Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
File:                     d4LgCn_HYX2UJguB_SKjo_PcaG0.mft (raw, json)
Hash identifier:          8USdh8M1lLDHgXB4mmX6AxAxfZ3wgsISOqHAPkl4aBU=
Subject key identifier:   69:E7:BA:13:55:EF:FB:82:A0:E7:B5:7A:28:E0:95:B2:CA:03:31:02
Authority key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
Certificate issuer:       /CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
Certificate serial:       0197B6A0BA096C54F8834FEEADDAD81FD209
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
Manifest number:          0A43
Signing time:             Sat 28 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:16 +0000
Files and hashes:         1: d4LgCn_HYX2UJguB_SKjo_PcaG0.crl (hash: 9e2skOP7VuPlG5uyrGNP3mgGQoK03KElsDUOMNNkZd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:ba:09:6c:54:f8:83:4f:ee:ad:da:d8:1f:d2:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
        Validity
            Not Before: Jun 28 13:01:16 2025 GMT
            Not After : Jun 29 13:01:16 2025 GMT
        Subject: CN=69e7ba1355effb82a0e7b57a28e095b2ca033102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:65:7b:a3:42:5b:32:94:33:d1:6c:d3:c8:29:
                    22:9a:e2:e5:ea:bf:f1:ca:49:d8:91:a7:b7:41:e7:
                    96:d5:0a:5b:30:41:06:f9:f6:fb:51:25:43:dd:87:
                    14:26:a3:09:16:cf:28:d1:fd:1e:99:33:e6:91:68:
                    0e:ab:5a:74:f6:46:25:de:88:d5:d2:60:d9:25:e2:
                    a6:9a:79:4f:90:2e:53:4b:df:f1:2b:93:15:61:3d:
                    2a:cc:45:c5:cd:5a:bb:50:da:9e:9f:1f:9d:0f:30:
                    b8:7e:84:07:15:81:a5:b4:80:5e:29:e2:25:70:c6:
                    74:09:40:ba:23:ba:9d:63:ba:7f:70:59:f3:c3:de:
                    54:18:cb:a7:d5:56:26:33:78:fa:14:c7:1d:67:d0:
                    ed:8d:54:7d:7c:53:93:aa:49:52:32:2b:4f:c2:80:
                    4a:45:2e:62:5e:9d:0a:6f:82:8f:01:8e:27:49:ff:
                    46:1e:1e:fc:9d:af:c6:8b:9b:bb:44:4b:25:c1:59:
                    08:83:04:fd:aa:cb:7f:ac:36:44:ef:74:ed:05:9d:
                    4b:e7:11:3c:c2:43:78:27:1c:cc:41:43:af:19:ec:
                    70:34:70:22:6e:90:85:d2:c7:fb:b3:c5:22:1a:be:
                    b7:41:7b:ba:d2:39:c1:7d:39:bf:77:10:4e:1f:f3:
                    e7:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:E7:BA:13:55:EF:FB:82:A0:E7:B5:7A:28:E0:95:B2:CA:03:31:02
            X509v3 Authority Key Identifier:
                keyid:77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:b4:08:9e:38:38:70:f4:7f:df:b3:a3:55:95:f4:b0:60:61:
         20:33:a3:2f:59:52:4b:2d:e4:b6:14:64:ca:64:55:2a:31:5f:
         78:fc:f6:ff:37:20:62:ac:43:9f:89:0e:66:d5:22:55:54:b8:
         2e:e2:e4:36:f9:95:de:4d:bd:c6:f8:a5:83:a2:c7:40:16:41:
         bd:dd:d6:8f:25:7c:02:bb:ca:5b:f9:aa:82:8b:ad:11:c7:98:
         34:b1:05:61:fb:05:39:a6:33:26:e2:d3:5c:ee:88:18:14:85:
         04:34:dd:49:1b:a7:22:15:ee:ea:ee:47:f6:d3:24:b7:b4:a3:
         f9:5b:15:ad:20:b9:e9:f3:e1:9a:c1:8b:d9:f4:c9:dd:e3:8b:
         0f:ad:1f:e1:3d:6e:21:2a:9c:01:71:fa:e4:77:03:5f:2f:09:
         d5:0b:f8:2e:21:4c:7d:74:94:ec:a2:9b:ba:64:85:6a:15:f3:
         5d:83:b8:29:60:9b:22:a4:ff:b7:58:6c:0b:a3:44:57:8c:a4:
         4b:29:b2:55:6d:35:cb:e0:a0:91:14:04:02:47:c0:64:ee:c0:
         d0:51:08:f9:e4:b6:11:1e:f7:eb:fe:59:21:f7:e7:d2:4c:86:
         14:bf:c1:d2:ef:51:c8:51:b6:a7:ba:69:2c:98:a5:6c:65:0a:
         ea:c7:d0:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oLoJbFT4g0/urdrYH9IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ODJlMDBhN2ZjNzYxN2Q5NDI2MGI4MWZkMjJhM2EzZjNk
YzY4NmQwHhcNMjUwNjI4MTMwMTE2WhcNMjUwNjI5MTMwMTE2WjAzMTEwLwYDVQQD
Eyg2OWU3YmExMzU1ZWZmYjgyYTBlN2I1N2EyOGUwOTViMmNhMDMzMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGV7o0JbMpQz0WzTyCkimuLl6r/x
yknYkae3QeeW1QpbMEEG+fb7USVD3YcUJqMJFs8o0f0emTPmkWgOq1p09kYl3ojV
0mDZJeKmmnlPkC5TS9/xK5MVYT0qzEXFzVq7UNqenx+dDzC4foQHFYGltIBeKeIl
cMZ0CUC6I7qdY7p/cFnzw95UGMun1VYmM3j6FMcdZ9DtjVR9fFOTqklSMitPwoBK
RS5iXp0Kb4KPAY4nSf9GHh78na/Gi5u7REslwVkIgwT9qst/rDZE73TtBZ1L5xE8
wkN4JxzMQUOvGexwNHAibpCF0sf7s8UiGr63QXu60jnBfTm/dxBOH/PnTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnnuhNV7/uCoOe1eijglbLKAzECMB8GA1UdIwQY
MBaAFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgt
OWEwMjg0YjNhZGMxLzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgtOWEwMjg0YjNhZGMx
LzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbQInjg4
cPR/37OjVZX0sGBhIDOjL1lSSy3kthRkymRVKjFfePz2/zcgYqxDn4kOZtUiVVS4
LuLkNvmV3k29xvilg6LHQBZBvd3WjyV8ArvKW/mqgoutEceYNLEFYfsFOaYzJuLT
XO6IGBSFBDTdSRunIhXu6u5H9tMkt7Sj+VsVrSC56fPhmsGL2fTJ3eOLD60f4T1u
ISqcAXH65HcDXy8J1Qv4LiFMfXSU7KKbumSFahXzXYO4KWCbIqT/t1hsC6NEV4yk
SymyVW01y+CgkRQEAkfAZO7A0FEI+eS2ER736/5ZIffn0kyGFL/B0u9RyFG2p7pp
LJilbGUK6sfQwg==
-----END CERTIFICATE-----