Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          MKJYamQ5NQZCLOJFayMZR7uVkkl2M7BR2NStV+khDK4=
Subject key identifier:   00:8C:B4:C2:FD:67:69:BD:86:95:99:7D:DA:40:D8:A0:BD:99:9D:20
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       0197B6A1672A431B402B7054BE2E3ACF826B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0AD2
Signing time:             Sat 28 Jun 2025 13:02:00 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:00 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:00 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: HtOu11RhkgTA/RWmK0WQgKWHwEi+7pVwD7DJ7Gn89PA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:67:2a:43:1b:40:2b:70:54:be:2e:3a:cf:82:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Jun 28 13:02:00 2025 GMT
            Not After : Jun 29 13:02:00 2025 GMT
        Subject: CN=008cb4c2fd6769bd8695997dda40d8a0bd999d20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5f:55:28:ac:d9:19:d0:96:cb:93:ca:2b:51:
                    b2:fa:73:d8:34:5e:e7:96:f6:43:f4:f0:0d:83:84:
                    38:24:eb:3e:a4:78:8f:b8:91:45:5a:53:a5:fa:06:
                    54:2d:2d:0f:3a:fc:20:c0:53:9b:32:75:bc:c9:96:
                    2e:1b:4f:87:93:6c:0e:6c:f3:90:77:79:00:73:99:
                    c3:6a:2f:97:25:c5:8c:cf:f9:d6:bc:32:be:4a:be:
                    f3:67:65:a7:a1:23:87:f7:33:66:84:95:fa:67:3a:
                    b4:a9:95:bc:97:54:60:43:00:54:99:bf:dc:d9:6d:
                    ab:42:ae:60:34:07:f4:ef:14:38:cb:1f:46:b5:d4:
                    1b:01:2c:60:48:04:80:cf:31:2f:34:a3:87:f5:55:
                    5d:c2:4a:79:8d:15:1f:9c:e0:1a:a0:2b:66:47:20:
                    2b:3d:52:38:6f:6a:cf:af:b7:97:9a:82:26:77:93:
                    58:76:e4:8c:7a:11:09:73:2f:db:e8:31:70:99:4f:
                    46:a7:fc:ed:23:60:7f:ae:31:0d:23:c8:7b:b3:e4:
                    bf:8b:28:99:d1:56:e4:6d:5d:b5:fc:79:96:cf:8f:
                    44:d8:98:5b:7a:57:4b:02:b2:c5:40:f6:8d:d7:85:
                    de:27:d6:b8:7d:76:f1:40:1b:b5:67:f1:43:d1:f8:
                    ef:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:8C:B4:C2:FD:67:69:BD:86:95:99:7D:DA:40:D8:A0:BD:99:9D:20
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:1c:75:d3:11:85:bd:c1:26:57:45:42:53:fb:62:ca:20:2d:
         8b:1b:f0:12:d6:0a:f7:2f:c7:dd:fd:87:cc:37:90:f4:84:69:
         88:3b:fd:cc:cc:cd:87:3a:50:a6:0c:f3:67:d5:b9:77:ac:7e:
         9e:57:3e:a1:a8:fb:35:ba:81:ca:42:23:cf:d8:f6:65:f5:cd:
         29:53:f2:44:d2:09:de:7d:72:1f:83:bb:69:31:70:ee:38:9b:
         00:14:ca:37:3b:4f:ab:dd:f7:9d:13:fe:3a:19:bb:c1:2c:a2:
         8a:1d:50:b1:4a:ac:a0:d8:7a:d5:8d:a3:c0:99:c4:af:38:2e:
         12:14:04:25:ab:e0:bd:9e:5d:73:02:66:86:77:f1:4a:f4:5b:
         d8:38:ad:f1:81:47:ae:cd:1f:17:b7:25:86:64:87:0d:8a:68:
         61:f3:46:9d:27:13:ab:b5:ba:69:25:61:e4:79:bf:f4:a4:87:
         8b:0f:1b:e5:6c:0a:4a:a6:e0:29:91:cd:64:31:c4:3a:28:ba:
         ae:86:28:f9:cf:2e:50:b6:63:9b:3b:91:a0:ce:dc:b9:f3:ac:
         2b:e4:82:26:79:db:0a:e1:a5:b9:19:7a:ad:ee:2e:3f:3a:e9:
         da:31:c2:19:a7:5f:26:a9:f8:e3:20:47:43:62:76:6a:40:2c:
         27:9b:76:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oWcqQxtAK3BUvi46z4JrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUwNjI4MTMwMjAwWhcNMjUwNjI5MTMwMjAwWjAzMTEwLwYDVQQD
EygwMDhjYjRjMmZkNjc2OWJkODY5NTk5N2RkYTQwZDhhMGJkOTk5ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV9VKKzZGdCWy5PKK1Gy+nPYNF7n
lvZD9PANg4Q4JOs+pHiPuJFFWlOl+gZULS0POvwgwFObMnW8yZYuG0+Hk2wObPOQ
d3kAc5nDai+XJcWMz/nWvDK+Sr7zZ2WnoSOH9zNmhJX6Zzq0qZW8l1RgQwBUmb/c
2W2rQq5gNAf07xQ4yx9GtdQbASxgSASAzzEvNKOH9VVdwkp5jRUfnOAaoCtmRyAr
PVI4b2rPr7eXmoImd5NYduSMehEJcy/b6DFwmU9Gp/ztI2B/rjENI8h7s+S/iyiZ
0VbkbV21/HmWz49E2JhbeldLArLFQPaN14XeJ9a4fXbxQBu1Z/FD0fjvqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACMtML9Z2m9hpWZfdpA2KC9mZ0gMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRx10xGF
vcEmV0VCU/tiyiAtixvwEtYK9y/H3f2HzDeQ9IRpiDv9zMzNhzpQpgzzZ9W5d6x+
nlc+oaj7NbqBykIjz9j2ZfXNKVPyRNIJ3n1yH4O7aTFw7jibABTKNztPq933nRP+
Ohm7wSyiih1QsUqsoNh61Y2jwJnErzguEhQEJavgvZ5dcwJmhnfxSvRb2Dit8YFH
rs0fF7clhmSHDYpoYfNGnScTq7W6aSVh5Hm/9KSHiw8b5WwKSqbgKZHNZDHEOii6
roYo+c8uULZjmzuRoM7cufOsK+SCJnnbCuGluRl6re4uPzrp2jHCGadfJqn44yBH
Q2J2akAsJ5t2yQ==
-----END CERTIFICATE-----