Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          sRiHcvrOTBI7fHn8k71ENDQCHYU0x4jTuLXZQBjnXx8=
Subject key identifier:   27:CB:36:25:3C:75:C2:35:11:59:9E:3F:AE:01:38:73:C6:63:61:68
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       01976C98AD4A9E0A9EE0E77F44793C54FC1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          04EF
Signing time:             Sat 14 Jun 2025 04:00:34 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:34 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:34 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: aOc8l2OIgELrrm2xrVCuAzDYAh8masz7atfN8MjPNeQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:ad:4a:9e:0a:9e:e0:e7:7f:44:79:3c:54:fc:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Jun 14 04:00:34 2025 GMT
            Not After : Jun 15 04:00:34 2025 GMT
        Subject: CN=27cb36253c75c23511599e3fae013873c6636168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:3b:4f:4c:a7:03:81:30:10:d2:17:d8:8a:7e:
                    2f:51:db:0a:ac:b9:84:6f:0e:d3:0a:ae:43:63:4c:
                    e7:1d:84:de:d9:ac:0b:a5:06:38:22:96:78:15:e8:
                    88:68:72:6e:2b:75:58:19:63:5c:da:5e:ab:a3:92:
                    e7:7e:69:04:ff:ac:51:e3:3e:21:0f:fe:be:cd:31:
                    2d:eb:72:2d:e3:e1:30:f5:83:4f:4b:4b:cf:85:bd:
                    c9:b3:80:7b:79:3b:df:e3:4e:27:87:a1:6a:d2:03:
                    92:6a:e4:17:b0:0c:46:32:e0:1a:ff:cc:fd:66:74:
                    fe:83:6e:e5:c7:60:48:ea:41:dd:12:6e:cf:44:6f:
                    c8:2e:c3:f6:62:42:21:3b:e4:cc:fc:21:e1:b6:74:
                    3d:ec:2a:15:9f:4b:17:7d:2e:b3:bb:a7:a0:d0:b2:
                    74:32:b8:0b:24:d1:26:6f:e5:ce:60:a4:42:a2:a7:
                    b6:1a:c0:71:b0:4b:c8:07:04:3f:da:b7:f2:b3:23:
                    73:4d:26:b3:fc:f7:d7:3a:7b:11:27:c8:6d:3e:a5:
                    d5:92:b4:39:8c:89:d7:d5:e0:b4:3d:76:67:85:7d:
                    7c:f4:48:c8:a9:33:f9:ad:d6:68:6e:f4:b9:89:a8:
                    9d:6e:bd:b3:84:08:59:2b:ea:0a:36:41:83:f1:f0:
                    10:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:CB:36:25:3C:75:C2:35:11:59:9E:3F:AE:01:38:73:C6:63:61:68
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:57:df:cd:b9:c9:9c:04:3a:80:96:73:23:97:1e:9a:8d:10:
         0d:ca:bf:97:b0:77:77:2f:3e:1d:8a:26:19:75:de:1a:23:f1:
         a5:c6:73:a6:78:1d:d4:9c:4e:90:e6:5d:52:a7:da:a7:67:e0:
         f3:d4:ef:1f:b1:1b:99:44:6c:d9:22:7c:5e:78:b9:e0:78:20:
         df:1a:07:63:68:cb:57:f1:e8:a9:78:5a:bf:a9:82:01:ab:01:
         8c:4b:e9:9b:30:b7:cd:28:7f:16:a8:fc:b5:6f:68:ad:72:cd:
         89:2b:ff:45:a0:59:5d:4d:f6:e8:0b:83:1a:a4:eb:53:e3:02:
         9b:61:d7:d5:7b:c3:53:ca:cd:30:6c:0b:c5:5e:b4:15:2d:c1:
         42:8b:5d:f6:d0:d1:c5:98:f4:85:8f:28:e1:d9:8c:16:78:1f:
         a6:a1:03:26:2f:7e:6c:3e:f2:94:33:b6:50:fb:50:86:75:03:
         59:b5:04:da:61:e0:44:2f:4e:30:40:8f:f9:d5:d3:66:64:ab:
         54:b6:90:51:c9:55:15:73:ac:ac:c4:cd:2e:47:2b:52:0f:d0:
         02:3b:71:22:68:c7:db:69:56:91:ad:cb:c4:5c:98:64:af:3d:
         ab:c0:1f:ac:26:55:c1:11:17:1c:9f:ae:fc:1e:13:92:15:9c:
         ec:8e:dc:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmK1Kngqe4Od/RHk8VPwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUwNjE0MDQwMDM0WhcNMjUwNjE1MDQwMDM0WjAzMTEwLwYDVQQD
EygyN2NiMzYyNTNjNzVjMjM1MTE1OTllM2ZhZTAxMzg3M2M2NjM2MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TtPTKcDgTAQ0hfYin4vUdsKrLmE
bw7TCq5DY0znHYTe2awLpQY4IpZ4FeiIaHJuK3VYGWNc2l6ro5LnfmkE/6xR4z4h
D/6+zTEt63It4+Ew9YNPS0vPhb3Js4B7eTvf404nh6Fq0gOSauQXsAxGMuAa/8z9
ZnT+g27lx2BI6kHdEm7PRG/ILsP2YkIhO+TM/CHhtnQ97CoVn0sXfS6zu6eg0LJ0
MrgLJNEmb+XOYKRCoqe2GsBxsEvIBwQ/2rfysyNzTSaz/PfXOnsRJ8htPqXVkrQ5
jInX1eC0PXZnhX189EjIqTP5rdZobvS5iaidbr2zhAhZK+oKNkGD8fAQwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCfLNiU8dcI1EVmeP64BOHPGY2FoMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4FffzbnJ
nAQ6gJZzI5cemo0QDcq/l7B3dy8+HYomGXXeGiPxpcZzpngd1JxOkOZdUqfap2fg
89TvH7EbmURs2SJ8Xni54Hgg3xoHY2jLV/HoqXhav6mCAasBjEvpmzC3zSh/Fqj8
tW9orXLNiSv/RaBZXU326AuDGqTrU+MCm2HX1XvDU8rNMGwLxV60FS3BQotd9tDR
xZj0hY8o4dmMFngfpqEDJi9+bD7ylDO2UPtQhnUDWbUE2mHgRC9OMECP+dXTZmSr
VLaQUclVFXOsrMTNLkcrUg/QAjtxImjH22lWka3LxFyYZK89q8AfrCZVwREXHJ+u
/B4TkhWc7I7cIA==
-----END CERTIFICATE-----