Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          HdNUAFfFJ9K5S5Q8eeAxje/MxKdbS+VsTrZRRaCPBHo=
Subject key identifier:   51:F0:F4:8F:82:C3:1D:41:27:5D:56:32:69:99:3A:B9:49:3F:E1:B1
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       01976D3E4F404B2F488BC0CFB32010D7D80E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0ECC
Signing time:             Sat 14 Jun 2025 07:01:29 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:29 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:29 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: B1PigozcygtXk33HvHAReHJ87qMqa89sVcjp/IgZuBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:4f:40:4b:2f:48:8b:c0:cf:b3:20:10:d7:d8:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Jun 14 07:01:29 2025 GMT
            Not After : Jun 15 07:01:29 2025 GMT
        Subject: CN=51f0f48f82c31d41275d563269993ab9493fe1b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:db:4e:7f:fc:72:31:d5:dc:20:d9:1a:81:bc:
                    dc:6b:2a:9a:67:5b:fe:39:93:91:3a:df:b8:97:53:
                    b4:ac:36:2b:32:b8:3d:fc:d6:ed:a5:4c:74:79:de:
                    63:f1:96:06:4a:88:da:b3:42:c8:a3:cb:f0:cb:3f:
                    e2:80:3a:6f:0d:4d:f5:47:b4:a5:6b:ae:8d:a0:15:
                    96:2a:50:0e:2e:24:c9:0f:4f:f2:d1:21:06:6f:06:
                    d7:f4:61:68:dd:f8:33:be:f6:a7:8f:90:e8:a2:a1:
                    83:a6:f1:dd:f6:45:7a:9f:cd:29:56:d2:07:50:65:
                    10:43:fb:13:fc:b8:8d:25:8d:50:3e:00:6f:ee:e3:
                    7d:89:43:6c:5a:64:cc:d7:c5:99:22:a4:bd:02:fc:
                    c2:71:e3:87:cd:09:bb:bc:2c:f8:23:1a:cf:7a:90:
                    7d:40:61:50:3d:0b:a1:ba:9f:c7:e1:a3:7c:60:5f:
                    9e:78:99:46:62:18:9a:01:91:2e:00:d0:f9:8d:35:
                    70:cd:01:de:ac:e5:0a:b9:f4:15:fe:b7:b5:76:90:
                    d2:a1:51:dc:79:72:ef:ac:74:64:c4:eb:8d:8e:fd:
                    fd:05:99:4e:a9:80:62:f0:40:c6:32:e1:d0:72:81:
                    33:67:11:de:96:bf:d6:c1:f5:c9:a9:9a:e1:d6:e6:
                    be:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:F0:F4:8F:82:C3:1D:41:27:5D:56:32:69:99:3A:B9:49:3F:E1:B1
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:2b:66:c7:d8:cd:65:31:19:f7:1f:96:0c:4c:a1:d0:c7:3b:
         87:33:a8:f7:38:fc:a3:75:cb:25:b8:8d:07:79:4a:b4:66:aa:
         ea:3a:5c:f2:9a:50:22:70:f4:04:20:d5:62:56:b8:5a:eb:d8:
         5b:29:48:1e:c7:e2:c7:63:6d:29:b0:d6:b4:fb:4a:6d:55:cf:
         c4:98:44:eb:7b:77:7a:a0:e9:09:0d:92:81:df:e6:87:c1:b4:
         ef:cc:c3:a8:f9:d4:27:f0:7d:0f:8b:c8:29:21:09:55:d3:ae:
         a7:d0:7e:11:47:a8:1f:3e:fb:c8:01:71:ca:88:f0:4c:0f:38:
         dd:53:3b:80:0f:f4:50:da:64:1e:33:09:c7:17:e1:ef:53:da:
         6e:11:0a:b9:e9:53:85:21:24:4c:30:34:7c:88:47:2a:72:52:
         59:ca:c7:1d:0c:27:fa:60:ca:aa:ac:63:6d:2f:84:77:a3:9e:
         00:76:ca:19:73:eb:9f:25:a5:98:f9:b7:80:3a:dd:12:10:08:
         c2:cd:4c:8d:04:27:f7:6e:92:4d:8a:8e:56:06:06:41:31:e1:
         07:91:f8:b5:cd:e5:dc:42:a2:82:b5:fa:9c:4a:47:13:a3:93:
         f6:bb:a3:29:c6:ef:d2:3e:3f:d5:c2:89:3a:7a:1d:7d:dd:f5:
         32:7c:cd:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPk9ASy9Ii8DPsyAQ19gOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwNjE0MDcwMTI5WhcNMjUwNjE1MDcwMTI5WjAzMTEwLwYDVQQD
Eyg1MWYwZjQ4ZjgyYzMxZDQxMjc1ZDU2MzI2OTk5M2FiOTQ5M2ZlMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9tOf/xyMdXcINkagbzcayqaZ1v+
OZOROt+4l1O0rDYrMrg9/NbtpUx0ed5j8ZYGSojas0LIo8vwyz/igDpvDU31R7Sl
a66NoBWWKlAOLiTJD0/y0SEGbwbX9GFo3fgzvvanj5DooqGDpvHd9kV6n80pVtIH
UGUQQ/sT/LiNJY1QPgBv7uN9iUNsWmTM18WZIqS9AvzCceOHzQm7vCz4IxrPepB9
QGFQPQuhup/H4aN8YF+eeJlGYhiaAZEuAND5jTVwzQHerOUKufQV/re1dpDSoVHc
eXLvrHRkxOuNjv39BZlOqYBi8EDGMuHQcoEzZxHelr/WwfXJqZrh1ua+aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHw9I+Cwx1BJ11WMmmZOrlJP+GxMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIytmx9jN
ZTEZ9x+WDEyh0Mc7hzOo9zj8o3XLJbiNB3lKtGaq6jpc8ppQInD0BCDVYla4WuvY
WylIHsfix2NtKbDWtPtKbVXPxJhE63t3eqDpCQ2Sgd/mh8G078zDqPnUJ/B9D4vI
KSEJVdOup9B+EUeoHz77yAFxyojwTA843VM7gA/0UNpkHjMJxxfh71PabhEKuelT
hSEkTDA0fIhHKnJSWcrHHQwn+mDKqqxjbS+Ed6OeAHbKGXPrnyWlmPm3gDrdEhAI
ws1MjQQn926STYqOVgYGQTHhB5H4tc3l3EKigrX6nEpHE6OT9rujKcbv0j4/1cKJ
Onodfd31MnzNXg==
-----END CERTIFICATE-----