Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          GwL56O2ycOxTmJvljJ2L6w5imxIsAZY6iZ1kzIjn9xE=
Subject key identifier:   B0:8C:E7:9C:E3:05:EA:B4:A6:72:E9:FD:65:9A:BE:62:61:D7:4D:A0
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       0197B7EA9B24F2B860AD5AD451EC8E9A1DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          1246
Signing time:             Sat 28 Jun 2025 19:01:35 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:35 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:35 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: lXQaUNDBH2TA/LuLN7JvmFt59DsOAPkiGe0t3UkjHzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:9b:24:f2:b8:60:ad:5a:d4:51:ec:8e:9a:1d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Jun 28 19:01:35 2025 GMT
            Not After : Jun 29 19:01:35 2025 GMT
        Subject: CN=b08ce79ce305eab4a672e9fd659abe6261d74da0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:78:dd:b2:b1:bf:c6:3a:87:bf:cd:30:81:ae:
                    91:87:aa:e2:e4:a5:87:c8:bd:61:4c:d5:a7:f3:33:
                    20:56:9e:ab:b1:b4:13:8f:2f:29:d8:e9:f0:be:57:
                    c1:09:cd:21:bc:45:33:18:0e:7d:c5:cf:19:7f:10:
                    c8:af:ba:df:b1:ac:e6:54:fa:b4:76:f9:e9:e9:88:
                    6e:a3:93:9c:10:c7:62:c4:09:5c:df:26:05:e0:8c:
                    9e:58:f3:15:d6:31:37:0e:45:5f:4c:4a:7f:8c:ac:
                    a1:d1:47:3b:9c:04:b6:9a:6d:21:ca:c0:7e:d8:07:
                    47:35:66:3a:13:2e:61:81:3d:66:c5:a5:30:76:5e:
                    a1:4f:0f:48:57:b1:df:8a:97:62:1d:b9:db:9b:4b:
                    2e:a8:7c:86:8e:b7:fa:eb:4c:d5:d7:ca:8b:eb:07:
                    be:9b:b5:c8:29:27:24:6a:30:98:54:5f:6b:da:0b:
                    25:06:12:19:93:2a:fb:b8:99:e8:51:05:b8:3c:b6:
                    39:0b:c2:77:e7:be:d0:67:b6:24:b9:ab:34:15:0e:
                    c1:b8:fb:5d:ce:f2:92:2c:45:da:6b:1b:19:89:e9:
                    85:65:a0:0f:41:7d:ec:dc:ac:69:2a:30:6d:d3:a1:
                    12:0c:30:fe:04:52:31:04:e1:b7:23:41:c7:9d:c1:
                    e5:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:8C:E7:9C:E3:05:EA:B4:A6:72:E9:FD:65:9A:BE:62:61:D7:4D:A0
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:93:63:bd:26:d3:e3:b1:66:2e:80:01:13:fc:49:97:da:89:
         c4:b8:04:0e:f0:8a:56:82:93:9f:eb:3f:06:6d:51:54:14:21:
         63:26:48:a9:7a:bf:0f:4a:63:0c:10:b2:b9:24:1a:b2:97:3a:
         ed:e9:a6:3d:1a:67:b1:67:86:d6:be:c2:34:ac:f2:ed:c5:15:
         25:1d:e9:e7:6f:aa:e6:3e:f3:f6:7c:34:fd:9a:c9:54:e5:4b:
         b6:62:9b:6b:a6:49:22:2f:58:37:43:83:26:ca:5c:e6:a2:ab:
         01:65:a9:97:87:cc:68:de:57:b2:a2:0c:ad:b3:89:cf:9a:0e:
         f8:3f:44:30:3e:f8:28:62:07:5a:d9:e9:89:32:bb:22:c7:a9:
         e0:79:9f:a7:c1:96:05:70:1e:27:cf:8b:b3:8a:96:ed:8f:bf:
         6c:96:58:81:de:25:68:37:bd:ba:dc:1d:ce:82:68:0e:86:10:
         58:58:8b:52:64:ab:05:42:55:b9:02:36:a4:8d:20:a6:bf:1d:
         3c:7a:46:64:99:3c:56:de:ad:a1:b3:fe:5e:b0:c9:31:37:6e:
         c1:3f:83:b7:ff:67:bb:1d:9d:c4:a0:45:85:7f:13:fd:e5:19:
         61:17:a8:c3:0d:a3:6c:2b:10:58:c6:a2:b3:cb:8b:5a:7f:fa:
         b9:d9:0f:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36psk8rhgrVrUUeyOmh3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjUwNjI4MTkwMTM1WhcNMjUwNjI5MTkwMTM1WjAzMTEwLwYDVQQD
EyhiMDhjZTc5Y2UzMDVlYWI0YTY3MmU5ZmQ2NTlhYmU2MjYxZDc0ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HjdsrG/xjqHv80wga6Rh6ri5KWH
yL1hTNWn8zMgVp6rsbQTjy8p2OnwvlfBCc0hvEUzGA59xc8ZfxDIr7rfsazmVPq0
dvnp6Yhuo5OcEMdixAlc3yYF4IyeWPMV1jE3DkVfTEp/jKyh0Uc7nAS2mm0hysB+
2AdHNWY6Ey5hgT1mxaUwdl6hTw9IV7HfipdiHbnbm0suqHyGjrf660zV18qL6we+
m7XIKSckajCYVF9r2gslBhIZkyr7uJnoUQW4PLY5C8J3577QZ7Ykuas0FQ7BuPtd
zvKSLEXaaxsZiemFZaAPQX3s3KxpKjBt06ESDDD+BFIxBOG3I0HHncHlTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCM55zjBeq0pnLp/WWavmJh102gMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJNjvSbT
47FmLoABE/xJl9qJxLgEDvCKVoKTn+s/Bm1RVBQhYyZIqXq/D0pjDBCyuSQaspc6
7emmPRpnsWeG1r7CNKzy7cUVJR3p52+q5j7z9nw0/ZrJVOVLtmKba6ZJIi9YN0OD
Jspc5qKrAWWpl4fMaN5XsqIMrbOJz5oO+D9EMD74KGIHWtnpiTK7Isep4Hmfp8GW
BXAeJ8+Ls4qW7Y+/bJZYgd4laDe9utwdzoJoDoYQWFiLUmSrBUJVuQI2pI0gpr8d
PHpGZJk8Vt6tobP+XrDJMTduwT+Dt/9nux2dxKBFhX8T/eUZYReoww2jbCsQWMai
s8uLWn/6udkPSw==
-----END CERTIFICATE-----