Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          xqxPcVZ65xwqWZZ0yEVQGZeHBA8hzgS+tc2iGM8/Czo=
Subject key identifier:   34:C2:55:87:3F:F7:A1:66:A2:1C:6B:64:A3:57:44:F0:83:A7:04:79
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       0197B6A1D02B2C2292D882CCCD8208117FAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:02:27 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:27 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:27 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: XMo1gNcgtBCedefdPiW2wEoQhgMGi5EiW10qZbGYk3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:d0:2b:2c:22:92:d8:82:cc:cd:82:08:11:7f:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Jun 28 13:02:27 2025 GMT
            Not After : Jun 29 13:02:27 2025 GMT
        Subject: CN=34c255873ff7a166a21c6b64a35744f083a70479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4d:a5:37:bb:7a:85:7c:2b:70:1b:01:90:09:
                    46:0c:d5:88:2e:0c:7e:4f:04:cc:c5:a2:e7:06:91:
                    69:c6:80:7e:cb:59:90:a3:63:94:ba:04:da:0d:0a:
                    47:b3:f1:af:28:1a:6e:84:37:e9:d0:d4:4b:a3:6e:
                    53:63:0d:bf:cb:7e:65:a8:d9:ae:23:9c:f0:6a:4c:
                    cd:86:79:61:04:c0:5d:7b:ab:d9:dd:32:44:07:6b:
                    4a:f5:8f:49:57:47:03:2e:08:da:fa:56:14:b0:19:
                    39:b0:5e:fe:52:48:7c:67:f0:d4:34:cd:f0:b2:d0:
                    7e:be:25:a8:02:54:14:7c:9a:02:d9:2b:05:c9:be:
                    e0:8f:33:f9:54:7c:e7:2b:2a:4f:4b:8b:2e:66:4c:
                    7b:1b:7e:e5:aa:5a:b4:a7:94:ba:d3:c1:96:76:c1:
                    4c:27:70:10:e1:62:41:bc:d7:3a:b5:eb:6a:c8:8b:
                    ad:81:48:35:c5:ef:e0:54:bf:63:b8:c1:08:b2:62:
                    53:1b:0f:64:4a:15:f4:6c:cf:df:dc:52:37:43:dd:
                    07:57:dc:aa:47:0d:9e:e7:56:c5:d1:11:2f:e8:fe:
                    db:c5:1b:0b:1a:65:39:f6:bb:74:89:2a:84:d1:1a:
                    1a:4d:e3:01:e2:df:6c:89:64:74:1d:8d:33:57:81:
                    f7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:C2:55:87:3F:F7:A1:66:A2:1C:6B:64:A3:57:44:F0:83:A7:04:79
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:95:37:f0:7f:62:d7:93:c1:df:af:0b:d1:23:ed:81:b2:59:
         0b:38:cf:81:ea:f5:b5:94:d4:35:99:dd:bd:2a:66:89:ff:80:
         ab:1c:c4:ab:ad:8b:79:13:17:97:ee:30:e4:76:2c:ff:08:ab:
         70:83:53:45:87:3f:ff:5f:91:d5:aa:57:ea:8c:24:12:3c:89:
         32:f6:c0:23:7c:80:a0:c1:a4:4a:80:14:5e:a2:31:5a:14:be:
         26:c2:14:8b:09:67:e6:fe:61:81:2b:62:10:a0:88:79:94:04:
         08:b7:dc:e0:79:49:89:cf:d8:ef:c4:94:ca:36:fc:93:f8:e8:
         98:b4:27:90:da:4e:c1:08:50:fd:a0:d3:60:1e:69:60:e3:08:
         dd:27:4f:ae:ff:c6:0f:5c:41:18:6c:45:bf:e1:3c:85:5f:eb:
         ce:b5:8e:b6:cc:79:9e:d4:53:8a:15:ec:04:f1:85:31:67:de:
         c3:aa:29:db:d2:61:a9:14:ae:eb:b5:ff:4e:e4:b6:2b:14:e5:
         4f:1e:35:44:3d:a8:d9:b3:62:dc:92:90:2f:4e:27:34:70:69:
         8e:2c:54:d6:74:c2:3d:0e:e1:fe:f3:70:03:c7:ad:2e:32:71:
         75:5a:79:38:74:f3:50:c7:89:d4:b3:e5:bf:6b:ca:f4:67:14:
         ec:f5:bb:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2odArLCKS2ILMzYIIEX+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjUwNjI4MTMwMjI3WhcNMjUwNjI5MTMwMjI3WjAzMTEwLwYDVQQD
EygzNGMyNTU4NzNmZjdhMTY2YTIxYzZiNjRhMzU3NDRmMDgzYTcwNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU2lN7t6hXwrcBsBkAlGDNWILgx+
TwTMxaLnBpFpxoB+y1mQo2OUugTaDQpHs/GvKBpuhDfp0NRLo25TYw2/y35lqNmu
I5zwakzNhnlhBMBde6vZ3TJEB2tK9Y9JV0cDLgja+lYUsBk5sF7+Ukh8Z/DUNM3w
stB+viWoAlQUfJoC2SsFyb7gjzP5VHznKypPS4suZkx7G37lqlq0p5S608GWdsFM
J3AQ4WJBvNc6tetqyIutgUg1xe/gVL9juMEIsmJTGw9kShX0bM/f3FI3Q90HV9yq
Rw2e51bF0REv6P7bxRsLGmU59rt0iSqE0RoaTeMB4t9siWR0HY0zV4H34wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTCVYc/96FmohxrZKNXRPCDpwR5MB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5U38H9i
15PB368L0SPtgbJZCzjPger1tZTUNZndvSpmif+AqxzEq62LeRMXl+4w5HYs/wir
cINTRYc//1+R1apX6owkEjyJMvbAI3yAoMGkSoAUXqIxWhS+JsIUiwln5v5hgSti
EKCIeZQECLfc4HlJic/Y78SUyjb8k/jomLQnkNpOwQhQ/aDTYB5pYOMI3SdPrv/G
D1xBGGxFv+E8hV/rzrWOtsx5ntRTihXsBPGFMWfew6op29JhqRSu67X/TuS2KxTl
Tx41RD2o2bNi3JKQL04nNHBpjixU1nTCPQ7h/vNwA8etLjJxdVp5OHTzUMeJ1LPl
v2vK9GcU7PW7+g==
-----END CERTIFICATE-----