Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
File:                     tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json)
Hash identifier:          bE1K+qXEXUmNS4u+pdmZC85drbfuCUAWXkAB/Ex8rT8=
Subject key identifier:   D7:AC:EE:F2:9D:AD:9E:F2:9B:E0:CF:24:8A:DA:77:78:08:8B:BD:3B
Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F
Certificate issuer:       /CN=b56daa6f850414a13f650df094506628a46dc12f
Certificate serial:       01976E87903E5A3682114D3C4173C301CA01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
Manifest number:          108B
Signing time:             Sat 14 Jun 2025 13:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 13:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 13:01:07 +0000
Files and hashes:         1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: dTaWOlD8yvI3zoVfLA/1GbIdmFDBsQn0wgbofCzj6Ec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 13:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:90:3e:5a:36:82:11:4d:3c:41:73:c3:01:ca:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f
        Validity
            Not Before: Jun 14 13:01:07 2025 GMT
            Not After : Jun 15 13:01:07 2025 GMT
        Subject: CN=d7aceef29dad9ef29be0cf248ada7778088bbd3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:07:be:d2:81:bd:cb:73:19:4e:bb:7a:a1:
                    e0:7e:b4:18:d2:b0:b8:25:a5:e9:95:04:f4:b4:95:
                    23:f8:f5:86:da:5c:15:c1:89:8c:2a:0a:2c:6d:b4:
                    c0:72:cb:1c:8f:9c:7a:3f:d0:4b:d0:89:4e:ea:fd:
                    0c:4e:92:d7:4f:3b:7f:5b:29:3f:84:d2:0d:35:65:
                    00:f6:19:c3:33:54:72:7e:d6:54:60:64:1a:bc:04:
                    6a:0d:a5:84:72:ca:46:e2:8a:79:5e:31:48:0b:7d:
                    14:ae:c3:46:28:77:25:34:9f:b7:88:76:d3:6c:65:
                    8f:cf:95:b0:26:d5:34:67:07:0d:da:56:e1:b3:7a:
                    e0:4a:e9:ae:c7:e6:f1:3f:ae:17:76:5e:07:c2:30:
                    15:41:0f:48:1f:c8:ae:ba:b2:69:7d:9d:aa:f8:ee:
                    eb:19:ca:71:e1:db:f5:2d:eb:e0:7d:12:fa:9c:14:
                    89:60:97:a1:47:05:5f:00:19:7a:5b:2a:7b:8d:2e:
                    0f:f1:6a:0b:d5:70:97:8d:5e:47:91:37:a5:b5:97:
                    b5:52:03:62:f6:e4:42:74:1c:e9:62:32:f6:08:eb:
                    3d:29:93:62:27:8c:c7:88:15:74:35:a1:86:0b:f9:
                    f4:4c:62:37:75:c6:46:c0:01:d0:f7:3c:4c:a9:2a:
                    c3:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:AC:EE:F2:9D:AD:9E:F2:9B:E0:CF:24:8A:DA:77:78:08:8B:BD:3B
            X509v3 Authority Key Identifier:
                keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:2d:24:a8:45:94:79:d6:f5:f0:fd:ae:2d:96:25:3a:8a:b8:
         36:e0:64:0b:3a:95:48:c0:c2:7d:dd:9a:3c:7e:dd:9d:6b:8d:
         e2:aa:fa:fe:94:56:6f:6c:c7:9a:8f:9d:24:48:6f:97:20:a8:
         c2:ce:51:8f:da:12:1e:60:11:d6:35:77:b8:57:9d:d3:fb:b3:
         d0:f0:7d:23:3e:43:08:56:5e:4c:58:d2:ad:9c:9a:0b:38:3d:
         6c:c3:ef:08:00:07:4d:21:03:d4:4e:7e:7b:e1:16:64:ba:22:
         2f:50:dc:57:60:84:bf:19:83:b7:76:99:9f:77:f1:86:ba:18:
         96:b7:b4:57:79:74:5e:22:77:cc:7e:e3:af:bd:cc:ac:04:a3:
         7e:77:33:4b:bd:aa:6f:13:d4:82:c4:32:38:fd:50:ac:87:3c:
         67:d9:52:87:62:7c:e5:04:62:cf:97:e2:87:b2:13:89:0d:3e:
         67:cf:a7:60:36:28:5f:b5:0c:91:6f:fd:42:c6:f0:36:6f:9a:
         c0:74:6d:41:0e:b4:a8:8c:6e:0a:93:a2:d6:58:87:e4:02:16:
         81:eb:f5:ef:4b:53:33:7c:86:9a:ea:e1:d5:d3:64:c7:81:5b:
         1d:74:f7:63:07:f9:e0:28:f1:e0:a2:4c:80:78:dd:3d:27:24:
         ca:37:0a:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduh5A+WjaCEU08QXPDAcoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2
ZGMxMmYwHhcNMjUwNjE0MTMwMTA3WhcNMjUwNjE1MTMwMTA3WjAzMTEwLwYDVQQD
EyhkN2FjZWVmMjlkYWQ5ZWYyOWJlMGNmMjQ4YWRhNzc3ODA4OGJiZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7YHvtKBvctzGU67eqHgfrQY0rC4
JaXplQT0tJUj+PWG2lwVwYmMKgosbbTAcsscj5x6P9BL0IlO6v0MTpLXTzt/Wyk/
hNINNWUA9hnDM1RyftZUYGQavARqDaWEcspG4op5XjFIC30UrsNGKHclNJ+3iHbT
bGWPz5WwJtU0ZwcN2lbhs3rgSumux+bxP64Xdl4HwjAVQQ9IH8iuurJpfZ2q+O7r
Gcpx4dv1LevgfRL6nBSJYJehRwVfABl6Wyp7jS4P8WoL1XCXjV5HkTeltZe1UgNi
9uRCdBzpYjL2COs9KZNiJ4zHiBV0NaGGC/n0TGI3dcZGwAHQ9zxMqSrDFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNes7vKdrZ7ym+DPJIrad3gIi707MB8GA1UdIwQY
MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt
ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm
LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVC0kqEWU
edb18P2uLZYlOoq4NuBkCzqVSMDCfd2aPH7dnWuN4qr6/pRWb2zHmo+dJEhvlyCo
ws5Rj9oSHmAR1jV3uFed0/uz0PB9Iz5DCFZeTFjSrZyaCzg9bMPvCAAHTSED1E5+
e+EWZLoiL1DcV2CEvxmDt3aZn3fxhroYlre0V3l0XiJ3zH7jr73MrASjfnczS72q
bxPUgsQyOP1QrIc8Z9lSh2J85QRiz5fih7ITiQ0+Z8+nYDYoX7UMkW/9QsbwNm+a
wHRtQQ60qIxuCpOi1liH5AIWgev170tTM3yGmurh1dNkx4FbHXT3Ywf54Cjx4KJM
gHjdPSckyjcKXw==
-----END CERTIFICATE-----