Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
File:                     JkQpgYmVnJWm1KdLdU9JlqWltlw.mft (raw, json)
Hash identifier:          hdcGEhMiDuDK3d+yYxk7hdJYnAgZKKKRLg3hh302+no=
Subject key identifier:   B3:20:7B:1F:4D:37:5B:C7:07:56:78:07:9C:19:D8:3A:E2:8D:00:23
Authority key identifier: 26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C
Certificate issuer:       /CN=2644298189959c95a6d4a74b754f4996a5a5b65c
Certificate serial:       0197B6A2027E97C1A68C07FCFBD17D1815C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:02:40 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:40 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:40 +0000
Files and hashes:         1: JkQpgYmVnJWm1KdLdU9JlqWltlw.crl (hash: 70NKZYVZRd4TFw6JimUxPAQY1Chg3XhpYb+VLhaDdjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:02:7e:97:c1:a6:8c:07:fc:fb:d1:7d:18:15:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2644298189959c95a6d4a74b754f4996a5a5b65c
        Validity
            Not Before: Jun 28 13:02:40 2025 GMT
            Not After : Jun 29 13:02:40 2025 GMT
        Subject: CN=b3207b1f4d375bc7075678079c19d83ae28d0023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c8:9a:86:4a:d9:f2:d8:48:a6:d8:b4:c9:22:
                    08:ab:bf:1d:4f:62:e2:84:df:2b:e7:af:44:c4:cb:
                    3a:56:76:3d:12:fc:62:86:7f:b4:f7:f2:a1:62:bc:
                    2c:75:63:af:38:f0:b5:e2:09:1a:42:d4:24:19:7d:
                    51:b0:2a:61:bc:18:5a:a8:f9:bf:14:f8:8f:9c:dc:
                    1a:43:d4:0d:05:be:89:cb:c5:be:73:47:42:e2:44:
                    a0:6b:1c:c6:be:21:97:58:b3:83:3c:33:b4:2d:bb:
                    80:39:16:54:1b:eb:3c:81:0d:df:34:09:ec:4a:a1:
                    a9:20:8b:e4:8a:47:a4:7b:31:b3:8e:05:53:a8:58:
                    e0:fb:39:28:ae:c5:de:d6:f1:6c:81:4d:fa:e7:7d:
                    31:ae:5b:6a:fd:16:3c:c5:ab:ae:7b:c6:0b:cb:1e:
                    3e:aa:94:8c:68:fe:02:c3:96:5f:b3:03:ce:58:ce:
                    94:6a:2e:a5:75:36:e7:5a:86:64:86:e3:47:6a:f3:
                    0b:7d:ee:2b:a4:e3:36:4d:57:35:25:e1:43:97:f6:
                    c4:d8:27:69:0e:95:4b:23:b8:1a:56:37:fd:ff:bd:
                    10:23:be:95:15:b1:3c:db:ba:f8:ff:97:bb:a9:f1:
                    a4:74:cf:96:29:a3:59:cb:ca:78:cb:b7:dc:3f:d7:
                    de:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:20:7B:1F:4D:37:5B:C7:07:56:78:07:9C:19:D8:3A:E2:8D:00:23
            X509v3 Authority Key Identifier:
                keyid:26:44:29:81:89:95:9C:95:A6:D4:A7:4B:75:4F:49:96:A5:A5:B6:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkQpgYmVnJWm1KdLdU9JlqWltlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0d14d0-be8b-4170-9fd8-07cd4a061c80/1/JkQpgYmVnJWm1KdLdU9JlqWltlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:04:7e:a1:51:9e:ba:e9:42:94:4f:4c:7d:6e:90:7c:81:50:
         95:3c:37:9b:80:0b:df:61:12:7c:e6:67:ec:11:f0:c8:59:e1:
         cd:93:7e:39:73:9a:7b:7f:0a:e0:77:74:78:29:76:57:0e:c0:
         29:1f:20:c6:97:07:21:af:a9:a2:ec:5b:3a:ba:ea:b5:01:c9:
         4d:bf:86:68:f7:95:d7:35:64:7a:79:ea:7d:4e:1c:1c:52:93:
         b9:76:8d:90:f0:d6:d0:a6:31:7d:74:69:ce:e1:d8:38:10:e4:
         4f:14:6b:d5:85:1b:26:22:23:1e:b9:b7:36:e9:0a:fa:92:8f:
         8a:3f:26:8a:32:4e:08:a4:b4:2c:b6:01:90:57:34:18:d2:1f:
         0b:f5:0b:ae:93:69:19:08:70:5f:69:14:c8:7f:36:5f:b2:5b:
         66:67:b2:8e:b0:03:37:71:5b:0d:ca:82:46:1c:87:90:b1:47:
         d5:4e:f4:3f:bb:f5:97:df:83:aa:a6:5b:18:59:c2:4d:d8:f7:
         2b:86:43:65:d5:02:47:9b:98:8a:f0:99:de:c3:50:f2:ed:f1:
         b5:a0:f0:fc:32:f8:9a:4e:4d:62:b9:33:f3:16:d9:42:e6:96:
         a2:8a:bc:51:04:b8:d9:9d:ab:2c:78:b8:22:32:2f:3f:a0:12:
         86:fc:1d:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ogJ+l8GmjAf8+9F9GBXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDQyOTgxODk5NTljOTVhNmQ0YTc0Yjc1NGY0OTk2YTVh
NWI2NWMwHhcNMjUwNjI4MTMwMjQwWhcNMjUwNjI5MTMwMjQwWjAzMTEwLwYDVQQD
EyhiMzIwN2IxZjRkMzc1YmM3MDc1Njc4MDc5YzE5ZDgzYWUyOGQwMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38iahkrZ8thIpti0ySIIq78dT2Li
hN8r569ExMs6VnY9Evxihn+09/KhYrwsdWOvOPC14gkaQtQkGX1RsCphvBhaqPm/
FPiPnNwaQ9QNBb6Jy8W+c0dC4kSgaxzGviGXWLODPDO0LbuAORZUG+s8gQ3fNAns
SqGpIIvkikekezGzjgVTqFjg+zkorsXe1vFsgU36530xrltq/RY8xauue8YLyx4+
qpSMaP4Cw5ZfswPOWM6Uai6ldTbnWoZkhuNHavMLfe4rpOM2TVc1JeFDl/bE2Cdp
DpVLI7gaVjf9/70QI76VFbE827r4/5e7qfGkdM+WKaNZy8p4y7fcP9feiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMgex9NN1vHB1Z4B5wZ2DrijQAjMB8GA1UdIwQY
MBaAFCZEKYGJlZyVptSnS3VPSZalpbZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgt
MDdjZDRhMDYxYzgwLzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZDE0ZDAtYmU4Yi00MTcwLTlmZDgtMDdjZDRhMDYxYzgw
LzEvSmtRcGdZbVZuSldtMUtkTGRVOUpscVdsdGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzQR+oVGe
uulClE9MfW6QfIFQlTw3m4AL32ESfOZn7BHwyFnhzZN+OXOae38K4Hd0eCl2Vw7A
KR8gxpcHIa+pouxbOrrqtQHJTb+GaPeV1zVkennqfU4cHFKTuXaNkPDW0KYxfXRp
zuHYOBDkTxRr1YUbJiIjHrm3NukK+pKPij8mijJOCKS0LLYBkFc0GNIfC/ULrpNp
GQhwX2kUyH82X7JbZmeyjrADN3FbDcqCRhyHkLFH1U70P7v1l9+DqqZbGFnCTdj3
K4ZDZdUCR5uYivCZ3sNQ8u3xtaDw/DL4mk5NYrkz8xbZQuaWooq8UQS42Z2rLHi4
IjIvP6AShvwdeg==
-----END CERTIFICATE-----