Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          UUj8xOFULZpyqllNveaXGMDfRh4XvcrzbKMJx3G1g3c=
Subject key identifier:   58:A7:52:F5:02:6B:56:F9:A8:86:BE:70:0D:6F:66:72:1D:47:13:BE
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       0198A19623A43C928F21E68864CECDA3DEDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          13B2
Signing time:             Wed 13 Aug 2025 04:00:27 +0000
Manifest this update:     Wed 13 Aug 2025 04:00:27 +0000
Manifest next update:     Thu 14 Aug 2025 04:00:27 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: UV/lLb5QdWOJhAHBVs6b8KYPQSHpqNymSnTEOJzsQN8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a1:96:23:a4:3c:92:8f:21:e6:88:64:ce:cd:a3:de:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Aug 13 04:00:27 2025 GMT
            Not After : Aug 14 04:00:27 2025 GMT
        Subject: CN=58a752f5026b56f9a886be700d6f66721d4713be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:11:95:9d:cf:ce:86:19:ec:ca:3b:a8:b0:88:
                    d2:60:17:06:7b:96:d3:be:93:7a:a6:19:cc:23:6b:
                    a4:b6:79:d7:aa:47:0c:75:04:53:0e:2e:6e:e8:51:
                    34:30:8d:f3:ec:8a:d5:e2:ce:89:6a:bb:2e:38:d7:
                    87:4f:68:fe:6f:f1:a6:8b:fb:15:2c:be:e8:68:df:
                    c6:bc:59:6d:53:29:97:70:1f:d5:66:de:dd:0e:45:
                    6f:3b:45:68:90:cb:e1:a1:a6:7d:f8:a4:a7:40:ba:
                    9c:81:7c:e5:98:f4:7f:37:fb:14:0b:6a:18:6c:df:
                    3c:e1:dd:f0:d1:5e:68:a7:68:8b:1f:3d:0e:5c:60:
                    4f:c6:25:2a:3e:de:b1:bb:a3:86:ff:ba:21:bf:52:
                    1e:64:29:ed:d7:80:fb:40:cc:d4:aa:a1:29:d2:b5:
                    f3:06:d4:be:6a:ee:ba:67:39:80:8d:5f:59:b4:62:
                    b8:fb:98:49:89:de:66:39:90:b8:fb:3e:19:96:95:
                    2d:0a:0d:fd:79:2a:c5:da:bb:7e:1a:0f:c5:aa:f4:
                    04:c4:93:5d:6b:89:7c:70:18:60:89:b2:fd:bd:17:
                    3b:1d:0a:3b:96:b0:78:6f:ac:91:9e:b7:00:bc:8a:
                    72:9c:4d:e4:70:4e:cb:de:2a:c1:83:6b:56:58:9c:
                    06:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A7:52:F5:02:6B:56:F9:A8:86:BE:70:0D:6F:66:72:1D:47:13:BE
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:00:7a:f7:ff:7d:5d:09:c0:7b:71:d3:69:c1:fc:8d:01:cd:
         62:14:78:68:18:34:e5:cb:b7:47:89:e0:0f:63:de:e3:44:9b:
         b2:79:2c:f7:35:0a:68:54:d0:52:36:5e:fb:2b:1d:20:8f:8f:
         1e:a2:b8:0e:3d:86:03:cc:97:eb:be:6d:36:75:61:92:b2:78:
         0c:10:53:42:ea:c1:a5:d1:82:8a:3b:c4:0c:72:7d:7c:ad:57:
         62:8e:7b:79:47:9a:b5:32:b2:5e:60:81:28:eb:f4:bc:8a:fe:
         57:c1:94:d8:c3:8d:33:5c:ab:b5:f3:95:43:a6:2c:1e:18:cc:
         53:30:cc:00:7f:69:c4:28:e4:e0:c2:a7:c7:4c:4c:92:78:19:
         37:3a:73:28:8f:af:2b:c5:7f:33:c2:cf:41:42:d6:26:71:99:
         15:c1:3a:3d:54:c2:1d:54:de:dd:4d:3f:57:5b:59:af:5f:11:
         b3:83:3c:2b:4c:d9:37:e5:bd:c9:8c:23:a7:03:d0:f0:b1:af:
         82:e2:5c:98:8f:d7:5f:27:2d:2c:28:26:52:56:01:51:b3:37:
         4c:a0:f7:22:01:eb:98:9e:08:f5:6b:d5:f7:18:4f:82:9b:97:
         b3:8e:ae:c7:55:da:38:0b:85:c6:af:96:58:af:63:99:8c:09:
         ca:70:63:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZihliOkPJKPIeaIZM7No97fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjUwODEzMDQwMDI3WhcNMjUwODE0MDQwMDI3WjAzMTEwLwYDVQQD
Eyg1OGE3NTJmNTAyNmI1NmY5YTg4NmJlNzAwZDZmNjY3MjFkNDcxM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhGVnc/OhhnsyjuosIjSYBcGe5bT
vpN6phnMI2uktnnXqkcMdQRTDi5u6FE0MI3z7IrV4s6JarsuONeHT2j+b/Gmi/sV
LL7oaN/GvFltUymXcB/VZt7dDkVvO0VokMvhoaZ9+KSnQLqcgXzlmPR/N/sUC2oY
bN884d3w0V5op2iLHz0OXGBPxiUqPt6xu6OG/7ohv1IeZCnt14D7QMzUqqEp0rXz
BtS+au66ZzmAjV9ZtGK4+5hJid5mOZC4+z4ZlpUtCg39eSrF2rt+Gg/FqvQExJNd
a4l8cBhgibL9vRc7HQo7lrB4b6yRnrcAvIpynE3kcE7L3irBg2tWWJwGYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFinUvUCa1b5qIa+cA1vZnIdRxO+MB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQB69/99
XQnAe3HTacH8jQHNYhR4aBg05cu3R4ngD2Pe40Sbsnks9zUKaFTQUjZe+ysdII+P
HqK4Dj2GA8yX675tNnVhkrJ4DBBTQurBpdGCijvEDHJ9fK1XYo57eUeatTKyXmCB
KOv0vIr+V8GU2MONM1yrtfOVQ6YsHhjMUzDMAH9pxCjk4MKnx0xMkngZNzpzKI+v
K8V/M8LPQULWJnGZFcE6PVTCHVTe3U0/V1tZr18Rs4M8K0zZN+W9yYwjpwPQ8LGv
guJcmI/XXyctLCgmUlYBUbM3TKD3IgHrmJ4I9WvV9xhPgpuXs46ux1XaOAuFxq+W
WK9jmYwJynBjSA==
-----END CERTIFICATE-----