Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
File:                     DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft (raw, json)
Hash identifier:          TUP1vJXAIm2tCkk5t1Mh9WqJ4huIozWt0L4UnctP5Qs=
Subject key identifier:   FC:7F:68:C8:39:44:78:D4:80:28:68:A4:6A:4F:D0:FD:15:32:16:96
Authority key identifier: 0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B
Certificate issuer:       /CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
Certificate serial:       0197B77CABA31A233A4C97C2D17BB59C75E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
Manifest number:          1290
Signing time:             Sat 28 Jun 2025 17:01:30 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:30 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:30 +0000
Files and hashes:         1: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl (hash: RtmxfhixGwLua4EZf1z1e4+tdjKkYGRpImueYpdU6rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:ab:a3:1a:23:3a:4c:97:c2:d1:7b:b5:9c:75:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
        Validity
            Not Before: Jun 28 17:01:30 2025 GMT
            Not After : Jun 29 17:01:30 2025 GMT
        Subject: CN=fc7f68c8394478d4802868a46a4fd0fd15321696
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a0:6e:52:8c:9b:7a:7f:69:8c:a0:44:4c:fa:
                    1b:57:db:f1:95:32:5a:b0:12:46:c5:ff:e3:a7:ae:
                    e3:28:77:4d:12:92:92:3d:cd:6f:62:6a:a3:22:fd:
                    af:be:82:da:5a:ec:59:29:05:19:b0:b3:b1:cc:8e:
                    03:86:1f:d5:c0:45:e9:8f:f9:6a:81:3a:45:dd:b3:
                    e9:ee:2f:73:bb:c3:fa:b8:b4:b4:49:4b:aa:69:a4:
                    f4:d8:f6:84:9b:84:0b:e6:9a:cb:f0:f8:62:92:ff:
                    6a:d1:ac:a1:21:d2:f9:2c:f9:ba:d4:f8:e6:90:5d:
                    f8:17:9d:7e:6d:86:cf:71:94:cd:6f:d9:47:89:e5:
                    35:25:84:f5:87:58:9d:50:3f:18:f2:aa:a9:c9:c7:
                    98:fe:85:af:af:97:f2:b5:df:5f:11:ef:1d:b5:6e:
                    a3:d4:65:ae:4f:21:6f:14:bd:bf:9a:f4:a1:4d:f5:
                    81:cd:e4:a8:16:73:93:42:51:af:c6:05:a5:dd:c2:
                    ec:80:64:f6:67:04:35:44:57:6e:0a:c8:ba:ba:e1:
                    c6:74:d5:42:bf:aa:a7:10:47:c6:ac:36:d7:83:6a:
                    aa:71:1e:0e:ce:41:f6:2e:47:45:e5:18:ce:87:62:
                    81:c5:ad:47:6e:52:2b:15:41:99:dc:0b:1a:9d:18:
                    95:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:7F:68:C8:39:44:78:D4:80:28:68:A4:6A:4F:D0:FD:15:32:16:96
            X509v3 Authority Key Identifier:
                keyid:0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:59:c3:28:aa:ca:fe:25:3a:b2:73:42:56:a8:24:87:e4:d9:
         2e:23:62:49:b4:34:73:2a:62:29:2d:27:3d:05:82:13:21:d4:
         f2:ca:7d:bf:cf:81:1e:59:5a:58:62:ec:bb:86:40:ea:c9:9b:
         ff:7e:49:00:3d:13:ee:a3:6b:36:6c:d0:f7:8c:5a:ba:01:a3:
         15:c4:7a:7f:c0:b3:03:08:91:65:a1:12:be:ca:9f:da:58:1e:
         35:ce:65:79:6f:10:24:2b:6c:ac:c5:17:48:61:36:9f:16:03:
         d8:6a:a2:6d:bd:12:11:0a:8b:b6:93:1c:bc:fd:58:6b:51:ff:
         f1:1b:0e:1f:50:b8:3a:7f:71:42:92:41:06:2e:7d:86:54:21:
         e2:dc:3a:4a:b1:e8:86:10:da:b8:2a:d2:4f:5e:a0:b0:b0:ce:
         36:f5:e7:66:bd:67:7c:6e:40:12:eb:1f:1a:8a:cf:52:f8:cf:
         91:a1:6b:a9:b5:2a:6e:68:6a:7a:52:e7:e8:97:22:77:87:c9:
         3d:2f:6f:65:82:4b:d2:6f:66:44:75:6e:85:c4:52:c3:7d:8a:
         a9:8c:31:c7:17:b4:80:ad:76:8f:20:6f:25:07:8a:fa:48:5f:
         bb:d7:d5:31:48:24:8e:5d:20:96:8a:46:b7:92:99:23:6f:66:
         2f:77:4e:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fKujGiM6TJfC0Xu1nHXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNGYwYjlhNWZlMDM4OWZhZGNiYmZiMWZhMWM0MGM0YTRi
YTBkMmIwHhcNMjUwNjI4MTcwMTMwWhcNMjUwNjI5MTcwMTMwWjAzMTEwLwYDVQQD
EyhmYzdmNjhjODM5NDQ3OGQ0ODAyODY4YTQ2YTRmZDBmZDE1MzIxNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16BuUoyben9pjKBETPobV9vxlTJa
sBJGxf/jp67jKHdNEpKSPc1vYmqjIv2vvoLaWuxZKQUZsLOxzI4Dhh/VwEXpj/lq
gTpF3bPp7i9zu8P6uLS0SUuqaaT02PaEm4QL5prL8Phikv9q0ayhIdL5LPm61Pjm
kF34F51+bYbPcZTNb9lHieU1JYT1h1idUD8Y8qqpyceY/oWvr5fytd9fEe8dtW6j
1GWuTyFvFL2/mvShTfWBzeSoFnOTQlGvxgWl3cLsgGT2ZwQ1RFduCsi6uuHGdNVC
v6qnEEfGrDbXg2qqcR4OzkH2LkdF5RjOh2KBxa1HblIrFUGZ3AsanRiVAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPx/aMg5RHjUgChopGpP0P0VMhaWMB8GA1UdIwQY
MBaAFAxPC5pf4Difrcu/sfocQMSkug0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMt
ZjYwNmFjZTRhY2MyLzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMtZjYwNmFjZTRhY2My
LzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiFnDKKrK
/iU6snNCVqgkh+TZLiNiSbQ0cypiKS0nPQWCEyHU8sp9v8+BHllaWGLsu4ZA6smb
/35JAD0T7qNrNmzQ94xaugGjFcR6f8CzAwiRZaESvsqf2lgeNc5leW8QJCtsrMUX
SGE2nxYD2Gqibb0SEQqLtpMcvP1Ya1H/8RsOH1C4On9xQpJBBi59hlQh4tw6SrHo
hhDauCrST16gsLDONvXnZr1nfG5AEusfGorPUvjPkaFrqbUqbmhqelLn6Jcid4fJ
PS9vZYJL0m9mRHVuhcRSw32KqYwxxxe0gK12jyBvJQeK+khfu9fVMUgkjl0glopG
t5KZI29mL3dOBw==
-----END CERTIFICATE-----