Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          9n/I43nU/nOgJgXC7hWf78y3ZKWqWgypBaCi8rwd+P8=
Subject key identifier:   12:3B:58:7F:30:61:20:21:2C:C6:45:1D:CE:EC:43:8F:B7:45:7B:62
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       0197B6A0DA6F7E077A6057DE093F6C3F46A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          0DEB
Signing time:             Sat 28 Jun 2025 13:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:24 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: 7q363FOpQQ1NFDKXoTxOG3AZ7336cIKrHUzpKw+mS90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:da:6f:7e:07:7a:60:57:de:09:3f:6c:3f:46:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Jun 28 13:01:24 2025 GMT
            Not After : Jun 29 13:01:24 2025 GMT
        Subject: CN=123b587f306120212cc6451dceec438fb7457b62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:23:4d:65:a9:13:41:f3:b2:e9:a1:9d:14:9e:
                    79:d2:35:3a:ab:91:6e:e0:08:1a:9c:d7:19:d3:21:
                    23:11:d3:7e:1a:17:50:3d:91:65:ae:0e:84:4f:9c:
                    a2:42:07:c4:3a:c9:04:c7:5d:db:58:fe:aa:78:27:
                    97:5b:48:1c:77:01:f4:1e:a7:97:a5:d9:d4:e3:0b:
                    43:1e:85:e4:16:88:af:30:94:0a:d4:f2:ed:d7:e0:
                    7a:ba:f0:c0:c6:51:34:bb:6a:4c:69:ab:b2:59:38:
                    76:a8:3f:9f:bc:f8:92:0b:b7:ab:40:0d:19:90:c9:
                    98:cf:00:af:0a:18:7c:a8:ce:39:81:28:fc:ff:5f:
                    4d:bb:19:c7:2a:ed:8e:b0:16:13:3a:90:db:6b:64:
                    df:9b:bb:03:dc:51:71:de:fd:5d:74:5d:54:9e:91:
                    0f:0b:64:33:7f:a1:cf:ee:9f:42:76:13:b8:53:96:
                    a8:d3:38:bb:a4:fa:b5:68:51:df:ca:bf:89:05:58:
                    87:67:17:30:f1:16:c0:b2:d1:31:0e:95:fd:17:ec:
                    0b:f5:c0:83:e1:d7:41:9f:23:de:cf:ce:33:0d:c1:
                    dd:14:52:fe:07:0d:d6:6e:67:19:e6:91:eb:2a:16:
                    d0:a5:e3:4d:be:c0:9c:28:10:fa:07:24:92:fc:cf:
                    f2:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:3B:58:7F:30:61:20:21:2C:C6:45:1D:CE:EC:43:8F:B7:45:7B:62
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:05:8a:b8:19:72:11:f1:e9:58:d8:86:c1:e7:df:c7:2a:34:
         05:f7:18:6f:b2:28:5d:29:40:ba:7b:a3:b9:77:19:e7:f2:ef:
         22:79:8a:0e:39:d4:56:9a:9d:6c:68:f6:fa:a1:ed:0b:e2:9b:
         e2:e4:bb:ef:4f:98:a4:5e:b7:88:d1:e3:45:ac:a6:98:a8:bb:
         ea:08:2e:99:0a:d2:7f:2b:83:f3:8b:84:0b:e1:6b:68:f9:5d:
         54:0e:fd:ff:0e:59:b4:9f:9b:98:50:05:93:ed:5a:fb:20:d6:
         68:fb:50:b4:cd:29:7d:de:8e:e8:56:c2:76:af:11:3b:81:08:
         04:a2:99:de:b8:7c:49:99:bd:a8:8a:ef:ce:03:4c:44:87:14:
         b1:89:3e:fe:5a:85:9c:c5:d1:b8:ef:45:a3:9b:76:f3:a2:4c:
         53:24:55:c1:b5:ca:6f:2d:61:6d:34:2d:ac:0c:81:9e:32:fb:
         4c:0c:bd:37:de:5c:55:98:d1:91:f9:23:7c:53:02:3a:03:56:
         d1:3d:b1:02:7f:82:60:23:de:72:f2:79:e0:3f:3f:8d:f4:00:
         36:a1:0f:13:9c:1e:24:e0:b0:37:55:cd:f6:55:1e:70:13:f3:
         dd:34:60:c1:e9:d0:61:6d:6d:6a:8e:14:f0:06:1c:5d:5b:f6:
         20:6c:e8:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oNpvfgd6YFfeCT9sP0aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjUwNjI4MTMwMTI0WhcNMjUwNjI5MTMwMTI0WjAzMTEwLwYDVQQD
EygxMjNiNTg3ZjMwNjEyMDIxMmNjNjQ1MWRjZWVjNDM4ZmI3NDU3YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyNNZakTQfOy6aGdFJ550jU6q5Fu
4AganNcZ0yEjEdN+GhdQPZFlrg6ET5yiQgfEOskEx13bWP6qeCeXW0gcdwH0HqeX
pdnU4wtDHoXkFoivMJQK1PLt1+B6uvDAxlE0u2pMaauyWTh2qD+fvPiSC7erQA0Z
kMmYzwCvChh8qM45gSj8/19NuxnHKu2OsBYTOpDba2Tfm7sD3FFx3v1ddF1UnpEP
C2Qzf6HP7p9CdhO4U5ao0zi7pPq1aFHfyr+JBViHZxcw8RbAstExDpX9F+wL9cCD
4ddBnyPez84zDcHdFFL+Bw3WbmcZ5pHrKhbQpeNNvsCcKBD6BySS/M/yhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBI7WH8wYSAhLMZFHc7sQ4+3RXtiMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwWKuBly
EfHpWNiGweffxyo0BfcYb7IoXSlAunujuXcZ5/LvInmKDjnUVpqdbGj2+qHtC+Kb
4uS770+YpF63iNHjRaymmKi76ggumQrSfyuD84uEC+FraPldVA79/w5ZtJ+bmFAF
k+1a+yDWaPtQtM0pfd6O6FbCdq8RO4EIBKKZ3rh8SZm9qIrvzgNMRIcUsYk+/lqF
nMXRuO9Fo5t286JMUyRVwbXKby1hbTQtrAyBnjL7TAy9N95cVZjRkfkjfFMCOgNW
0T2xAn+CYCPecvJ54D8/jfQANqEPE5weJOCwN1XN9lUecBPz3TRgwenQYW1tao4U
8AYcXVv2IGzoRA==
-----END CERTIFICATE-----