Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          5EmqrmfYr617BY5FOXeoqrOUqJwVEgkHltv5MF739aM=
Subject key identifier:   41:40:DC:EC:4B:CA:04:2D:97:A6:82:CF:FD:F1:1D:98:47:FF:A8:80
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       0197B70E98CAE61770B006ECE8315109733D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          07CA
Signing time:             Sat 28 Jun 2025 15:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:16 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: MV9jH/ypNHLtS8TO9YIgpLDl8X2zyAlr1HmjbqY6X6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:98:ca:e6:17:70:b0:06:ec:e8:31:51:09:73:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Jun 28 15:01:16 2025 GMT
            Not After : Jun 29 15:01:16 2025 GMT
        Subject: CN=4140dcec4bca042d97a682cffdf11d9847ffa880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6e:39:68:42:d1:35:08:d3:28:ce:d5:51:7a:
                    c0:4d:f9:e3:b9:00:b1:6d:92:bf:f0:9a:c2:e2:74:
                    3b:b7:66:8d:5f:a4:60:e6:5e:1f:0f:bb:35:41:7b:
                    17:a7:a4:e9:67:60:aa:43:2f:06:92:03:49:49:bc:
                    0e:b8:d8:b2:87:08:c8:6c:5c:78:db:15:e6:9e:2c:
                    21:46:ac:56:52:5e:ec:1d:ef:f7:fb:5a:bd:64:7a:
                    52:13:1c:41:40:88:77:a1:f3:fe:65:da:a5:44:26:
                    e2:27:16:37:b3:91:f2:c6:b6:80:af:94:4b:c3:52:
                    15:8e:4e:b6:b5:8b:cd:1c:67:45:47:cf:ba:86:5e:
                    c9:53:48:0f:5d:7c:65:9d:d7:93:63:a7:1b:15:5a:
                    67:98:30:47:45:b1:a3:08:db:a6:23:44:95:69:61:
                    aa:cf:21:dd:75:c9:59:3b:a1:17:05:11:52:58:2c:
                    7f:e8:2e:93:9a:3d:ec:b4:0b:8d:de:df:31:93:85:
                    14:32:12:d9:21:b2:45:00:00:80:17:3c:93:e1:98:
                    92:92:6b:09:a1:ff:b1:08:53:bb:92:d4:ca:fc:f9:
                    02:5a:f1:5d:d6:b8:64:f2:68:e8:0b:ba:6d:da:fd:
                    24:46:e6:c1:0a:11:26:4c:af:d2:61:79:6c:dd:4e:
                    94:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:40:DC:EC:4B:CA:04:2D:97:A6:82:CF:FD:F1:1D:98:47:FF:A8:80
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:44:56:ee:03:3d:09:1a:3f:20:fd:19:44:5b:f8:fd:2e:ec:
         56:53:0b:db:ee:fb:f7:9d:6a:34:a4:42:f9:a7:09:2d:92:c0:
         45:2f:f0:20:16:2d:b0:d2:cb:ad:27:cc:3d:e0:a3:6c:68:89:
         95:da:73:0c:e3:fd:38:b2:08:fe:61:1d:d5:5b:b5:cf:3e:66:
         5f:a7:d3:0f:43:c3:3e:78:c6:3b:dd:14:ea:f4:f7:f3:b0:33:
         70:64:e4:8c:2b:8b:ad:aa:6c:f2:c4:86:b1:33:a0:6b:4c:77:
         cf:19:a6:34:85:61:37:82:99:0f:0c:63:bb:1a:dc:9e:8c:90:
         8b:50:55:94:7b:6a:0d:6a:5f:9f:d7:6a:3c:25:14:e3:80:ef:
         4a:e7:10:43:fb:bf:20:ec:2e:76:25:20:23:9d:b2:d3:29:75:
         70:9d:9a:c1:0c:c1:13:88:13:45:52:c4:fb:15:c1:11:65:76:
         f9:bc:70:68:e7:d2:bb:3b:1e:57:0a:c3:8e:cb:ff:0c:cb:8c:
         00:52:02:3f:f7:8b:5c:19:27:4f:4c:9f:67:fc:2b:3d:49:e3:
         92:57:0b:38:9e:cf:a5:7f:4e:d9:17:00:b2:2e:c0:04:0d:2b:
         b7:37:6a:84:f0:51:c8:ad:7e:63:39:c7:cf:c1:8c:ad:ab:97:
         55:f9:be:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DpjK5hdwsAbs6DFRCXM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUwNjI4MTUwMTE2WhcNMjUwNjI5MTUwMTE2WjAzMTEwLwYDVQQD
Eyg0MTQwZGNlYzRiY2EwNDJkOTdhNjgyY2ZmZGYxMWQ5ODQ3ZmZhODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum45aELRNQjTKM7VUXrATfnjuQCx
bZK/8JrC4nQ7t2aNX6Rg5l4fD7s1QXsXp6TpZ2CqQy8GkgNJSbwOuNiyhwjIbFx4
2xXmniwhRqxWUl7sHe/3+1q9ZHpSExxBQIh3ofP+ZdqlRCbiJxY3s5HyxraAr5RL
w1IVjk62tYvNHGdFR8+6hl7JU0gPXXxlndeTY6cbFVpnmDBHRbGjCNumI0SVaWGq
zyHddclZO6EXBRFSWCx/6C6Tmj3stAuN3t8xk4UUMhLZIbJFAACAFzyT4ZiSkmsJ
of+xCFO7ktTK/PkCWvFd1rhk8mjoC7pt2v0kRubBChEmTK/SYXls3U6UxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFA3OxLygQtl6aCz/3xHZhH/6iAMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo0RW7gM9
CRo/IP0ZRFv4/S7sVlML2+77951qNKRC+acJLZLARS/wIBYtsNLLrSfMPeCjbGiJ
ldpzDOP9OLII/mEd1Vu1zz5mX6fTD0PDPnjGO90U6vT387AzcGTkjCuLraps8sSG
sTOga0x3zxmmNIVhN4KZDwxjuxrcnoyQi1BVlHtqDWpfn9dqPCUU44DvSucQQ/u/
IOwudiUgI52y0yl1cJ2awQzBE4gTRVLE+xXBEWV2+bxwaOfSuzseVwrDjsv/DMuM
AFICP/eLXBknT0yfZ/wrPUnjklcLOJ7PpX9O2RcAsi7ABA0rtzdqhPBRyK1+YznH
z8GMrauXVfm+Hw==
-----END CERTIFICATE-----