Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          XRDCR4cSy67sMTU7nfxoc/vnm5SAxUf13j0PGY0+DCA=
Subject key identifier:   CE:72:7D:31:8A:DA:C4:9D:25:F2:DA:38:B5:8F:C3:42:6D:AA:C6:C8
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       0197B88F65725B13105EA7F207C0826B56F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          066B
Signing time:             Sat 28 Jun 2025 22:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:34 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: 1R39NuAfBYKxRgizNV/CYC/qO6IFHgF5amJI0E7+tS0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:65:72:5b:13:10:5e:a7:f2:07:c0:82:6b:56:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Jun 28 22:01:34 2025 GMT
            Not After : Jun 29 22:01:34 2025 GMT
        Subject: CN=ce727d318adac49d25f2da38b58fc3426daac6c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ea:6c:07:ad:e4:18:4e:0b:91:71:a9:90:80:
                    a8:b4:2f:a8:1b:ea:d4:23:ce:98:6c:74:b9:99:f7:
                    72:d5:e5:98:08:d0:2e:40:f6:f7:4a:94:04:ed:30:
                    80:0a:65:48:9e:49:5c:8c:d7:05:9c:a3:90:f9:af:
                    12:74:0b:bc:8c:96:3f:1e:52:64:fa:ec:c5:d4:68:
                    03:c5:ab:79:29:c2:50:eb:ef:52:af:86:e2:7a:f4:
                    a0:fa:69:66:46:64:33:4e:30:30:d8:a4:58:55:ff:
                    ee:7f:ab:86:85:24:a1:f3:9f:b0:6d:f3:c5:f5:9f:
                    5c:f9:13:e9:ec:37:d7:8b:4a:44:bd:66:ac:95:2a:
                    44:95:48:f8:5b:fc:cb:bc:f1:24:74:59:a3:a3:21:
                    40:2f:4b:da:e1:75:d5:e0:7a:28:ab:cd:3b:1c:87:
                    1a:27:0f:d4:9a:82:25:9c:06:4a:c8:3f:21:d2:a0:
                    00:e7:a4:41:57:ec:b9:43:7f:ff:da:7f:5d:0c:0d:
                    6e:55:cf:8e:e1:63:dc:3a:46:2d:ee:25:b2:e1:52:
                    e8:70:9a:3c:cf:0a:2b:0e:d5:fa:97:62:80:8f:9f:
                    fe:97:48:b4:be:d7:00:9f:e6:2d:2b:2d:ab:91:96:
                    9a:38:16:84:a8:5d:e0:24:e8:d0:2d:4b:86:fd:fb:
                    c9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:72:7D:31:8A:DA:C4:9D:25:F2:DA:38:B5:8F:C3:42:6D:AA:C6:C8
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b6:03:1c:2d:bc:86:40:ff:e1:aa:6e:3a:eb:09:6a:ee:34:
         1d:31:6f:dc:95:e3:d7:55:c8:c9:00:7b:e4:c6:7a:e9:c8:25:
         15:aa:33:ca:42:0c:2e:4a:20:d6:32:81:19:b9:60:62:0d:83:
         b8:6c:d0:e0:a0:1e:cc:ff:13:ff:bd:74:46:74:c8:0b:22:21:
         35:fa:de:87:44:74:4a:6b:74:32:21:83:ce:ef:80:f2:df:24:
         ef:a1:07:6a:7f:93:e3:41:0d:f7:f0:34:8a:74:06:b9:d2:eb:
         d4:fa:a1:7f:eb:6f:b3:c1:49:44:18:f6:26:05:9f:c9:df:82:
         db:4c:b6:0f:de:19:63:8f:18:ea:e7:bf:e1:db:5f:ef:08:ee:
         2f:b3:3a:b1:2b:45:12:76:f2:31:8a:73:dd:38:eb:d1:74:df:
         df:e5:4b:f9:18:5d:0f:2a:06:17:0d:6d:04:08:f3:33:4a:e4:
         df:a1:8f:bb:a4:aa:c7:58:f3:76:4d:60:98:a1:33:37:47:25:
         60:b1:a9:ec:05:87:9f:ef:5b:8f:5e:e4:40:e5:c2:20:5d:2a:
         7a:59:1b:1f:f8:39:d3:db:50:da:4d:43:05:e7:f4:d4:da:4a:
         16:7f:32:40:63:f1:3c:45:be:b9:00:09:24:68:da:2f:82:d5:
         4e:5e:8b:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j2VyWxMQXqfyB8CCa1b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUwNjI4MjIwMTM0WhcNMjUwNjI5MjIwMTM0WjAzMTEwLwYDVQQD
EyhjZTcyN2QzMThhZGFjNDlkMjVmMmRhMzhiNThmYzM0MjZkYWFjNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzepsB63kGE4LkXGpkICotC+oG+rU
I86YbHS5mfdy1eWYCNAuQPb3SpQE7TCACmVInklcjNcFnKOQ+a8SdAu8jJY/HlJk
+uzF1GgDxat5KcJQ6+9Sr4bievSg+mlmRmQzTjAw2KRYVf/uf6uGhSSh85+wbfPF
9Z9c+RPp7DfXi0pEvWaslSpElUj4W/zLvPEkdFmjoyFAL0va4XXV4Hooq807HIca
Jw/UmoIlnAZKyD8h0qAA56RBV+y5Q3//2n9dDA1uVc+O4WPcOkYt7iWy4VLocJo8
zworDtX6l2KAj5/+l0i0vtcAn+YtKy2rkZaaOBaEqF3gJOjQLUuG/fvJwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5yfTGK2sSdJfLaOLWPw0JtqsbIMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7YDHC28
hkD/4apuOusJau40HTFv3JXj11XIyQB75MZ66cglFaozykIMLkog1jKBGblgYg2D
uGzQ4KAezP8T/710RnTICyIhNfreh0R0Smt0MiGDzu+A8t8k76EHan+T40EN9/A0
inQGudLr1Pqhf+tvs8FJRBj2JgWfyd+C20y2D94ZY48Y6ue/4dtf7wjuL7M6sStF
EnbyMYpz3Tjr0XTf3+VL+RhdDyoGFw1tBAjzM0rk36GPu6Sqx1jzdk1gmKEzN0cl
YLGp7AWHn+9bj17kQOXCIF0qelkbH/g509tQ2k1DBef01NpKFn8yQGPxPEW+uQAJ
JGjaL4LVTl6LfQ==
-----END CERTIFICATE-----