Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
File:                     2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json)
Hash identifier:          sTo45OvnafzGF8PnOsdVuIZOWEeHNPn/CXIOMGKFAZg=
Subject key identifier:   7A:E0:06:5F:11:23:13:27:37:89:2B:6D:6B:A4:07:3A:AA:D4:D9:2B
Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91
Certificate issuer:       /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
Certificate serial:       01987BD260842402AEF7689744CC19FE8161
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
Manifest number:          02CA
Signing time:             Tue 05 Aug 2025 20:00:41 +0000
Manifest this update:     Tue 05 Aug 2025 20:00:41 +0000
Manifest next update:     Wed 06 Aug 2025 20:00:41 +0000
Files and hashes:         1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: KAgzVNm0VHpJpvdvs8spKSFXHW0rXASPeN1+GyYl8v0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:d2:60:84:24:02:ae:f7:68:97:44:cc:19:fe:81:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91
        Validity
            Not Before: Aug  5 20:00:41 2025 GMT
            Not After : Aug  6 20:00:41 2025 GMT
        Subject: CN=7ae0065f1123132737892b6d6ba4073aaad4d92b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:56:5e:79:88:18:bd:0b:df:de:f4:41:45:22:
                    16:63:4a:b6:36:3e:d2:3d:27:3e:fa:55:d6:e3:d6:
                    50:00:75:b2:a2:23:0d:81:3b:c3:73:cb:f6:3a:09:
                    04:63:6e:ad:0e:83:db:6f:f5:06:7c:f0:4a:38:5e:
                    8b:61:08:28:25:9d:e8:a1:24:28:4f:0a:b7:7f:12:
                    b4:27:25:0d:e7:1b:12:f0:88:31:9f:e6:90:a1:f1:
                    14:39:0c:c2:0a:27:e7:98:cc:f8:94:99:50:00:4b:
                    f4:04:a2:68:6e:f2:83:d5:25:64:1b:68:20:37:25:
                    88:6d:e0:36:35:40:77:7f:2b:a6:61:b3:35:b6:90:
                    34:ba:8e:c7:d5:cb:f4:c2:82:a2:48:3a:cb:77:05:
                    09:76:75:90:ef:b0:33:65:e9:5a:b9:69:e8:a3:7c:
                    ed:50:ae:e7:0f:36:8b:f0:46:09:10:b2:30:95:05:
                    7f:87:52:e8:d0:0c:ec:bf:c4:16:93:0a:66:e1:6e:
                    18:64:9c:02:2d:a8:a3:1d:b5:5d:bd:e2:7f:24:ca:
                    c1:04:3e:9e:40:fe:8e:2b:86:03:df:ee:2d:6a:11:
                    69:fd:0f:fb:e1:e9:18:ed:e3:9e:3a:7f:f6:cd:f8:
                    35:6e:0b:50:f3:49:41:f9:9f:6a:a0:7b:8a:e2:05:
                    77:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E0:06:5F:11:23:13:27:37:89:2B:6D:6B:A4:07:3A:AA:D4:D9:2B
            X509v3 Authority Key Identifier:
                keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:38:ef:37:b0:9a:8e:b2:b2:7c:11:ad:96:5c:0d:60:c4:ec:
         8d:f2:20:16:48:c2:96:55:5e:eb:3b:57:45:c8:77:94:fc:4e:
         da:b4:24:b4:0d:01:2b:b0:15:f8:3a:9c:25:44:e3:e0:3c:f3:
         bd:b2:3f:f6:d5:4b:fb:92:d5:64:3f:90:b9:90:b2:8d:e5:92:
         72:1e:22:29:c3:cf:71:e3:8a:64:6c:90:d6:9d:57:51:61:d3:
         b6:7e:a3:d7:39:0e:11:72:39:32:03:3a:bc:08:26:8e:00:ea:
         c7:a3:88:37:41:08:19:b3:39:8e:f1:1b:bc:8a:26:18:2c:94:
         d2:8d:73:2f:ca:43:64:4c:65:6a:bf:b1:7c:d5:14:dc:09:3f:
         71:6d:69:f0:32:8f:55:37:08:5d:e9:e0:e2:a5:77:da:99:66:
         ae:24:23:f2:5a:31:c6:2b:15:0b:18:96:21:2c:54:29:b3:8f:
         a8:53:c3:8e:63:60:36:fe:3b:54:27:5d:3d:67:f4:b2:78:5b:
         37:b7:fd:6b:51:c2:5c:24:82:08:5c:b6:df:b9:09:6e:a6:6d:
         4e:93:04:5f:97:05:9a:a2:4b:4d:e7:24:d5:0a:f0:cf:83:4a:
         f3:f4:b7:2c:4c:70:85:3d:ff:94:e7:ed:71:99:b0:cb:39:c7:
         ce:5e:e8:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh70mCEJAKu92iXRMwZ/oFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm
N2VhOTEwHhcNMjUwODA1MjAwMDQxWhcNMjUwODA2MjAwMDQxWjAzMTEwLwYDVQQD
Eyg3YWUwMDY1ZjExMjMxMzI3Mzc4OTJiNmQ2YmE0MDczYWFhZDRkOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1ZeeYgYvQvf3vRBRSIWY0q2Nj7S
PSc++lXW49ZQAHWyoiMNgTvDc8v2OgkEY26tDoPbb/UGfPBKOF6LYQgoJZ3ooSQo
Twq3fxK0JyUN5xsS8Igxn+aQofEUOQzCCifnmMz4lJlQAEv0BKJobvKD1SVkG2gg
NyWIbeA2NUB3fyumYbM1tpA0uo7H1cv0woKiSDrLdwUJdnWQ77AzZelauWnoo3zt
UK7nDzaL8EYJELIwlQV/h1Lo0Azsv8QWkwpm4W4YZJwCLaijHbVdveJ/JMrBBD6e
QP6OK4YD3+4tahFp/Q/74ekY7eOeOn/2zfg1bgtQ80lB+Z9qoHuK4gV34wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrgBl8RIxMnN4krbWukBzqq1NkrMB8GA1UdIwQY
MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt
NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0
LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTjvN7Ca
jrKyfBGtllwNYMTsjfIgFkjCllVe6ztXRch3lPxO2rQktA0BK7AV+DqcJUTj4Dzz
vbI/9tVL+5LVZD+QuZCyjeWSch4iKcPPceOKZGyQ1p1XUWHTtn6j1zkOEXI5MgM6
vAgmjgDqx6OIN0EIGbM5jvEbvIomGCyU0o1zL8pDZExlar+xfNUU3Ak/cW1p8DKP
VTcIXeng4qV32plmriQj8loxxisVCxiWISxUKbOPqFPDjmNgNv47VCddPWf0snhb
N7f9a1HCXCSCCFy237kJbqZtTpMEX5cFmqJLTeck1Qrwz4NK8/S3LExwhT3/lOft
cZmwyznHzl7omA==
-----END CERTIFICATE-----