Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.mft
File:                     T6iT4zqCH_ZtOPDrzkmRHzpflk4.mft (raw, json)
Hash identifier:          sPsOhnsTm/GfZ+mbkM0vdTrFRjmohnd6++78SDfBrBg=
Subject key identifier:   7C:03:73:98:AD:05:A6:C6:8B:74:FF:10:99:EC:5C:13:53:CA:D5:BE
Authority key identifier: 4F:A8:93:E3:3A:82:1F:F6:6D:38:F0:EB:CE:49:91:1F:3A:5F:96:4E
Certificate issuer:       /CN=4fa893e33a821ff66d38f0ebce49911f3a5f964e
Certificate serial:       0197B77CA1CC22131A49084D4C026610F36E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T6iT4zqCH_ZtOPDrzkmRHzpflk4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 17:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:27 +0000
Files and hashes:         1: T6iT4zqCH_ZtOPDrzkmRHzpflk4.crl (hash: t+IPnOJiSKDQ+lkVu4QCiK1D8/7hy90B494nYWWh6D8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T6iT4zqCH_ZtOPDrzkmRHzpflk4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:a1:cc:22:13:1a:49:08:4d:4c:02:66:10:f3:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fa893e33a821ff66d38f0ebce49911f3a5f964e
        Validity
            Not Before: Jun 28 17:01:27 2025 GMT
            Not After : Jun 29 17:01:27 2025 GMT
        Subject: CN=7c037398ad05a6c68b74ff1099ec5c1353cad5be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c8:b2:39:a7:1a:cc:27:26:c8:a1:ca:a5:f6:
                    b3:f4:e2:dd:82:02:93:7a:39:cd:10:61:72:3e:36:
                    52:73:1b:7b:5b:ba:78:cb:36:bf:ad:86:1c:48:d1:
                    42:76:2a:3a:72:f7:65:0c:b8:26:12:b3:6c:5d:a0:
                    d2:2c:72:63:4d:b3:a5:b4:fb:3c:6b:3c:53:1b:d6:
                    6e:b9:ec:5b:c4:03:1d:49:48:74:77:e6:7d:b1:30:
                    f8:58:fe:09:33:70:00:dc:8b:24:af:27:26:39:72:
                    03:55:c9:25:08:35:5f:13:46:4f:cb:d1:3b:01:9b:
                    fd:c2:ea:69:30:8a:64:77:ac:c7:21:16:ae:3f:05:
                    aa:1b:75:e5:f6:ca:39:03:b6:04:88:9e:f3:5d:0a:
                    74:7a:c7:71:8c:48:58:fc:94:51:74:2e:4a:1f:c0:
                    3e:68:f6:d4:66:9e:b7:50:c8:2a:17:f8:b7:c1:52:
                    42:20:92:69:b6:8a:cb:aa:6d:c4:a3:3b:fc:44:37:
                    d9:41:e6:f2:66:ed:21:c0:c5:2e:43:d5:77:56:e4:
                    2f:5d:72:bf:a9:8f:ba:49:bc:14:8b:eb:3f:8b:e7:
                    d9:74:64:b2:16:1f:a0:71:54:44:3a:b4:0e:79:12:
                    b3:0d:ed:46:27:87:84:4d:f8:26:62:35:eb:bd:7e:
                    c5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:03:73:98:AD:05:A6:C6:8B:74:FF:10:99:EC:5C:13:53:CA:D5:BE
            X509v3 Authority Key Identifier:
                keyid:4F:A8:93:E3:3A:82:1F:F6:6D:38:F0:EB:CE:49:91:1F:3A:5F:96:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6iT4zqCH_ZtOPDrzkmRHzpflk4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/b85caf-f20e-4b67-98a0-ff7f48f93f01/1/T6iT4zqCH_ZtOPDrzkmRHzpflk4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:c2:4a:2c:a8:ba:16:33:d9:96:86:83:45:a7:22:45:8c:18:
         20:73:5a:e4:5d:84:82:1f:e4:f3:04:af:85:47:e4:ee:03:95:
         66:af:86:37:0d:7f:1b:56:16:5b:7b:57:4b:7b:fc:10:87:47:
         cf:3a:5e:24:04:e6:95:2b:17:6a:99:49:b4:42:28:11:a0:65:
         4a:38:17:28:4d:ad:78:5d:15:71:01:e8:90:dd:81:1e:e2:ad:
         60:8e:36:89:9c:8e:49:3a:22:8c:e8:61:5a:db:c6:9b:95:be:
         cf:94:e5:21:e3:30:0e:f9:e6:a7:42:f0:ad:a0:fc:fa:ee:e2:
         44:25:82:24:ce:3f:06:dc:b1:14:ff:b0:e2:5a:e0:cc:36:79:
         97:fa:d4:f0:5f:5d:a7:96:f2:ef:03:84:db:16:5a:7b:20:7c:
         49:b1:e6:a5:3a:8b:90:83:57:ed:69:fe:41:8d:5f:93:3e:ba:
         cd:c3:46:3d:b8:3e:c6:8e:75:14:e3:4f:b2:b6:6c:d9:02:43:
         48:53:4d:e5:96:15:db:59:38:10:b8:52:3d:ed:d4:88:3c:b9:
         fe:ab:cb:8a:71:65:66:c3:5d:a4:c1:4a:12:3d:5a:25:2b:84:
         bf:b9:50:f5:46:c7:a1:28:45:28:49:e8:b3:88:83:eb:3d:0f:
         92:06:2e:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fKHMIhMaSQhNTAJmEPNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYTg5M2UzM2E4MjFmZjY2ZDM4ZjBlYmNlNDk5MTFmM2E1
Zjk2NGUwHhcNMjUwNjI4MTcwMTI3WhcNMjUwNjI5MTcwMTI3WjAzMTEwLwYDVQQD
Eyg3YzAzNzM5OGFkMDVhNmM2OGI3NGZmMTA5OWVjNWMxMzUzY2FkNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMiyOacazCcmyKHKpfaz9OLdggKT
ejnNEGFyPjZScxt7W7p4yza/rYYcSNFCdio6cvdlDLgmErNsXaDSLHJjTbOltPs8
azxTG9ZuuexbxAMdSUh0d+Z9sTD4WP4JM3AA3IskrycmOXIDVcklCDVfE0ZPy9E7
AZv9wuppMIpkd6zHIRauPwWqG3Xl9so5A7YEiJ7zXQp0esdxjEhY/JRRdC5KH8A+
aPbUZp63UMgqF/i3wVJCIJJptorLqm3Eozv8RDfZQebyZu0hwMUuQ9V3VuQvXXK/
qY+6SbwUi+s/i+fZdGSyFh+gcVREOrQOeRKzDe1GJ4eETfgmYjXrvX7FGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwDc5itBabGi3T/EJnsXBNTytW+MB8GA1UdIwQY
MBaAFE+ok+M6gh/2bTjw685JkR86X5ZOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDZpVDR6cUNIX1p0T1BEcnprbVJIenBmbGs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iODVjYWYtZjIwZS00YjY3LTk4YTAt
ZmY3ZjQ4ZjkzZjAxLzEvVDZpVDR6cUNIX1p0T1BEcnprbVJIenBmbGs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iODVjYWYtZjIwZS00YjY3LTk4YTAtZmY3ZjQ4ZjkzZjAx
LzEvVDZpVDR6cUNIX1p0T1BEcnprbVJIenBmbGs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIsJKLKi6
FjPZloaDRaciRYwYIHNa5F2Egh/k8wSvhUfk7gOVZq+GNw1/G1YWW3tXS3v8EIdH
zzpeJATmlSsXaplJtEIoEaBlSjgXKE2teF0VcQHokN2BHuKtYI42iZyOSToijOhh
WtvGm5W+z5TlIeMwDvnmp0LwraD8+u7iRCWCJM4/BtyxFP+w4lrgzDZ5l/rU8F9d
p5by7wOE2xZaeyB8SbHmpTqLkINX7Wn+QY1fkz66zcNGPbg+xo51FONPsrZs2QJD
SFNN5ZYV21k4ELhSPe3UiDy5/qvLinFlZsNdpMFKEj1aJSuEv7lQ9UbHoShFKEno
s4iD6z0PkgYuBg==
-----END CERTIFICATE-----