Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          Unh5QxEZyJo1WU18B7TqzOOxMztXGfK8QdByH90HYyY=
Subject key identifier:   98:94:F6:09:8C:D5:A6:09:8F:8B:8E:68:FE:09:BA:C0:EA:51:8F:34
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       0197B7B2EDDC0AAA99E023EC4CA147DEF074
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          0274
Signing time:             Sat 28 Jun 2025 18:00:46 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:46 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:46 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: V0hopnwjwSuPZZzUmNST/3hhLsAA+C4WJutKaxEQP6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:ed:dc:0a:aa:99:e0:23:ec:4c:a1:47:de:f0:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Jun 28 18:00:46 2025 GMT
            Not After : Jun 29 18:00:46 2025 GMT
        Subject: CN=9894f6098cd5a6098f8b8e68fe09bac0ea518f34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fa:5a:d7:bf:ca:5f:5d:02:f3:61:cf:3e:bd:
                    d8:b9:fa:4f:26:a0:51:f1:37:cd:d4:06:d4:89:2b:
                    d3:85:af:42:89:25:da:3a:d8:2f:7f:c0:0d:bb:8b:
                    99:09:f6:d4:f6:5a:d6:08:3d:30:3a:4a:80:67:3e:
                    56:34:cc:e3:b2:3b:62:90:b1:c6:19:d2:5d:a0:f6:
                    23:90:f1:43:4c:a0:b0:7c:5c:ad:c3:f2:87:39:b0:
                    16:52:33:30:69:d7:ae:b2:e0:d6:61:41:68:24:f3:
                    71:7a:1d:88:06:1a:ea:a0:82:bf:da:07:ce:12:51:
                    e1:dd:74:fc:39:b2:d3:2f:fb:be:77:22:13:f5:de:
                    16:dc:11:f0:74:80:1b:a1:4c:84:0f:74:c9:e7:95:
                    19:2d:ca:64:91:15:92:c0:b9:bb:0c:89:17:42:77:
                    c1:ff:6a:29:dd:0e:03:6e:e0:3c:b4:99:2f:30:e9:
                    8c:c0:62:63:c4:98:c0:7f:8e:9c:a4:e5:7d:9a:fa:
                    4f:d9:a2:7b:a1:56:85:04:cd:a6:01:cb:82:c4:13:
                    28:34:b5:fa:bd:d9:5a:60:ee:36:f5:a3:ca:f6:d0:
                    06:a4:99:a5:0f:ab:45:e1:d5:f3:c7:eb:c7:24:a1:
                    fb:09:48:5c:8f:43:f0:5c:40:45:13:ef:ef:e4:53:
                    b4:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:94:F6:09:8C:D5:A6:09:8F:8B:8E:68:FE:09:BA:C0:EA:51:8F:34
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:c0:ad:08:76:b7:dc:85:8e:1e:b9:0e:c4:af:d1:cf:ed:74:
         45:52:5d:07:fa:d0:55:84:0c:81:46:7f:c9:03:56:4b:58:21:
         14:8d:c4:30:72:dc:a2:eb:ee:2d:2b:bd:b4:74:e3:9f:cc:2d:
         5f:a9:1d:ac:28:b1:67:1d:3e:ad:95:46:45:1d:0e:09:45:8a:
         48:65:a2:01:15:c1:e0:f7:91:b3:35:2b:f7:33:69:b1:b8:4c:
         5b:fe:4e:fe:a4:0d:cf:92:25:98:01:a0:1b:00:a6:32:28:c1:
         fd:d2:09:2c:5d:90:16:29:9b:89:2b:79:04:1d:42:79:a6:79:
         4c:88:2d:ae:10:95:57:b4:23:45:77:27:cc:58:f1:ed:37:ea:
         bb:7e:37:52:13:6e:7d:ab:64:94:25:aa:51:cd:85:38:d0:3e:
         a9:f0:e2:21:c7:83:c4:37:bc:a8:3c:dd:7b:67:b2:aa:bc:2a:
         9b:35:c1:3f:31:1a:04:d8:c9:1e:e1:c4:9f:5d:5f:79:05:3a:
         3c:58:96:db:d9:44:dd:01:62:01:a2:68:79:d7:38:9b:56:0c:
         fa:5c:a8:d0:30:97:74:6c:02:04:85:b9:45:f7:f0:8c:f8:20:
         bc:03:82:41:f2:49:1f:9a:01:5d:ed:e7:37:43:c4:ea:ea:5b:
         41:63:fa:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3su3cCqqZ4CPsTKFH3vB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUwNjI4MTgwMDQ2WhcNMjUwNjI5MTgwMDQ2WjAzMTEwLwYDVQQD
Eyg5ODk0ZjYwOThjZDVhNjA5OGY4YjhlNjhmZTA5YmFjMGVhNTE4ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPpa17/KX10C82HPPr3YufpPJqBR
8TfN1AbUiSvTha9CiSXaOtgvf8ANu4uZCfbU9lrWCD0wOkqAZz5WNMzjsjtikLHG
GdJdoPYjkPFDTKCwfFytw/KHObAWUjMwadeusuDWYUFoJPNxeh2IBhrqoIK/2gfO
ElHh3XT8ObLTL/u+dyIT9d4W3BHwdIAboUyED3TJ55UZLcpkkRWSwLm7DIkXQnfB
/2op3Q4DbuA8tJkvMOmMwGJjxJjAf46cpOV9mvpP2aJ7oVaFBM2mAcuCxBMoNLX6
vdlaYO429aPK9tAGpJmlD6tF4dXzx+vHJKH7CUhcj0PwXEBFE+/v5FO0QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiU9gmM1aYJj4uOaP4JusDqUY80MB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfcCtCHa3
3IWOHrkOxK/Rz+10RVJdB/rQVYQMgUZ/yQNWS1ghFI3EMHLcouvuLSu9tHTjn8wt
X6kdrCixZx0+rZVGRR0OCUWKSGWiARXB4PeRszUr9zNpsbhMW/5O/qQNz5IlmAGg
GwCmMijB/dIJLF2QFimbiSt5BB1CeaZ5TIgtrhCVV7QjRXcnzFjx7Tfqu343UhNu
fatklCWqUc2FONA+qfDiIceDxDe8qDzde2eyqrwqmzXBPzEaBNjJHuHEn11feQU6
PFiW29lE3QFiAaJoedc4m1YM+lyo0DCXdGwCBIW5RffwjPggvAOCQfJJH5oBXe3n
N0PE6upbQWP64g==
-----END CERTIFICATE-----