Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          RnIIfd29E+HRaVw52HnZTmjrugqhobFKt29GEYYJmnw=
Subject key identifier:   58:2E:9D:70:D8:9A:73:AE:7C:38:C1:12:68:85:2A:E6:B6:29:DC:42
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       0197BAEB209F153A0294015FA7838A535B86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          15B4
Signing time:             Sun 29 Jun 2025 09:01:00 +0000
Manifest this update:     Sun 29 Jun 2025 09:01:00 +0000
Manifest next update:     Mon 30 Jun 2025 09:01:00 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: DoMGlXUz+mX4NUT8Al3YafmidSCu4XrKdtV3zneesDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:eb:20:9f:15:3a:02:94:01:5f:a7:83:8a:53:5b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: Jun 29 09:01:00 2025 GMT
            Not After : Jun 30 09:01:00 2025 GMT
        Subject: CN=582e9d70d89a73ae7c38c11268852ae6b629dc42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1c:60:e8:1b:2e:6b:f3:b3:47:7b:c8:bb:25:
                    d2:f5:85:56:e5:dc:cf:15:e3:d5:10:26:79:b5:e0:
                    7e:c6:cf:d8:b3:b3:d5:06:30:18:48:3a:04:75:62:
                    0d:8e:61:a3:49:dc:ff:2d:09:c8:ff:10:cb:5d:46:
                    b3:a7:80:71:ee:8c:aa:6d:ad:52:30:43:45:f2:5a:
                    1b:b0:f9:f5:e8:6d:c0:ff:14:9d:37:c6:52:bb:c5:
                    94:1a:e6:ff:e6:ae:bd:55:9e:dc:59:36:b3:92:ec:
                    c7:3a:53:c7:21:b1:ec:e0:2d:f1:39:64:8b:83:2c:
                    2c:5d:9f:2e:89:97:9a:05:f3:e7:64:af:2b:55:6d:
                    b4:59:84:eb:37:ca:9f:ad:f9:52:a9:89:7d:65:21:
                    65:63:23:26:9f:6f:c0:95:ea:62:a9:ca:17:61:c6:
                    be:24:db:3d:fb:fd:27:c1:e3:2c:44:df:d2:4d:ec:
                    9b:03:6f:96:91:b6:d8:01:7e:36:68:c6:6d:54:43:
                    e1:a1:c4:37:a9:b2:c6:0c:13:e2:6b:c8:a3:1b:ba:
                    3f:6c:7e:49:0a:1b:de:41:07:ec:3f:9e:35:b3:78:
                    97:e4:1b:65:80:09:15:2e:9c:85:2a:82:19:f6:ce:
                    73:74:c0:de:7e:fc:93:2d:47:2c:d1:10:59:06:24:
                    4e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:2E:9D:70:D8:9A:73:AE:7C:38:C1:12:68:85:2A:E6:B6:29:DC:42
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:39:75:e1:cc:80:14:8d:59:43:40:fe:0f:10:ec:0e:41:a2:
         f2:6e:7a:d4:d6:46:92:9b:9a:98:48:e6:5d:3e:38:e1:84:99:
         dc:df:0b:73:21:b7:25:89:02:15:25:3e:2b:61:32:66:92:a2:
         4d:6a:34:a5:1d:69:42:1a:24:ed:98:81:23:82:71:57:46:ff:
         3a:ca:c4:e1:ef:c7:be:92:0f:cd:44:2d:74:7f:92:1f:94:6b:
         f0:95:83:74:77:ea:8d:95:0d:40:5e:47:d7:3f:77:5d:81:29:
         3b:28:c5:b3:90:e4:8e:14:a2:e7:7d:b6:84:e8:d4:4f:25:23:
         ec:3f:bf:a0:4c:b2:a1:5c:53:50:32:3c:a7:7d:17:08:12:0e:
         bf:a5:bc:8b:f8:3d:15:8e:fa:2b:23:6e:a8:04:d1:5c:51:6e:
         04:22:f2:3a:80:26:58:01:be:b6:0e:e0:61:bd:cb:19:e4:1f:
         22:4b:72:01:39:dc:44:cd:54:a7:8f:9e:70:4a:a4:35:04:af:
         35:04:0e:45:e7:e7:0e:fc:b9:b6:79:4f:9c:00:66:f6:86:1f:
         09:bd:2f:4e:75:e7:fd:8a:2d:9c:58:9a:1a:d5:f9:7a:e0:94:
         05:7d:c2:8d:e4:1e:35:15:86:03:da:df:8a:18:5a:1b:72:80:
         a6:07:cc:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe66yCfFToClAFfp4OKU1uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjUwNjI5MDkwMTAwWhcNMjUwNjMwMDkwMTAwWjAzMTEwLwYDVQQD
Eyg1ODJlOWQ3MGQ4OWE3M2FlN2MzOGMxMTI2ODg1MmFlNmI2MjlkYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRxg6Bsua/OzR3vIuyXS9YVW5dzP
FePVECZ5teB+xs/Ys7PVBjAYSDoEdWINjmGjSdz/LQnI/xDLXUazp4Bx7oyqba1S
MENF8lobsPn16G3A/xSdN8ZSu8WUGub/5q69VZ7cWTazkuzHOlPHIbHs4C3xOWSL
gywsXZ8uiZeaBfPnZK8rVW20WYTrN8qfrflSqYl9ZSFlYyMmn2/AlepiqcoXYca+
JNs9+/0nweMsRN/STeybA2+WkbbYAX42aMZtVEPhocQ3qbLGDBPia8ijG7o/bH5J
ChveQQfsP541s3iX5BtlgAkVLpyFKoIZ9s5zdMDefvyTLUcs0RBZBiROWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgunXDYmnOufDjBEmiFKua2KdxCMB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkDl14cyA
FI1ZQ0D+DxDsDkGi8m561NZGkpuamEjmXT444YSZ3N8LcyG3JYkCFSU+K2EyZpKi
TWo0pR1pQhok7ZiBI4JxV0b/OsrE4e/HvpIPzUQtdH+SH5Rr8JWDdHfqjZUNQF5H
1z93XYEpOyjFs5DkjhSi5322hOjUTyUj7D+/oEyyoVxTUDI8p30XCBIOv6W8i/g9
FY76KyNuqATRXFFuBCLyOoAmWAG+tg7gYb3LGeQfIktyATncRM1Up4+ecEqkNQSv
NQQORefnDvy5tnlPnABm9oYfCb0vTnXn/YotnFiaGtX5euCUBX3CjeQeNRWGA9rf
ihhaG3KApgfMYg==
-----END CERTIFICATE-----