWcfmby4YvKvpBE+xZbiY0h+CQyZAGF/PQJWAi5G7nKkEki
cwlOTwH96xfsoLU0eIMbYNyrdJVFCYZxUOqHsLgqzmjjKAl+Rp6C7cdN0rUt6yS/
PlLKJO2yixacy4VX+vXMQS6nypduMyrMEpdDP8G9LgMwCCApvorVh5mKbCh/S84U
bu8MFgnMLCLvBrnllc/M30O3RGMvAbBLLS/kWOoV01CyGIOfmsXxAGhu9EJ4Jb8W
dYVEfT9MHmem0HwgbhJ6AVRQja8St1ok3XKsJtJxJGnsZws9dep1MJLGHRjXKyk0
xk702ULlpeM4sw==
-----END CERTIFICATE-----