Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
File:                     4imzfrYwaGsTKDOEcbUtqV0gSRE.mft (raw, json)
Hash identifier:          h1PNFlgWfUQpCh/isR+9VpYtplEMLOX9p7Te2e5r5v4=
Subject key identifier:   C6:D1:EF:8B:7F:BD:AB:7F:D2:12:25:15:DF:DD:E3:CB:B9:12:5F:6A
Authority key identifier: E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11
Certificate issuer:       /CN=e229b37eb630686b1328338471b52da95d204911
Certificate serial:       0197B6A1F91C3A896D407CCA1CF4AF5AA508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
Manifest number:          0AC6
Signing time:             Sat 28 Jun 2025 13:02:37 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:37 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:37 +0000
Files and hashes:         1: 4imzfrYwaGsTKDOEcbUtqV0gSRE.crl (hash: Wg6zb1bBrReIZDOysNBvdcU5VtbdUmu9ClVwM845Ct4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:f9:1c:3a:89:6d:40:7c:ca:1c:f4:af:5a:a5:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e229b37eb630686b1328338471b52da95d204911
        Validity
            Not Before: Jun 28 13:02:37 2025 GMT
            Not After : Jun 29 13:02:37 2025 GMT
        Subject: CN=c6d1ef8b7fbdab7fd2122515dfdde3cbb9125f6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8c:be:8b:6d:5e:b1:2b:5a:04:d0:c3:1d:23:
                    b1:9c:88:4e:07:3e:dc:17:04:ab:30:c8:c7:87:0b:
                    16:f6:6c:3a:2f:ee:e6:a5:74:8a:0f:13:cd:f8:34:
                    1d:7c:ac:c8:45:b8:51:5c:b4:59:af:39:86:eb:62:
                    b9:0c:11:08:53:3f:1c:b0:bf:02:d8:b1:15:5c:77:
                    2d:57:dd:c4:c5:52:6e:f2:fe:d9:6c:8b:a2:67:43:
                    a1:39:8f:07:5e:d8:b1:2b:19:b3:dc:a1:07:f7:69:
                    c2:d8:2b:90:a2:4f:e8:47:0a:73:b3:db:aa:ef:c4:
                    fe:c1:33:36:02:9a:e7:d5:54:93:00:59:a7:2e:d9:
                    91:07:91:71:80:0a:46:e8:4a:a6:ca:75:ae:fe:05:
                    fc:c2:20:1e:1e:38:91:db:61:57:8d:46:e8:ce:b1:
                    5d:cc:7c:71:2e:2f:c7:a0:ce:87:f2:8b:46:4b:29:
                    1a:ba:a2:de:31:50:fc:f7:2c:08:f4:1f:1f:bc:08:
                    74:9a:34:d2:10:f4:8f:cf:1c:81:e5:2e:bd:08:2c:
                    f0:62:f0:82:af:55:02:a5:b3:1d:45:da:e9:0b:e1:
                    4a:56:a8:48:0c:19:6a:a1:61:de:6f:9f:0a:8b:33:
                    11:bb:51:7b:02:fd:4f:62:dd:37:19:76:46:cb:23:
                    6a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D1:EF:8B:7F:BD:AB:7F:D2:12:25:15:DF:DD:E3:CB:B9:12:5F:6A
            X509v3 Authority Key Identifier:
                keyid:E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:63:74:6f:ff:de:d3:d1:65:d6:08:18:f3:a4:01:74:b5:6d:
         53:fb:46:4d:b4:e3:55:19:52:ac:ed:0a:6c:7c:b8:a9:49:18:
         e4:97:c3:2d:5b:d6:1e:05:7c:fa:fb:4e:f4:3d:ef:87:98:22:
         14:ff:35:05:d0:8a:6e:3e:70:76:c2:37:91:1e:53:e6:0c:99:
         4b:d4:d2:e5:be:af:22:ba:0c:4d:97:73:ad:81:1f:57:f7:04:
         de:b9:8b:50:a1:4b:b4:5f:af:51:46:18:0a:66:9a:ee:03:7e:
         a2:97:64:24:43:95:0b:1f:bc:12:24:ac:a3:6d:ad:a6:de:bc:
         d8:5b:99:22:f3:c9:a1:e8:50:1b:02:a7:9e:30:90:6e:08:b6:
         c1:f6:6f:de:72:7e:40:f1:38:66:92:df:53:b3:c6:63:dd:1c:
         6e:db:25:35:ed:f6:2f:af:4b:45:c8:4b:42:25:f6:59:50:9a:
         30:53:1c:99:d8:68:2a:c0:ef:82:7e:2d:b8:6d:6f:7e:75:c5:
         58:25:e9:80:6f:1c:bb:9e:f1:68:c5:99:51:d2:8e:9f:86:f3:
         a3:61:5a:36:ae:a0:da:84:a0:14:cf:dc:7a:87:6b:21:db:d4:
         5c:62:25:1e:b0:80:0c:20:b0:a6:65:ee:3d:94:bf:d8:f5:cd:
         b1:fd:da:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ofkcOoltQHzKHPSvWqUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjliMzdlYjYzMDY4NmIxMzI4MzM4NDcxYjUyZGE5NWQy
MDQ5MTEwHhcNMjUwNjI4MTMwMjM3WhcNMjUwNjI5MTMwMjM3WjAzMTEwLwYDVQQD
EyhjNmQxZWY4YjdmYmRhYjdmZDIxMjI1MTVkZmRkZTNjYmI5MTI1ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIy+i21esStaBNDDHSOxnIhOBz7c
FwSrMMjHhwsW9mw6L+7mpXSKDxPN+DQdfKzIRbhRXLRZrzmG62K5DBEIUz8csL8C
2LEVXHctV93ExVJu8v7ZbIuiZ0OhOY8HXtixKxmz3KEH92nC2CuQok/oRwpzs9uq
78T+wTM2Aprn1VSTAFmnLtmRB5FxgApG6EqmynWu/gX8wiAeHjiR22FXjUbozrFd
zHxxLi/HoM6H8otGSykauqLeMVD89ywI9B8fvAh0mjTSEPSPzxyB5S69CCzwYvCC
r1UCpbMdRdrpC+FKVqhIDBlqoWHeb58KizMRu1F7Av1PYt03GXZGyyNqPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbR74t/vat/0hIlFd/d48u5El9qMB8GA1UdIwQY
MBaAFOIps362MGhrEygzhHG1LaldIEkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMt
N2RlOGQ4YzJlOTMwLzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMtN2RlOGQ4YzJlOTMw
LzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAumN0b//e
09Fl1ggY86QBdLVtU/tGTbTjVRlSrO0KbHy4qUkY5JfDLVvWHgV8+vtO9D3vh5gi
FP81BdCKbj5wdsI3kR5T5gyZS9TS5b6vIroMTZdzrYEfV/cE3rmLUKFLtF+vUUYY
Cmaa7gN+opdkJEOVCx+8EiSso22tpt682FuZIvPJoehQGwKnnjCQbgi2wfZv3nJ+
QPE4ZpLfU7PGY90cbtslNe32L69LRchLQiX2WVCaMFMcmdhoKsDvgn4tuG1vfnXF
WCXpgG8cu57xaMWZUdKOn4bzo2FaNq6g2oSgFM/ceodrIdvUXGIlHrCADCCwpmXu
PZS/2PXNsf3arg==
-----END CERTIFICATE-----