Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          IiwLepbwjx0S9BTg+D4TtO9fBRBACxTJybxWeugyxWY=
Subject key identifier:   35:63:2E:61:BB:89:AA:D9:E2:37:94:F1:7A:19:39:FD:89:FF:DC:C2
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       0197B70EC7A74577146D451828FFE2BD0315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0707
Signing time:             Sat 28 Jun 2025 15:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:28 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: cMvi9oaiM2tfZF5+nxbF8SjmtUnMEeo4jyqMBWfoLy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:c7:a7:45:77:14:6d:45:18:28:ff:e2:bd:03:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Jun 28 15:01:28 2025 GMT
            Not After : Jun 29 15:01:28 2025 GMT
        Subject: CN=35632e61bb89aad9e23794f17a1939fd89ffdcc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:96:8f:c2:cd:bc:d1:83:d7:89:65:75:64:d2:
                    3a:10:87:02:f6:e6:d1:b6:f7:96:be:0d:82:0c:10:
                    f2:88:0c:1e:64:df:4a:2f:6d:70:bc:4d:29:59:64:
                    58:fd:c8:70:14:0a:3e:a0:a2:e1:7d:be:de:ff:43:
                    18:4b:6a:e2:82:0b:0f:22:a8:94:f2:87:f4:91:98:
                    59:ad:5c:12:7f:47:0f:52:c4:f9:8a:a8:06:fd:97:
                    15:93:cb:70:63:42:55:fe:96:82:11:09:b2:d7:86:
                    b1:de:da:17:24:f2:c6:76:9b:ae:e6:0e:f7:94:68:
                    a4:33:35:91:50:b0:87:70:a1:df:99:88:9d:54:fb:
                    34:c5:c0:bb:65:3a:c8:0f:21:72:cd:5d:7a:6c:5b:
                    2d:b7:82:af:ad:4c:b7:ad:6c:7c:ad:27:7c:59:2b:
                    d3:55:25:16:af:71:a5:4f:af:06:1b:4c:a7:64:3a:
                    87:67:ca:04:57:85:e9:ad:73:d1:28:87:27:3b:e6:
                    35:ac:9b:85:23:5e:2b:4c:c6:64:23:96:2f:4d:b6:
                    d5:3e:bf:d7:ac:24:0a:23:5a:79:14:c4:da:d5:ff:
                    58:65:ae:67:6f:40:31:46:ea:72:38:1e:44:5f:54:
                    c6:1e:d8:f1:c6:0b:cf:78:7e:d5:da:30:57:e3:58:
                    69:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:63:2E:61:BB:89:AA:D9:E2:37:94:F1:7A:19:39:FD:89:FF:DC:C2
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:b4:0b:3e:fb:00:12:d5:3b:f5:84:28:0c:ca:e0:e9:f6:48:
         c9:e3:1e:55:8e:95:32:92:10:fe:b5:9d:58:06:fb:13:a4:12:
         71:f1:6b:76:61:f0:05:eb:5c:0d:07:0e:d0:1e:d7:a1:e2:de:
         1c:7e:35:b4:44:6a:97:5c:f1:18:3a:0b:39:74:fb:b4:25:57:
         4c:d1:ff:8d:db:38:75:b5:a7:59:18:06:65:df:de:2f:59:95:
         fe:46:60:13:04:74:af:1d:f8:f7:22:53:a2:b7:59:0c:a1:ee:
         4c:34:04:2d:5a:5f:0a:76:f2:6f:8d:c9:72:3a:25:6c:35:35:
         8b:f1:70:56:82:f0:e7:65:5d:a8:87:16:7b:5c:44:a5:9a:ba:
         41:a0:4f:58:aa:17:c5:c2:24:33:e6:76:8b:0c:c0:23:aa:c2:
         d7:89:04:69:1f:13:2d:ab:42:5a:ed:b0:05:9f:2f:ac:25:3a:
         c5:de:ec:81:da:d4:22:dd:7e:00:e3:e6:5f:d5:63:b0:d5:4b:
         57:cb:e2:d4:8b:49:5b:48:26:9f:9c:45:b1:f1:e5:27:ef:72:
         b9:37:24:45:73:e4:0e:bc:07:1e:a3:3d:57:5e:00:7a:c4:98:
         15:14:8c:2b:09:c0:56:b0:9e:09:0b:ae:f1:36:6f:d8:fa:8c:
         3f:da:40:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DsenRXcUbUUYKP/ivQMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUwNjI4MTUwMTI4WhcNMjUwNjI5MTUwMTI4WjAzMTEwLwYDVQQD
EygzNTYzMmU2MWJiODlhYWQ5ZTIzNzk0ZjE3YTE5MzlmZDg5ZmZkY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JaPws280YPXiWV1ZNI6EIcC9ubR
tveWvg2CDBDyiAweZN9KL21wvE0pWWRY/chwFAo+oKLhfb7e/0MYS2riggsPIqiU
8of0kZhZrVwSf0cPUsT5iqgG/ZcVk8twY0JV/paCEQmy14ax3toXJPLGdpuu5g73
lGikMzWRULCHcKHfmYidVPs0xcC7ZTrIDyFyzV16bFstt4KvrUy3rWx8rSd8WSvT
VSUWr3GlT68GG0ynZDqHZ8oEV4XprXPRKIcnO+Y1rJuFI14rTMZkI5YvTbbVPr/X
rCQKI1p5FMTa1f9YZa5nb0AxRupyOB5EX1TGHtjxxgvPeH7V2jBX41hp0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVjLmG7iarZ4jeU8XoZOf2J/9zCMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbQLPvsA
EtU79YQoDMrg6fZIyeMeVY6VMpIQ/rWdWAb7E6QScfFrdmHwBetcDQcO0B7XoeLe
HH41tERql1zxGDoLOXT7tCVXTNH/jds4dbWnWRgGZd/eL1mV/kZgEwR0rx349yJT
ordZDKHuTDQELVpfCnbyb43JcjolbDU1i/FwVoLw52VdqIcWe1xEpZq6QaBPWKoX
xcIkM+Z2iwzAI6rC14kEaR8TLatCWu2wBZ8vrCU6xd7sgdrUIt1+AOPmX9VjsNVL
V8vi1ItJW0gmn5xFsfHlJ+9yuTckRXPkDrwHHqM9V14AesSYFRSMKwnAVrCeCQuu
8TZv2PqMP9pA5A==
-----END CERTIFICATE-----