Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          9jr8iGkS1w8eSvKuk2N71hc08vpARRlHwqZcPrX8/WY=
Subject key identifier:   B8:87:DA:33:1A:26:26:D7:B0:95:07:7D:1A:88:05:50:1D:82:43:32
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       0197B74595BF3DEFC18396DA78E36AE79C34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 16:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:20 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: WX+cF6h8Cb2Yykzj0FtM/7lC2zN4C/tU9JU2o9gi2l4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:95:bf:3d:ef:c1:83:96:da:78:e3:6a:e7:9c:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Jun 28 16:01:20 2025 GMT
            Not After : Jun 29 16:01:20 2025 GMT
        Subject: CN=b887da331a2626d7b095077d1a8805501d824332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5e:4e:e6:ae:aa:83:cd:ef:92:14:bf:b2:e9:
                    c0:e3:b8:10:74:76:62:6f:ff:dc:6b:a7:57:d4:c7:
                    33:90:02:ce:19:6b:0b:82:f8:68:0d:a8:5f:e3:e6:
                    9e:be:ce:75:23:e8:3b:33:8e:af:44:a9:5e:17:37:
                    94:f0:81:c8:2c:7f:10:f5:96:13:e0:d0:76:d0:70:
                    be:6d:e5:bc:11:91:b9:8f:5d:86:e9:04:0d:ea:de:
                    29:25:5d:85:c1:ec:d2:80:f0:86:7f:18:47:b6:1f:
                    78:94:df:0c:07:30:4f:42:e2:84:62:f7:43:45:93:
                    81:24:0d:a7:bc:db:69:04:38:7f:67:15:3f:bc:1b:
                    99:20:14:84:18:56:30:c1:31:c7:4c:89:01:df:19:
                    fd:28:c6:e2:2b:82:04:4e:72:6f:d7:22:c6:57:92:
                    b3:78:c7:02:a7:37:e5:3d:6b:47:bf:b3:e7:b6:a4:
                    97:f5:d9:f9:f8:dd:78:c5:a9:8a:ba:73:3c:47:24:
                    e2:18:4e:f1:61:58:d5:b2:85:f3:39:a4:b1:2a:d5:
                    06:d9:c5:09:fd:95:2f:36:8f:b0:95:4b:7d:6f:92:
                    55:a8:eb:6c:78:a1:25:e3:5e:f3:f1:27:d4:c9:44:
                    aa:f3:6c:20:21:5b:0b:d8:fa:63:45:86:be:66:30:
                    f6:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:87:DA:33:1A:26:26:D7:B0:95:07:7D:1A:88:05:50:1D:82:43:32
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:86:da:ca:15:5b:f7:0e:8a:8a:4f:45:13:18:01:6d:1c:5c:
         c6:42:9e:5b:78:3f:f3:e6:d5:61:59:e3:44:e6:7f:d8:b3:c6:
         96:81:ff:1e:6e:5b:9d:fe:de:20:6e:07:2c:80:a0:46:c8:73:
         a5:7c:47:9d:0f:4d:75:54:c8:bc:ec:bd:3e:df:78:c7:d6:1e:
         34:08:c5:6e:0b:78:0b:a2:8a:e3:1e:44:8a:97:cf:aa:5c:80:
         c6:5f:b5:78:04:8d:9f:c6:3a:e0:97:dc:0e:93:52:c7:6c:3e:
         89:c1:fb:9b:ff:af:0f:86:69:9e:86:47:49:55:e9:c5:ce:34:
         72:65:69:75:77:dc:13:5c:6b:ad:ec:46:f3:7e:93:99:c2:42:
         9c:e1:49:37:bf:9c:e6:39:87:d3:b9:91:88:bc:0b:87:6d:c5:
         c1:1a:d8:6f:22:ea:c7:62:0e:73:7e:9a:b1:a7:30:ac:4e:82:
         13:43:dd:44:b1:6e:16:e6:e3:73:88:a3:30:a4:aa:c8:9c:94:
         7e:31:51:58:4e:d8:64:9b:36:62:dd:b4:ab:45:71:5c:31:2e:
         d1:0c:cd:d9:38:2e:3b:40:ec:1d:91:9f:58:cc:cc:31:f3:7e:
         23:fe:40:20:7c:43:ff:33:98:36:42:86:bc:54:b3:69:a7:db:
         21:ff:38:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RZW/Pe/Bg5baeONq55w0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjUwNjI4MTYwMTIwWhcNMjUwNjI5MTYwMTIwWjAzMTEwLwYDVQQD
EyhiODg3ZGEzMzFhMjYyNmQ3YjA5NTA3N2QxYTg4MDU1MDFkODI0MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV5O5q6qg83vkhS/sunA47gQdHZi
b//ca6dX1MczkALOGWsLgvhoDahf4+aevs51I+g7M46vRKleFzeU8IHILH8Q9ZYT
4NB20HC+beW8EZG5j12G6QQN6t4pJV2FwezSgPCGfxhHth94lN8MBzBPQuKEYvdD
RZOBJA2nvNtpBDh/ZxU/vBuZIBSEGFYwwTHHTIkB3xn9KMbiK4IETnJv1yLGV5Kz
eMcCpzflPWtHv7PntqSX9dn5+N14xamKunM8RyTiGE7xYVjVsoXzOaSxKtUG2cUJ
/ZUvNo+wlUt9b5JVqOtseKEl417z8SfUyUSq82wgIVsL2PpjRYa+ZjD2gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiH2jMaJibXsJUHfRqIBVAdgkMyMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABIbayhVb
9w6Kik9FExgBbRxcxkKeW3g/8+bVYVnjROZ/2LPGloH/Hm5bnf7eIG4HLICgRshz
pXxHnQ9NdVTIvOy9Pt94x9YeNAjFbgt4C6KK4x5EipfPqlyAxl+1eASNn8Y64Jfc
DpNSx2w+icH7m/+vD4ZpnoZHSVXpxc40cmVpdXfcE1xrrexG836TmcJCnOFJN7+c
5jmH07mRiLwLh23FwRrYbyLqx2IOc36asacwrE6CE0PdRLFuFubjc4ijMKSqyJyU
fjFRWE7YZJs2Yt20q0VxXDEu0QzN2TguO0DsHZGfWMzMMfN+I/5AIHxD/zOYNkKG
vFSzaafbIf84gQ==
-----END CERTIFICATE-----