Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
File:                     sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft (raw, json)
Hash identifier:          vnkbLACCLr+vbwLdejKWKgkEPrHxMwaTnVQx5U6EMiw=
Subject key identifier:   C1:19:E2:59:B3:9C:BF:BC:2A:5D:E6:9B:10:9C:37:F2:3E:00:24:96
Authority key identifier: B0:7F:DF:43:7C:6F:5B:C7:3C:7D:CD:55:CE:58:CD:92:E4:9D:60:2E
Certificate issuer:       /CN=b07fdf437c6f5bc73c7dcd55ce58cd92e49d602e
Certificate serial:       0197B6D78E257D5DDDA9405C51CEEFE541BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 14:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:09 +0000
Files and hashes:         1: sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl (hash: IuJdwIanllYHH7AvkCwyPnHnfWxnjHID4zKTIDSnHfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:8e:25:7d:5d:dd:a9:40:5c:51:ce:ef:e5:41:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b07fdf437c6f5bc73c7dcd55ce58cd92e49d602e
        Validity
            Not Before: Jun 28 14:01:09 2025 GMT
            Not After : Jun 29 14:01:09 2025 GMT
        Subject: CN=c119e259b39cbfbc2a5de69b109c37f23e002496
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:77:a3:e6:77:db:15:1b:79:76:0c:5a:23:9c:
                    d2:51:6d:8f:60:1d:ef:c5:2a:40:74:9a:96:3e:b7:
                    bb:5a:76:6e:c8:1a:b2:ad:07:ff:81:4c:90:8e:10:
                    79:f5:ec:a9:e1:43:bf:0f:e8:f5:b5:04:ef:cd:c6:
                    53:49:f4:1e:d9:06:71:ec:66:03:ac:36:cb:19:1c:
                    0f:48:ad:27:f9:b2:ed:6b:6d:21:65:39:78:ab:eb:
                    14:3e:3b:39:90:a3:29:43:c5:a4:b3:73:77:e5:10:
                    50:46:6c:bc:20:09:a9:e4:5a:b6:96:f1:d6:ee:71:
                    b0:0d:80:7a:db:5a:cd:66:6b:a5:c1:b2:62:2c:bc:
                    ba:07:30:b3:ca:24:d4:54:c5:22:aa:7e:e5:98:f8:
                    10:6a:46:fe:4d:00:82:84:ab:10:6f:66:2c:40:42:
                    49:0c:ce:dc:95:94:ed:f5:f9:35:c6:1c:12:9e:09:
                    75:0c:51:4e:48:52:b2:aa:91:43:59:a4:8b:f6:a0:
                    84:12:d0:e2:7b:77:b8:3e:7d:92:8e:c7:84:74:ec:
                    a7:11:49:33:d1:21:f1:98:2a:97:c3:9f:5f:d5:d2:
                    26:ca:d3:9f:82:55:38:9f:ce:43:4b:8b:f9:46:67:
                    a5:34:9e:b2:cf:67:8d:c0:98:f6:4f:2a:49:b7:08:
                    c0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:19:E2:59:B3:9C:BF:BC:2A:5D:E6:9B:10:9C:37:F2:3E:00:24:96
            X509v3 Authority Key Identifier:
                keyid:B0:7F:DF:43:7C:6F:5B:C7:3C:7D:CD:55:CE:58:CD:92:E4:9D:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sH_fQ3xvW8c8fc1VzljNkuSdYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bb0a42-6a19-4577-99d2-a78b97eea5c1/1/sH_fQ3xvW8c8fc1VzljNkuSdYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:3d:9f:6f:50:a2:c5:a7:25:11:3e:d0:3a:72:6a:e0:1e:1f:
         8c:a6:5a:af:24:bc:30:fc:47:be:4c:1d:a9:4c:3e:37:cc:63:
         b2:07:13:2f:e2:56:97:26:7c:ec:43:96:8e:9a:64:3e:08:7b:
         bb:b3:bd:8e:42:0e:b9:30:69:59:b2:b9:3a:11:90:78:32:65:
         45:f2:28:10:bb:99:68:88:82:5a:6b:ca:c6:ac:6a:ac:29:3b:
         bb:72:49:ee:8a:d5:b2:f4:61:37:99:a4:9e:01:fe:17:cf:e4:
         75:db:a4:6b:c5:8a:c5:2d:8d:98:61:d1:6a:b1:ad:f4:16:1b:
         b3:01:d3:02:f4:71:45:19:df:d5:21:7e:59:03:be:94:34:27:
         7c:05:1f:43:f0:9d:32:bf:b0:89:23:34:d6:90:b6:96:16:59:
         86:66:ee:56:b9:98:48:59:17:43:65:c6:f0:e0:36:4c:0e:f2:
         43:24:4c:38:51:5f:af:4d:2d:ed:86:91:4d:b8:ee:87:29:ad:
         7a:af:aa:e5:69:cf:f7:bb:08:1b:bb:ad:48:17:fe:31:ee:1c:
         8c:f4:4d:38:94:50:bb:e3:4c:d8:00:bd:0d:fe:11:28:8a:fe:
         8e:79:eb:09:d1:e0:00:ba:67:2d:b1:01:f5:a4:c7:7b:dd:a0:
         4a:d7:3b:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2144lfV3dqUBcUc7v5UG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2ZkZjQzN2M2ZjViYzczYzdkY2Q1NWNlNThjZDkyZTQ5
ZDYwMmUwHhcNMjUwNjI4MTQwMTA5WhcNMjUwNjI5MTQwMTA5WjAzMTEwLwYDVQQD
EyhjMTE5ZTI1OWIzOWNiZmJjMmE1ZGU2OWIxMDljMzdmMjNlMDAyNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nej5nfbFRt5dgxaI5zSUW2PYB3v
xSpAdJqWPre7WnZuyBqyrQf/gUyQjhB59eyp4UO/D+j1tQTvzcZTSfQe2QZx7GYD
rDbLGRwPSK0n+bLta20hZTl4q+sUPjs5kKMpQ8Wks3N35RBQRmy8IAmp5Fq2lvHW
7nGwDYB621rNZmulwbJiLLy6BzCzyiTUVMUiqn7lmPgQakb+TQCChKsQb2YsQEJJ
DM7clZTt9fk1xhwSngl1DFFOSFKyqpFDWaSL9qCEEtDie3e4Pn2SjseEdOynEUkz
0SHxmCqXw59f1dImytOfglU4n85DS4v5RmelNJ6yz2eNwJj2TypJtwjAfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEZ4lmznL+8Kl3mmxCcN/I+ACSWMB8GA1UdIwQY
MBaAFLB/30N8b1vHPH3NVc5YzZLknWAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYjBhNDItNmExOS00NTc3LTk5ZDIt
YTc4Yjk3ZWVhNWMxLzEvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYjBhNDItNmExOS00NTc3LTk5ZDItYTc4Yjk3ZWVhNWMx
LzEvc0hfZlEzeHZXOGM4ZmMxVnpsak5rdVNkWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3j2fb1Ci
xaclET7QOnJq4B4fjKZaryS8MPxHvkwdqUw+N8xjsgcTL+JWlyZ87EOWjppkPgh7
u7O9jkIOuTBpWbK5OhGQeDJlRfIoELuZaIiCWmvKxqxqrCk7u3JJ7orVsvRhN5mk
ngH+F8/kdduka8WKxS2NmGHRarGt9BYbswHTAvRxRRnf1SF+WQO+lDQnfAUfQ/Cd
Mr+wiSM01pC2lhZZhmbuVrmYSFkXQ2XG8OA2TA7yQyRMOFFfr00t7YaRTbjuhymt
eq+q5WnP97sIG7utSBf+Me4cjPRNOJRQu+NM2AC9Df4RKIr+jnnrCdHgALpnLbEB
9aTHe92gStc77Q==
-----END CERTIFICATE-----