Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          rLFj3aw/v4YdxN1q/fDF1c0tKgNpZxNjot/XND3UR8c=
Subject key identifier:   02:92:60:A1:96:4E:34:96:07:81:5A:25:7A:BE:BB:F8:1E:A6:AC:01
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       0197B70EAF88672DA7863A8CDF52AE942480
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0C5A
Signing time:             Sat 28 Jun 2025 15:01:22 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:22 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:22 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: jPKFS7ZrAjwGN0sHM260PPbHN8Waix0T0E9e15oFTI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:af:88:67:2d:a7:86:3a:8c:df:52:ae:94:24:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Jun 28 15:01:22 2025 GMT
            Not After : Jun 29 15:01:22 2025 GMT
        Subject: CN=029260a1964e349607815a257abebbf81ea6ac01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5c:f4:f6:eb:dc:c4:3a:ef:1c:7a:3d:df:5c:
                    2c:39:38:25:6f:d8:50:58:f8:8a:88:1a:0b:3d:72:
                    43:df:44:3f:07:5b:6b:0d:3c:64:bb:d9:02:45:45:
                    22:f2:f3:d2:83:e9:ff:ee:fc:12:5f:0b:37:c0:36:
                    9f:1e:e7:f5:36:1a:4e:df:15:f3:b0:d2:7a:90:7f:
                    9c:78:98:80:49:28:8c:ca:7d:11:c4:31:a3:9f:75:
                    bd:b5:57:f5:45:48:e0:66:f3:4e:9a:92:f2:4f:c2:
                    ca:9c:f1:3b:e7:d0:e9:7a:71:e2:2e:89:fa:8b:e5:
                    83:e5:e0:ac:dc:1e:a6:1b:29:b6:d6:39:dc:64:84:
                    e4:a3:3f:0f:9f:29:3c:23:fe:8c:2a:84:7c:e7:ba:
                    b3:27:d6:06:23:d7:05:3e:39:04:d0:71:b1:c0:91:
                    c0:cf:e5:5b:07:2d:75:28:7a:83:4d:23:c7:26:b9:
                    7e:fd:2a:f4:a5:35:63:f0:8b:a8:29:89:f3:eb:8f:
                    da:ed:f1:a8:a1:49:ed:78:5e:a0:3e:09:f5:1f:c4:
                    47:5e:92:54:2d:e6:af:c2:5f:16:a3:c6:31:0d:c8:
                    a5:c6:fa:ea:19:1d:19:59:4e:60:e6:cb:32:17:c8:
                    66:3b:8c:f7:fd:90:39:29:06:f4:64:e2:1c:c0:68:
                    29:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:92:60:A1:96:4E:34:96:07:81:5A:25:7A:BE:BB:F8:1E:A6:AC:01
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:d3:98:7e:d8:52:1b:a0:2f:1e:84:0a:a3:d0:35:d0:95:b3:
         fb:0b:56:48:0b:ae:ca:3a:ca:ca:2b:8c:f9:92:63:52:dc:2f:
         39:42:e2:49:a7:c8:52:34:58:12:f9:0b:5c:b1:d7:25:1b:9d:
         99:81:09:52:67:af:28:0d:27:42:80:db:8d:16:99:11:3d:b6:
         cc:d0:1a:86:ed:35:77:fe:3b:8b:5d:ed:8f:1d:1b:c7:bd:a3:
         d8:ba:fb:1d:d8:77:2c:ed:18:41:d6:a0:63:68:3c:1e:dd:b2:
         98:ee:6b:97:67:d6:25:fb:5e:8f:4d:20:a6:a8:5e:48:4f:bf:
         cf:d2:be:74:9e:29:cf:81:55:7d:8c:f8:92:2f:f9:13:ff:c2:
         43:c6:d6:bd:c2:5a:6c:bc:f6:a9:1c:98:b4:5c:88:e9:ce:18:
         78:b5:72:9c:4c:8d:e8:21:f3:1e:ff:00:ce:2a:8a:3a:ad:9c:
         e9:9e:71:9e:29:e7:5d:db:ce:bb:65:df:f1:1f:bc:2a:28:7a:
         b3:5e:37:24:3c:13:e8:ac:9c:2c:c4:7d:d7:56:e6:6d:4c:f5:
         3e:8e:e6:ba:d7:03:ce:33:08:be:40:24:f6:fb:b8:e6:7f:51:
         c5:b0:84:22:9c:a8:f8:a0:2d:1e:ef:8b:76:29:2d:6d:ff:90:
         8c:a2:4b:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dq+IZy2nhjqM31KulCSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwNjI4MTUwMTIyWhcNMjUwNjI5MTUwMTIyWjAzMTEwLwYDVQQD
EygwMjkyNjBhMTk2NGUzNDk2MDc4MTVhMjU3YWJlYmJmODFlYTZhYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFz09uvcxDrvHHo931wsOTglb9hQ
WPiKiBoLPXJD30Q/B1trDTxku9kCRUUi8vPSg+n/7vwSXws3wDafHuf1NhpO3xXz
sNJ6kH+ceJiASSiMyn0RxDGjn3W9tVf1RUjgZvNOmpLyT8LKnPE759DpenHiLon6
i+WD5eCs3B6mGym21jncZITkoz8Pnyk8I/6MKoR857qzJ9YGI9cFPjkE0HGxwJHA
z+VbBy11KHqDTSPHJrl+/Sr0pTVj8IuoKYnz64/a7fGooUnteF6gPgn1H8RHXpJU
Leavwl8Wo8YxDcilxvrqGR0ZWU5g5ssyF8hmO4z3/ZA5KQb0ZOIcwGgpTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKSYKGWTjSWB4FaJXq+u/gepqwBMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetOYfthS
G6AvHoQKo9A10JWz+wtWSAuuyjrKyiuM+ZJjUtwvOULiSafIUjRYEvkLXLHXJRud
mYEJUmevKA0nQoDbjRaZET22zNAahu01d/47i13tjx0bx72j2Lr7Hdh3LO0YQdag
Y2g8Ht2ymO5rl2fWJftej00gpqheSE+/z9K+dJ4pz4FVfYz4ki/5E//CQ8bWvcJa
bLz2qRyYtFyI6c4YeLVynEyN6CHzHv8AziqKOq2c6Z5xninnXdvOu2Xf8R+8Kih6
s143JDwT6KycLMR911bmbUz1Po7mutcDzjMIvkAk9vu45n9RxbCEIpyo+KAtHu+L
diktbf+QjKJLcA==
-----END CERTIFICATE-----