Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          r1SL6LRkkmPSNpzRztKysG/g/6QI0is8KoGiw0pRULE=
Subject key identifier:   B0:22:5D:4D:99:46:34:F3:C8:9A:0B:84:A9:F8:F2:BF:73:42:FB:78
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       0197B88ED37E3AC271CEE94680B746FC9410
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0C55
Signing time:             Sat 28 Jun 2025 22:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:57 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: IMRSAYMNmkh7LoyGA9z9AVqZTLYpCtlXZCbEG5fjkgE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:d3:7e:3a:c2:71:ce:e9:46:80:b7:46:fc:94:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Jun 28 22:00:57 2025 GMT
            Not After : Jun 29 22:00:57 2025 GMT
        Subject: CN=b0225d4d994634f3c89a0b84a9f8f2bf7342fb78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ee:8b:9c:89:61:5c:27:28:d8:2f:fe:f0:cf:
                    12:58:ea:12:d2:8f:42:ea:4a:0f:46:95:70:07:59:
                    9f:6b:23:f8:ae:f8:6f:b4:4c:02:1e:3d:ba:e9:6a:
                    4a:a6:89:4e:c3:b6:0f:30:c2:87:3f:c3:03:1e:8b:
                    c5:b7:16:2a:fb:2c:c6:49:77:98:7b:84:9b:11:6d:
                    ea:55:9e:4a:8c:83:9a:c0:bd:8f:1f:76:74:20:ff:
                    ea:e3:2f:de:0d:0c:71:a8:e2:cc:4c:09:6f:70:45:
                    79:1e:e2:a3:cd:66:3d:a6:b0:b4:d8:ed:51:07:e6:
                    fa:4b:20:a9:a8:8d:72:50:1b:d6:1f:3c:3b:ec:54:
                    7c:a6:dd:00:94:11:fa:13:d9:4b:d5:67:e0:01:de:
                    1b:ba:b7:13:97:2a:2a:a5:03:76:51:fd:3b:f3:ef:
                    81:a6:13:14:20:83:6b:09:f3:34:9e:4e:17:42:5e:
                    aa:64:e7:0f:4e:c6:d7:29:fb:4e:c5:d6:28:da:5c:
                    03:40:9e:5e:ab:68:82:92:da:ea:d0:79:20:37:8f:
                    2e:50:69:90:2b:a8:69:9a:20:95:2e:1e:4d:27:6f:
                    31:91:8f:6f:8d:c1:ef:c1:c7:df:99:be:45:32:cb:
                    32:8c:bd:89:7d:19:24:f0:37:86:f4:2f:9b:b9:a9:
                    0a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:22:5D:4D:99:46:34:F3:C8:9A:0B:84:A9:F8:F2:BF:73:42:FB:78
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:a3:2f:3c:ed:69:37:51:fd:73:20:ce:c9:5b:c6:71:7b:d3:
         71:10:b2:ea:a5:4e:83:3f:22:0d:00:77:22:16:ce:4e:af:f6:
         0e:04:cb:40:aa:b4:b8:fb:f9:d0:d8:bc:4b:06:39:f6:a8:aa:
         ed:87:2a:e1:b3:39:71:30:4c:bb:51:01:99:c7:49:e0:9f:15:
         3f:9c:0a:9a:cc:7c:ad:ed:c4:68:d5:cf:ed:ac:1e:99:a8:ae:
         66:3a:c8:19:4f:d5:22:56:1d:91:4e:ee:77:5b:45:6c:0a:af:
         0a:7a:2c:b8:24:cf:f7:02:1c:59:49:61:62:4f:2f:8b:82:4e:
         5f:ce:03:ee:d9:78:5d:f9:bc:c8:63:ee:b7:ee:ce:95:74:37:
         f6:0d:55:aa:33:1c:06:fa:b5:f1:50:d6:e8:c6:84:8c:19:d4:
         f6:29:44:e4:eb:94:7f:8d:b0:35:68:a0:4b:a1:04:f2:8e:e8:
         eb:8a:b5:a2:20:cc:37:ca:87:fa:d3:08:cb:ae:b6:c9:d3:e4:
         ff:8b:38:cf:c4:7e:4e:52:cd:27:6b:57:50:19:9a:b5:59:f3:
         20:f2:a1:ef:c0:13:c7:05:6d:44:26:e0:05:02:5c:40:43:54:
         c0:de:f8:4c:ee:ea:0b:12:8f:7a:14:81:c7:7b:61:b5:64:b6:
         63:ca:ba:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jtN+OsJxzulGgLdG/JQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUwNjI4MjIwMDU3WhcNMjUwNjI5MjIwMDU3WjAzMTEwLwYDVQQD
EyhiMDIyNWQ0ZDk5NDYzNGYzYzg5YTBiODRhOWY4ZjJiZjczNDJmYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue6LnIlhXCco2C/+8M8SWOoS0o9C
6koPRpVwB1mfayP4rvhvtEwCHj266WpKpolOw7YPMMKHP8MDHovFtxYq+yzGSXeY
e4SbEW3qVZ5KjIOawL2PH3Z0IP/q4y/eDQxxqOLMTAlvcEV5HuKjzWY9prC02O1R
B+b6SyCpqI1yUBvWHzw77FR8pt0AlBH6E9lL1WfgAd4burcTlyoqpQN2Uf078++B
phMUIINrCfM0nk4XQl6qZOcPTsbXKftOxdYo2lwDQJ5eq2iCktrq0HkgN48uUGmQ
K6hpmiCVLh5NJ28xkY9vjcHvwcffmb5FMssyjL2JfRkk8DeG9C+buakKrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAiXU2ZRjTzyJoLhKn48r9zQvt4MB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKMvPO1p
N1H9cyDOyVvGcXvTcRCy6qVOgz8iDQB3IhbOTq/2DgTLQKq0uPv50Ni8SwY59qiq
7Ycq4bM5cTBMu1EBmcdJ4J8VP5wKmsx8re3EaNXP7awemaiuZjrIGU/VIlYdkU7u
d1tFbAqvCnosuCTP9wIcWUlhYk8vi4JOX84D7tl4Xfm8yGPut+7OlXQ39g1VqjMc
Bvq18VDW6MaEjBnU9ilE5OuUf42wNWigS6EE8o7o64q1oiDMN8qH+tMIy662ydPk
/4s4z8R+TlLNJ2tXUBmatVnzIPKh78ATxwVtRCbgBQJcQENUwN74TO7qCxKPehSB
x3thtWS2Y8q6VQ==
-----END CERTIFICATE-----