Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
File:                     fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json)
Hash identifier:          5ktLSWhInOES/tR62WAzCtUSNK0sfOzFu1qovta4anQ=
Subject key identifier:   FE:7E:9E:53:D4:C1:EF:7E:50:BA:62:2A:C9:6E:49:FC:01:25:0D:8C
Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD
Certificate issuer:       /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
Certificate serial:       0197B6A070E5640F2394019CE4C44D44AC1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
Manifest number:          0A6C
Signing time:             Sat 28 Jun 2025 13:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:57 +0000
Files and hashes:         1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: woDaEAKoKIwD6vQ+Mnu7NFjBGjm6X7K4CPkXo6NU4G8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:70:e5:64:0f:23:94:01:9c:e4:c4:4d:44:ac:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd
        Validity
            Not Before: Jun 28 13:00:57 2025 GMT
            Not After : Jun 29 13:00:57 2025 GMT
        Subject: CN=fe7e9e53d4c1ef7e50ba622ac96e49fc01250d8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:8e:24:8f:67:af:00:48:cd:09:a2:40:49:2c:
                    ee:9c:fa:ec:38:5f:76:7a:95:53:93:ea:a3:30:60:
                    ba:1f:e8:42:ba:f7:f6:10:c2:2a:c5:15:5c:da:3d:
                    ee:6b:58:dc:47:7e:da:fc:cd:b5:cb:e9:3d:35:61:
                    a2:2d:64:b6:90:e6:4d:30:24:cb:ad:11:56:8c:c0:
                    6e:78:be:4e:f4:eb:f7:d5:5e:7f:d9:9f:f4:c4:31:
                    78:d8:53:31:2b:5f:e4:e3:d9:31:9a:9c:31:90:4c:
                    9e:be:c4:08:e9:5b:be:e7:ca:5b:a4:f2:ce:03:41:
                    5a:a5:d9:73:5c:47:5e:61:7a:c7:52:38:c8:91:2c:
                    4a:65:ff:c8:13:13:5a:a2:10:cd:76:a2:7c:66:b6:
                    c6:90:28:fc:71:53:e2:48:a9:48:89:02:f5:69:0d:
                    15:f5:95:e0:87:41:a6:f1:56:eb:c9:b5:79:1c:5c:
                    70:88:68:2f:14:de:f6:cd:48:97:3e:2c:14:e0:d2:
                    6a:b1:3f:68:17:6e:d9:02:2e:2f:e8:ec:95:e4:33:
                    bc:96:ce:04:2d:b2:96:41:c5:cc:ad:9c:88:33:78:
                    1c:37:4f:81:5a:e5:98:33:c8:d4:b8:8a:93:8f:11:
                    f1:c6:99:f6:7d:26:39:d6:97:b1:48:ec:e9:f9:ef:
                    b9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:7E:9E:53:D4:C1:EF:7E:50:BA:62:2A:C9:6E:49:FC:01:25:0D:8C
            X509v3 Authority Key Identifier:
                keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:be:b4:cd:9b:d7:01:28:b1:bf:7f:5d:75:1c:6a:70:53:bb:
         fb:aa:9a:2e:36:de:3f:05:25:e3:24:d1:10:4e:f0:a9:f3:ef:
         a3:4d:38:d7:10:74:98:db:a6:41:28:bc:9e:5c:d5:45:08:cf:
         80:a7:06:f6:17:ac:42:2a:7a:13:c1:cc:3e:92:39:76:58:ac:
         57:d3:fd:87:86:a7:43:f8:24:7a:59:6f:27:60:f2:54:0d:cf:
         e7:a7:9c:c7:4a:57:21:2d:05:e6:ca:fe:d3:f7:75:af:40:3a:
         1a:7d:a2:1e:1d:df:89:cc:fc:33:2e:c2:4d:3e:06:fd:5b:d3:
         db:69:b1:f6:44:e4:ed:a4:93:16:ef:11:88:55:49:d3:a8:3d:
         71:2a:ea:9c:b0:9a:cb:23:ce:83:d5:dd:77:7e:9e:b1:12:0f:
         0b:49:67:2a:5e:b4:fe:d5:9c:3e:d4:98:e6:03:ec:6d:e8:02:
         3f:58:5b:c7:a8:c8:85:9b:0b:75:63:42:73:79:2e:78:e6:88:
         9b:77:d5:fa:27:e4:e3:fc:cc:67:36:7c:b1:d7:f8:31:09:a5:
         15:24:ea:44:82:ae:60:30:3c:90:2b:5b:47:23:f3:f3:90:3a:
         0e:88:e9:e2:58:54:bc:55:d5:5f:7b:03:63:b2:76:55:05:02:
         50:c4:c1:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oHDlZA8jlAGc5MRNRKwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2
OGIwZGQwHhcNMjUwNjI4MTMwMDU3WhcNMjUwNjI5MTMwMDU3WjAzMTEwLwYDVQQD
EyhmZTdlOWU1M2Q0YzFlZjdlNTBiYTYyMmFjOTZlNDlmYzAxMjUwZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI4kj2evAEjNCaJASSzunPrsOF92
epVTk+qjMGC6H+hCuvf2EMIqxRVc2j3ua1jcR37a/M21y+k9NWGiLWS2kOZNMCTL
rRFWjMBueL5O9Ov31V5/2Z/0xDF42FMxK1/k49kxmpwxkEyevsQI6Vu+58pbpPLO
A0FapdlzXEdeYXrHUjjIkSxKZf/IExNaohDNdqJ8ZrbGkCj8cVPiSKlIiQL1aQ0V
9ZXgh0Gm8VbrybV5HFxwiGgvFN72zUiXPiwU4NJqsT9oF27ZAi4v6OyV5DO8ls4E
LbKWQcXMrZyIM3gcN0+BWuWYM8jUuIqTjxHxxpn2fSY51pexSOzp+e+5YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5+nlPUwe9+ULpiKsluSfwBJQ2MMB8GA1UdIwQY
MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt
ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz
LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAML60zZvX
ASixv39ddRxqcFO7+6qaLjbePwUl4yTREE7wqfPvo0041xB0mNumQSi8nlzVRQjP
gKcG9hesQip6E8HMPpI5dlisV9P9h4anQ/gkellvJ2DyVA3P56ecx0pXIS0F5sr+
0/d1r0A6Gn2iHh3ficz8My7CTT4G/VvT22mx9kTk7aSTFu8RiFVJ06g9cSrqnLCa
yyPOg9Xdd36esRIPC0lnKl60/tWcPtSY5gPsbegCP1hbx6jIhZsLdWNCc3kueOaI
m3fV+ifk4/zMZzZ8sdf4MQmlFSTqRIKuYDA8kCtbRyPz85A6Dojp4lhUvFXVX3sD
Y7J2VQUCUMTBfg==
-----END CERTIFICATE-----