Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          XR2GewnqKT0ApD478EKQdUJW5P3JRZPI+WGYh28Zzq0=
Subject key identifier:   53:99:F4:D5:63:9D:DE:53:33:A3:D0:1B:CB:AD:99:94:91:E6:33:10
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       0197B6A13EA499095FB7AA1E4C252E83BC01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0E11
Signing time:             Sat 28 Jun 2025 13:01:49 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:49 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:49 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: OGx7MctY8JeqM4nGvLxxeCKBdSX4QBLxhwo7Q+uJLCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:3e:a4:99:09:5f:b7:aa:1e:4c:25:2e:83:bc:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Jun 28 13:01:49 2025 GMT
            Not After : Jun 29 13:01:49 2025 GMT
        Subject: CN=5399f4d5639dde5333a3d01bcbad999491e63310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:cf:3a:7c:41:c5:3d:0f:9a:f7:21:71:b8:9f:
                    fd:6a:89:30:d5:d6:d1:a6:fc:d2:dc:f2:df:f6:06:
                    f5:01:d6:ae:a0:5c:d6:0d:98:ea:5a:cb:9d:65:68:
                    16:a6:f9:9a:40:db:3f:fa:ab:da:4f:cc:81:e5:47:
                    28:2e:4d:3b:72:66:f9:c4:4d:81:fb:8e:4f:6b:1d:
                    af:f2:78:f2:1f:52:2d:89:5b:82:43:63:cf:53:37:
                    7a:df:d0:e3:bb:d4:2d:1c:c0:79:17:05:46:01:70:
                    d3:6b:29:ee:35:85:d2:1a:c4:a0:76:21:b1:2a:f1:
                    ef:e7:98:9d:94:c0:5e:9b:f1:3f:7c:68:fc:ff:ae:
                    9c:3a:30:4b:81:5c:e0:d3:2f:b2:b8:b1:5e:2e:c9:
                    6a:ac:22:c4:2f:ee:bd:99:55:b2:da:d0:b5:31:c5:
                    ee:df:50:0c:f0:87:97:34:2f:51:c1:71:26:13:16:
                    5a:bf:ec:f9:46:4d:80:aa:d8:a9:2f:df:6b:f6:8b:
                    18:f8:22:e3:09:14:66:93:34:0c:0b:b8:4c:67:66:
                    45:ef:dd:85:b7:10:47:f7:0d:ef:d8:11:b7:f7:b6:
                    40:b6:30:a1:24:f3:60:3b:e4:02:3b:e8:cb:e5:a6:
                    97:d2:10:cb:ae:48:20:03:1b:ee:3e:0b:c7:35:24:
                    6b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:99:F4:D5:63:9D:DE:53:33:A3:D0:1B:CB:AD:99:94:91:E6:33:10
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:c7:4f:c0:c3:49:e2:81:e3:0b:74:40:3b:f7:77:11:18:22:
         3b:93:aa:b1:2f:7c:93:c0:98:8e:97:59:ad:72:2a:d9:75:c4:
         76:18:e9:fe:8e:97:d1:f3:4b:9a:af:02:74:6a:b3:ac:b2:05:
         9a:ed:31:7f:d0:08:9f:cc:09:3f:35:9b:c9:aa:83:b2:42:4a:
         9e:57:68:09:73:fb:a0:d4:54:84:74:ea:72:80:29:a7:59:1f:
         3a:3d:e9:d6:f1:65:ae:58:de:fc:68:90:f6:40:79:16:03:ac:
         6f:1a:86:8f:30:0b:d9:d5:16:d6:b7:d0:df:e3:48:dc:f9:e2:
         d8:23:57:3d:99:76:da:81:b4:f4:3f:93:73:01:25:81:e3:ef:
         e0:70:95:04:32:07:72:f1:4b:0c:6d:52:1c:5e:5b:1a:93:3b:
         75:1f:fe:f7:0e:f6:e3:66:69:58:b3:55:3a:60:d7:be:9c:96:
         36:84:9b:7d:17:04:4b:44:cb:72:35:5d:ae:5e:34:e0:68:b0:
         d5:26:8d:c8:b5:68:6c:52:11:33:f4:72:69:3f:f4:0c:4d:59:
         c3:19:d0:96:d6:1b:70:1a:00:2b:46:96:2e:f5:57:24:d4:f9:
         0a:5f:56:d4:41:0f:36:44:d7:46:48:0a:c2:a9:cb:ec:c8:ff:
         5a:a5:25:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oT6kmQlft6oeTCUug7wBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwNjI4MTMwMTQ5WhcNMjUwNjI5MTMwMTQ5WjAzMTEwLwYDVQQD
Eyg1Mzk5ZjRkNTYzOWRkZTUzMzNhM2QwMWJjYmFkOTk5NDkxZTYzMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc86fEHFPQ+a9yFxuJ/9aokw1dbR
pvzS3PLf9gb1AdauoFzWDZjqWsudZWgWpvmaQNs/+qvaT8yB5UcoLk07cmb5xE2B
+45Pax2v8njyH1ItiVuCQ2PPUzd639Dju9QtHMB5FwVGAXDTaynuNYXSGsSgdiGx
KvHv55idlMBem/E/fGj8/66cOjBLgVzg0y+yuLFeLslqrCLEL+69mVWy2tC1McXu
31AM8IeXNC9RwXEmExZav+z5Rk2AqtipL99r9osY+CLjCRRmkzQMC7hMZ2ZF792F
txBH9w3v2BG397ZAtjChJPNgO+QCO+jL5aaX0hDLrkggAxvuPgvHNSRrFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOZ9NVjnd5TM6PQG8utmZSR5jMQMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAicdPwMNJ
4oHjC3RAO/d3ERgiO5OqsS98k8CYjpdZrXIq2XXEdhjp/o6X0fNLmq8CdGqzrLIF
mu0xf9AIn8wJPzWbyaqDskJKnldoCXP7oNRUhHTqcoApp1kfOj3p1vFlrlje/GiQ
9kB5FgOsbxqGjzAL2dUW1rfQ3+NI3Pni2CNXPZl22oG09D+TcwElgePv4HCVBDIH
cvFLDG1SHF5bGpM7dR/+9w7242ZpWLNVOmDXvpyWNoSbfRcES0TLcjVdrl404Giw
1SaNyLVobFIRM/RyaT/0DE1ZwxnQltYbcBoAK0aWLvVXJNT5Cl9W1EEPNkTXRkgK
wqnL7Mj/WqUlLg==
-----END CERTIFICATE-----