Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          3MSmx5oK8gw2DDUVu9RAbIoYn6zp5ZRHV6Vkou6+bHM=
Subject key identifier:   DC:1E:35:81:4E:9F:D1:E8:8A:F5:8B:4D:70:6F:14:BA:37:6C:F0:D0
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       019873E21AE8DEF75A1924973B8F109AF610
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0F54
Signing time:             Mon 04 Aug 2025 07:00:54 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:54 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:54 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: wZoqwvYyWAa9OxJlo/F7rDtm0u93sypjpyg4Xgw9tgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:1a:e8:de:f7:5a:19:24:97:3b:8f:10:9a:f6:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Aug  4 07:00:54 2025 GMT
            Not After : Aug  5 07:00:54 2025 GMT
        Subject: CN=dc1e35814e9fd1e88af58b4d706f14ba376cf0d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:49:1e:32:0c:9a:82:d5:f0:b7:de:f4:cc:37:
                    5b:cb:aa:ff:5e:2f:d9:c7:4d:71:d2:1e:7e:80:6b:
                    8a:15:ee:f4:d9:3a:84:02:d1:7c:7b:1e:e4:fb:84:
                    a0:22:a7:cb:2f:ba:c0:d8:fa:a1:04:f1:77:02:8b:
                    3a:c1:53:9b:de:7b:14:f7:d8:74:d0:27:2f:42:18:
                    8d:bc:53:9e:65:eb:04:e9:5e:6d:c8:7f:f7:17:dc:
                    a5:93:9b:9b:29:23:91:57:7c:d7:5a:d5:b6:64:31:
                    d2:5d:14:3c:45:bd:fe:a3:bb:84:62:a2:c0:e1:07:
                    56:43:37:92:99:4d:70:04:df:e5:63:46:d2:82:28:
                    8d:87:7f:ca:b8:85:61:69:04:6c:58:9c:e9:96:57:
                    b5:d8:c0:65:c1:61:9c:2c:ac:6c:de:37:25:61:00:
                    10:f4:9b:65:88:20:07:f8:7a:85:1d:e1:d0:6d:99:
                    92:5a:ec:5a:3f:41:ca:13:7d:85:c7:1c:58:9e:49:
                    4f:5b:eb:81:6f:eb:6a:c6:45:83:3c:8e:01:53:34:
                    6a:02:83:86:d5:31:ae:39:cd:e1:a8:b3:53:53:a5:
                    e7:78:71:f4:e8:3e:51:a9:94:dc:83:84:22:1f:2f:
                    6c:87:4f:a5:44:27:99:73:9b:66:17:ff:94:bd:ff:
                    42:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:1E:35:81:4E:9F:D1:E8:8A:F5:8B:4D:70:6F:14:BA:37:6C:F0:D0
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:32:27:e4:ef:83:3e:4d:1d:d7:f0:25:f2:bc:9b:8f:96:64:
         12:dd:fa:64:dc:13:ea:9c:7f:c6:59:ea:d3:ec:b5:e7:59:04:
         7d:fa:ce:93:f4:e9:e8:89:6e:5a:d0:c7:d7:78:2b:2e:37:c3:
         1f:59:c0:3c:ac:fe:a1:0d:04:6b:c1:78:07:3e:48:6f:7b:5a:
         a9:f5:d8:8f:22:8c:ba:02:f8:4a:2a:cf:05:b8:6d:ac:cc:e1:
         53:38:f9:3f:9a:2a:e6:8b:17:c4:e6:4e:a6:a6:28:4d:5f:0a:
         fa:13:ab:57:11:4b:e2:c8:da:c7:4b:ac:5c:58:5c:9d:bf:b7:
         fb:f7:e6:6a:27:3b:30:f3:03:62:78:67:65:74:36:09:d8:e9:
         6e:64:fb:07:57:5b:be:57:ec:65:b9:82:e0:10:ee:19:52:9b:
         89:b0:39:08:36:41:b7:00:4b:bb:56:86:ac:c3:01:be:b0:45:
         be:31:33:b1:7f:42:e4:41:58:83:ce:f8:e8:32:e2:6b:03:d6:
         0c:11:cc:cb:d8:21:4a:8a:e6:ac:c2:31:24:fa:43:f3:bc:78:
         81:8e:60:33:f8:df:a2:c4:6f:02:26:d5:5d:69:0a:21:01:3f:
         68:cf:c7:89:9b:3f:fc:e9:da:fc:dd:c8:66:4c:d4:02:02:54:
         d2:eb:a9:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4hro3vdaGSSXO48QmvYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwODA0MDcwMDU0WhcNMjUwODA1MDcwMDU0WjAzMTEwLwYDVQQD
EyhkYzFlMzU4MTRlOWZkMWU4OGFmNThiNGQ3MDZmMTRiYTM3NmNmMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEkeMgyagtXwt970zDdby6r/Xi/Z
x01x0h5+gGuKFe702TqEAtF8ex7k+4SgIqfLL7rA2PqhBPF3Aos6wVOb3nsU99h0
0CcvQhiNvFOeZesE6V5tyH/3F9ylk5ubKSORV3zXWtW2ZDHSXRQ8Rb3+o7uEYqLA
4QdWQzeSmU1wBN/lY0bSgiiNh3/KuIVhaQRsWJzplle12MBlwWGcLKxs3jclYQAQ
9JtliCAH+HqFHeHQbZmSWuxaP0HKE32FxxxYnklPW+uBb+tqxkWDPI4BUzRqAoOG
1TGuOc3hqLNTU6XneHH06D5RqZTcg4QiHy9sh0+lRCeZc5tmF/+Uvf9CXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNweNYFOn9HoivWLTXBvFLo3bPDQMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDIn5O+D
Pk0d1/Al8rybj5ZkEt36ZNwT6px/xlnq0+y151kEffrOk/Tp6IluWtDH13grLjfD
H1nAPKz+oQ0Ea8F4Bz5Ib3taqfXYjyKMugL4SirPBbhtrMzhUzj5P5oq5osXxOZO
pqYoTV8K+hOrVxFL4sjax0usXFhcnb+3+/fmaic7MPMDYnhnZXQ2CdjpbmT7B1db
vlfsZbmC4BDuGVKbibA5CDZBtwBLu1aGrMMBvrBFvjEzsX9C5EFYg8746DLiawPW
DBHMy9ghSormrMIxJPpD87x4gY5gM/jfosRvAibVXWkKIQE/aM/HiZs//Ona/N3I
ZkzUAgJU0uupGg==
-----END CERTIFICATE-----