Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.mft
File:                     B-pSPsf5N3oanl1vqGgX7T1sCoI.mft (raw, json)
Hash identifier:          CdhH4IAsft6XvxE7dXYYSD66wRXmoK+pwuBp/1iPrb0=
Subject key identifier:   F9:B0:74:7C:15:2F:B5:C7:D8:4D:87:42:6D:E5:F2:54:DF:E3:15:FF
Authority key identifier: 07:EA:52:3E:C7:F9:37:7A:1A:9E:5D:6F:A8:68:17:ED:3D:6C:0A:82
Certificate issuer:       /CN=07ea523ec7f9377a1a9e5d6fa86817ed3d6c0a82
Certificate serial:       0197B6A1A582E46B82785EE55345DE43FAA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B-pSPsf5N3oanl1vqGgX7T1sCoI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:16 +0000
Files and hashes:         1: B-pSPsf5N3oanl1vqGgX7T1sCoI.crl (hash: WdwOzxyFaePCE8Jn2aauQTCUJGAo3TpFtrCCD+TCi/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/B-pSPsf5N3oanl1vqGgX7T1sCoI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a5:82:e4:6b:82:78:5e:e5:53:45:de:43:fa:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07ea523ec7f9377a1a9e5d6fa86817ed3d6c0a82
        Validity
            Not Before: Jun 28 13:02:16 2025 GMT
            Not After : Jun 29 13:02:16 2025 GMT
        Subject: CN=f9b0747c152fb5c7d84d87426de5f254dfe315ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:75:cd:e3:05:0d:83:03:50:1f:6e:9e:fe:61:
                    fa:61:ed:b5:66:15:1a:ff:a6:30:8e:61:a9:c7:6a:
                    1f:b0:b4:0d:25:85:af:bc:ae:1e:5e:ec:56:8a:5d:
                    6d:54:0e:bb:6c:81:1e:a7:6e:5c:8c:a9:e7:e9:e1:
                    2c:3e:0e:dc:2f:c4:b9:87:7f:f7:2c:50:ba:b3:69:
                    bd:1c:f7:68:1d:65:41:da:eb:de:fa:ba:17:35:d1:
                    2f:cf:a9:6a:f6:6d:cf:99:96:47:46:c2:08:d2:9c:
                    5c:0a:ed:70:d8:68:28:be:6e:43:fa:5f:95:52:03:
                    1e:ac:bd:fd:8f:4a:b0:06:e1:d6:04:45:84:4b:ba:
                    a2:0e:73:26:61:98:fa:f8:dc:7e:10:a9:3e:e5:54:
                    58:1e:bc:b7:fc:17:ab:64:7a:89:c8:23:cf:42:6a:
                    b2:4b:e6:18:2a:f8:b7:d4:d4:78:65:29:4c:71:62:
                    ce:e1:c4:99:b9:4f:48:ad:cf:f4:d6:a6:62:5c:6d:
                    f7:29:d6:ca:49:c9:00:bc:52:09:15:ec:a7:c8:8f:
                    0f:9d:3a:58:be:20:e1:01:77:21:49:57:7a:3b:e4:
                    a5:a3:3b:0f:77:fa:2e:b3:20:c4:3c:8f:fd:36:cc:
                    57:0b:d0:0f:92:15:6d:80:6a:52:d4:be:5d:e9:60:
                    49:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:B0:74:7C:15:2F:B5:C7:D8:4D:87:42:6D:E5:F2:54:DF:E3:15:FF
            X509v3 Authority Key Identifier:
                keyid:07:EA:52:3E:C7:F9:37:7A:1A:9E:5D:6F:A8:68:17:ED:3D:6C:0A:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-pSPsf5N3oanl1vqGgX7T1sCoI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9dfcd5-07d6-4ad8-ad1d-b60fd67997bb/1/B-pSPsf5N3oanl1vqGgX7T1sCoI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:3a:eb:df:da:63:66:26:00:98:76:94:23:86:4b:5d:c5:fd:
         38:03:d8:2c:b3:9e:45:87:e5:3c:c3:e9:24:2b:46:86:ea:79:
         39:2c:8f:a9:87:f2:0f:32:b3:87:89:3a:ef:92:0e:30:52:b7:
         76:59:ef:50:a2:1b:59:eb:db:8d:d6:50:be:b3:e4:92:39:cd:
         10:72:0b:51:c1:a4:cc:4a:82:58:3d:a3:e4:42:99:1b:b3:23:
         10:d0:4e:ee:1c:e4:3a:50:bf:34:de:83:59:cd:e2:a9:19:04:
         95:03:e9:26:29:5f:d5:87:25:08:76:a2:32:dc:19:db:ea:54:
         e3:a0:3f:25:2a:bd:63:21:b9:92:7b:72:27:bd:73:c6:a5:b9:
         3d:47:23:73:96:a8:4a:44:88:f2:6f:72:65:1c:07:f9:14:99:
         cf:9b:ee:71:be:09:92:cb:b6:de:38:62:f0:e8:db:cb:5b:d7:
         74:39:1a:5b:8f:c7:f6:fb:b3:4f:8d:5f:38:4a:85:71:a2:ff:
         07:70:d1:f4:2c:fd:98:b0:45:22:82:1c:25:f0:16:55:81:be:
         a9:9f:26:57:90:a9:bf:f1:19:70:6f:bd:cc:84:a3:cd:75:9d:
         64:c0:02:25:8e:da:f1:f5:cd:c0:12:c3:b0:56:ce:52:d6:f6:
         8f:2f:08:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oaWC5GuCeF7lU0XeQ/qmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZWE1MjNlYzdmOTM3N2ExYTllNWQ2ZmE4NjgxN2VkM2Q2
YzBhODIwHhcNMjUwNjI4MTMwMjE2WhcNMjUwNjI5MTMwMjE2WjAzMTEwLwYDVQQD
EyhmOWIwNzQ3YzE1MmZiNWM3ZDg0ZDg3NDI2ZGU1ZjI1NGRmZTMxNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXXN4wUNgwNQH26e/mH6Ye21ZhUa
/6YwjmGpx2ofsLQNJYWvvK4eXuxWil1tVA67bIEep25cjKnn6eEsPg7cL8S5h3/3
LFC6s2m9HPdoHWVB2uve+roXNdEvz6lq9m3PmZZHRsII0pxcCu1w2Ggovm5D+l+V
UgMerL39j0qwBuHWBEWES7qiDnMmYZj6+Nx+EKk+5VRYHry3/BerZHqJyCPPQmqy
S+YYKvi31NR4ZSlMcWLO4cSZuU9Irc/01qZiXG33KdbKSckAvFIJFeynyI8PnTpY
viDhAXchSVd6O+SlozsPd/ousyDEPI/9NsxXC9APkhVtgGpS1L5d6WBJ/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmwdHwVL7XH2E2HQm3l8lTf4xX/MB8GA1UdIwQY
MBaAFAfqUj7H+Td6Gp5db6hoF+09bAqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1wU1BzZjVOM29hbmwxdnFHZ1g3VDFzQ29JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS85ZGZjZDUtMDdkNi00YWQ4LWFkMWQt
YjYwZmQ2Nzk5N2JiLzEvQi1wU1BzZjVOM29hbmwxdnFHZ1g3VDFzQ29JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS85ZGZjZDUtMDdkNi00YWQ4LWFkMWQtYjYwZmQ2Nzk5N2Ji
LzEvQi1wU1BzZjVOM29hbmwxdnFHZ1g3VDFzQ29JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALTrr39pj
ZiYAmHaUI4ZLXcX9OAPYLLOeRYflPMPpJCtGhup5OSyPqYfyDzKzh4k675IOMFK3
dlnvUKIbWevbjdZQvrPkkjnNEHILUcGkzEqCWD2j5EKZG7MjENBO7hzkOlC/NN6D
Wc3iqRkElQPpJilf1YclCHaiMtwZ2+pU46A/JSq9YyG5kntyJ71zxqW5PUcjc5ao
SkSI8m9yZRwH+RSZz5vucb4Jksu23jhi8Ojby1vXdDkaW4/H9vuzT41fOEqFcaL/
B3DR9Cz9mLBFIoIcJfAWVYG+qZ8mV5Cpv/EZcG+9zISjzXWdZMACJY7a8fXNwBLD
sFbOUtb2jy8IRQ==
-----END CERTIFICATE-----