Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          0Iq9FpdpNrjWCPSBBndG+ygAtnvysCun2RNOaK2FWL4=
Subject key identifier:   9A:A5:17:7F:DE:AD:5F:3E:A4:C8:18:39:18:EF:BD:88:01:62:0B:CE
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       01976D74346512019276641FF62D45FBDE5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0C97
Signing time:             Sat 14 Jun 2025 08:00:21 +0000
Manifest this update:     Sat 14 Jun 2025 08:00:21 +0000
Manifest next update:     Sun 15 Jun 2025 08:00:21 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: MroraXc3x9bPR7q0Nas443ir0zmhEL6KJb7M8HLa0EQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:74:34:65:12:01:92:76:64:1f:f6:2d:45:fb:de:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Jun 14 08:00:21 2025 GMT
            Not After : Jun 15 08:00:21 2025 GMT
        Subject: CN=9aa5177fdead5f3ea4c8183918efbd8801620bce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:47:75:52:5d:79:cf:e3:a7:f5:27:d9:38:1e:
                    4d:cc:c0:8a:14:43:e7:44:d0:3b:e5:df:e7:8f:bc:
                    1b:b6:b4:bf:16:93:f7:b8:d1:7d:f7:6f:a2:48:20:
                    82:af:2c:d7:b9:ef:08:cf:0b:ad:52:40:68:56:1b:
                    f1:e6:4a:b8:6d:2a:ac:83:96:2a:38:2f:96:1e:40:
                    78:f2:c3:a2:a1:ea:45:fe:58:83:44:53:92:36:1c:
                    b5:e3:ad:44:de:0d:85:47:b8:81:33:6d:e2:9e:17:
                    8a:4b:30:48:58:1f:96:50:63:c4:a7:55:ce:91:dc:
                    80:f0:06:e0:98:ae:b6:29:c1:85:c0:aa:b9:c5:1b:
                    cc:4e:57:34:91:ea:2f:71:7e:ca:4f:98:ac:a6:b4:
                    94:f4:5d:7f:5c:36:6d:61:37:2a:04:18:24:bb:e0:
                    c5:fe:6a:ef:7c:c8:6f:a9:ea:bd:4f:28:bb:e2:a5:
                    87:67:9b:70:72:cf:5b:28:86:b9:b8:42:76:bb:2e:
                    2d:32:4c:0f:ba:78:c3:24:0f:9d:7c:d6:a6:18:f0:
                    94:fb:13:90:79:f4:44:72:44:20:eb:f8:6b:f0:ee:
                    5f:44:4f:00:2e:2e:01:ad:ca:b7:e6:b4:28:c7:42:
                    cc:f3:2b:82:95:5b:c0:05:04:8e:4b:aa:61:38:5d:
                    d5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:A5:17:7F:DE:AD:5F:3E:A4:C8:18:39:18:EF:BD:88:01:62:0B:CE
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:02:ea:53:0b:22:63:5f:59:4d:e2:53:e6:66:72:2f:8b:3b:
         ef:9f:4f:03:cf:09:29:02:bc:6b:e2:78:6e:7b:ab:cc:cb:8b:
         cb:9e:cc:ae:f4:40:c3:1b:cc:80:61:52:ce:73:5b:e9:74:ca:
         91:86:17:d0:ea:27:da:00:e9:2d:f6:3d:a0:8c:33:5b:11:7c:
         c0:f1:9a:84:93:73:af:f1:2e:04:c4:5e:c1:0f:e1:6c:e7:85:
         18:ab:96:67:1a:ff:82:55:d9:a7:56:b6:aa:a7:20:1d:2e:a0:
         04:76:71:a0:40:bd:71:eb:bc:7e:ef:29:1e:04:c1:c2:38:81:
         4c:8e:4e:bb:53:2c:cb:fe:f6:8f:69:c0:00:f4:56:28:29:3a:
         c7:d0:09:80:a5:47:e3:b3:52:98:f9:43:bb:2c:7a:12:cf:a2:
         00:51:9c:16:3b:2b:46:13:7d:9e:ac:09:d2:1b:ba:ed:6c:e0:
         ff:07:fe:fb:c2:59:29:55:92:35:91:86:5a:13:68:45:85:e0:
         7d:52:83:44:d6:23:cb:9b:ad:8d:37:d2:ed:76:fb:5b:26:84:
         0a:d4:04:06:50:21:98:90:7c:d6:4d:da:d3:d6:69:95:d1:94:
         40:58:7f:4c:66:09:fa:68:a9:76:6c:6d:ac:a4:ae:b2:f5:0f:
         2e:d9:ba:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtdDRlEgGSdmQf9i1F+95bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUwNjE0MDgwMDIxWhcNMjUwNjE1MDgwMDIxWjAzMTEwLwYDVQQD
Eyg5YWE1MTc3ZmRlYWQ1ZjNlYTRjODE4MzkxOGVmYmQ4ODAxNjIwYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ud1Ul15z+On9SfZOB5NzMCKFEPn
RNA75d/nj7wbtrS/FpP3uNF992+iSCCCryzXue8IzwutUkBoVhvx5kq4bSqsg5Yq
OC+WHkB48sOioepF/liDRFOSNhy1461E3g2FR7iBM23inheKSzBIWB+WUGPEp1XO
kdyA8AbgmK62KcGFwKq5xRvMTlc0keovcX7KT5isprSU9F1/XDZtYTcqBBgku+DF
/mrvfMhvqeq9Tyi74qWHZ5twcs9bKIa5uEJ2uy4tMkwPunjDJA+dfNamGPCU+xOQ
efREckQg6/hr8O5fRE8ALi4Brcq35rQox0LM8yuClVvABQSOS6phOF3V3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqlF3/erV8+pMgYORjvvYgBYgvOMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEALqUwsi
Y19ZTeJT5mZyL4s7759PA88JKQK8a+J4bnurzMuLy57MrvRAwxvMgGFSznNb6XTK
kYYX0Oon2gDpLfY9oIwzWxF8wPGahJNzr/EuBMRewQ/hbOeFGKuWZxr/glXZp1a2
qqcgHS6gBHZxoEC9ceu8fu8pHgTBwjiBTI5Ou1Msy/72j2nAAPRWKCk6x9AJgKVH
47NSmPlDuyx6Es+iAFGcFjsrRhN9nqwJ0hu67Wzg/wf++8JZKVWSNZGGWhNoRYXg
fVKDRNYjy5utjTfS7Xb7WyaECtQEBlAhmJB81k3a09ZpldGUQFh/TGYJ+mipdmxt
rKSusvUPLtm6KA==
-----END CERTIFICATE-----