Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          r+3qFblqF/TFY6jJHHhWOqjkzEVnihkvhKK05H5PDGg=
Subject key identifier:   E1:4A:25:80:1A:50:E3:1D:B1:65:BB:FE:E8:C7:C7:8E:BF:7C:47:0C
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019894B7547FA9068F5D55E8BDBD81768244
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1523
Signing time:             Sun 10 Aug 2025 16:01:39 +0000
Manifest this update:     Sun 10 Aug 2025 16:01:39 +0000
Manifest next update:     Mon 11 Aug 2025 16:01:39 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 0dGM1KB58xzs0umhxUDhwYY2tmQIiYfWqbEYZrbvq2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b7:54:7f:a9:06:8f:5d:55:e8:bd:bd:81:76:82:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Aug 10 16:01:39 2025 GMT
            Not After : Aug 11 16:01:39 2025 GMT
        Subject: CN=e14a25801a50e31db165bbfee8c7c78ebf7c470c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:67:cd:6f:6e:aa:98:43:b9:64:19:b8:75:15:
                    af:b4:bc:fb:a4:81:a6:68:2a:3e:ab:49:b4:7e:9b:
                    c0:ac:b7:83:e8:55:75:2a:01:3b:35:ac:ec:03:68:
                    10:68:43:41:a5:98:ec:99:69:ef:76:ee:7f:f9:9a:
                    57:3d:5d:46:ee:bd:24:30:e5:5e:db:94:83:cb:ed:
                    7e:4a:3d:37:a9:28:ec:f6:fe:40:60:85:27:dd:d6:
                    46:de:c6:56:47:98:24:82:e1:a8:d9:93:fe:dc:d3:
                    ab:2b:20:90:d8:fc:bc:26:dc:00:67:28:10:e9:2d:
                    73:ab:8e:50:9c:e9:1b:3d:13:ea:b2:81:eb:8b:c1:
                    f8:b4:80:d2:d0:57:69:4f:ce:11:16:8d:28:c1:1f:
                    74:be:b4:b1:9c:01:a2:4d:b1:85:5d:06:a8:72:83:
                    33:63:d4:a2:d6:59:3b:f8:28:69:57:53:b4:7c:ee:
                    b9:a7:4e:8a:4c:11:8d:13:43:0b:2b:c2:83:ae:2b:
                    68:0f:47:38:6a:27:7e:c6:1d:46:f4:97:52:7b:e6:
                    d7:80:96:25:3e:ad:ff:93:27:5e:18:8b:1e:f6:cf:
                    48:44:83:f3:b6:3f:a0:bd:b9:82:01:f5:0c:b1:d0:
                    35:51:82:5f:bc:63:d9:e5:e0:38:12:6a:ad:59:ef:
                    12:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:4A:25:80:1A:50:E3:1D:B1:65:BB:FE:E8:C7:C7:8E:BF:7C:47:0C
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:82:96:12:fa:ad:03:1f:80:54:85:bb:74:35:b7:4c:43:93:
         55:9a:fd:85:a4:40:b5:64:e8:84:2b:82:09:57:5c:9f:f9:66:
         6e:9d:7a:f1:f2:7f:11:c2:a3:91:40:14:3f:86:d5:bd:5d:e1:
         3c:80:92:b4:64:2d:27:7a:d7:cb:da:13:79:a2:01:c9:a3:14:
         cc:c8:49:95:4d:af:41:34:5c:87:6c:8a:08:c3:7b:4a:eb:b1:
         d9:b3:d8:d1:45:32:0d:63:64:86:dd:33:4f:b3:69:20:d4:88:
         58:86:3e:61:e0:91:07:13:6f:9d:ed:b2:ad:bb:53:11:d9:11:
         24:71:de:70:01:5a:62:fd:67:e8:df:73:97:f5:d3:65:65:11:
         39:cc:c2:e6:86:77:41:38:da:fd:39:37:85:25:8b:f2:3d:da:
         8d:a5:9d:94:b0:95:fb:c4:7a:c0:ee:a6:44:fa:9d:3a:d8:d2:
         60:27:0a:51:66:00:8a:f7:9c:d7:bc:f8:24:84:0a:07:f3:45:
         b0:77:60:36:3e:7c:16:3a:e5:3f:c4:28:ba:aa:46:b3:98:15:
         08:b7:da:ce:c0:68:0e:bc:cc:c7:85:80:32:12:ad:fe:e0:c7:
         21:5e:f3:df:f1:96:20:0f:31:2f:df:e9:78:ec:37:c0:69:67:
         ea:34:dc:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUt1R/qQaPXVXovb2BdoJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUwODEwMTYwMTM5WhcNMjUwODExMTYwMTM5WjAzMTEwLwYDVQQD
EyhlMTRhMjU4MDFhNTBlMzFkYjE2NWJiZmVlOGM3Yzc4ZWJmN2M0NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWfNb26qmEO5ZBm4dRWvtLz7pIGm
aCo+q0m0fpvArLeD6FV1KgE7NazsA2gQaENBpZjsmWnvdu5/+ZpXPV1G7r0kMOVe
25SDy+1+Sj03qSjs9v5AYIUn3dZG3sZWR5gkguGo2ZP+3NOrKyCQ2Py8JtwAZygQ
6S1zq45QnOkbPRPqsoHri8H4tIDS0FdpT84RFo0owR90vrSxnAGiTbGFXQaocoMz
Y9Si1lk7+ChpV1O0fO65p06KTBGNE0MLK8KDritoD0c4aid+xh1G9JdSe+bXgJYl
Pq3/kydeGIse9s9IRIPztj+gvbmCAfUMsdA1UYJfvGPZ5eA4EmqtWe8StwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFKJYAaUOMdsWW7/ujHx46/fEcMMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg4KWEvqt
Ax+AVIW7dDW3TEOTVZr9haRAtWTohCuCCVdcn/lmbp168fJ/EcKjkUAUP4bVvV3h
PICStGQtJ3rXy9oTeaIByaMUzMhJlU2vQTRch2yKCMN7Suux2bPY0UUyDWNkht0z
T7NpINSIWIY+YeCRBxNvne2yrbtTEdkRJHHecAFaYv1n6N9zl/XTZWUROczC5oZ3
QTja/Tk3hSWL8j3ajaWdlLCV+8R6wO6mRPqdOtjSYCcKUWYAivec17z4JIQKB/NF
sHdgNj58FjrlP8QouqpGs5gVCLfazsBoDrzMx4WAMhKt/uDHIV7z3/GWIA8xL9/p
eOw3wGln6jTcvw==
-----END CERTIFICATE-----