Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          EHQwIy6ayAFHyacfInAQ6nIY1hxGSWKsKHNsjSt0bSc=
Subject key identifier:   C6:34:D5:4F:7E:58:59:40:61:4A:3D:AE:AB:23:DC:A3:30:30:6C:AE
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       0197B6A0FB94F339C3822D01179028D82CE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          1052
Signing time:             Sat 28 Jun 2025 13:01:32 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:32 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:32 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: U4L99XRoLHhRjXAQs/r595iajTE7J3Dk3JFCugk2p7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:fb:94:f3:39:c3:82:2d:01:17:90:28:d8:2c:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Jun 28 13:01:32 2025 GMT
            Not After : Jun 29 13:01:32 2025 GMT
        Subject: CN=c634d54f7e585940614a3daeab23dca330306cae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:79:2b:46:e9:90:61:76:80:1d:53:9f:a9:d9:
                    e4:76:57:d5:77:97:bb:fa:3d:a0:ff:de:39:fb:9c:
                    cc:e5:88:2b:cc:c0:2c:d3:8e:9c:41:df:1c:ba:6d:
                    67:71:6f:b2:fe:0b:00:a9:f6:68:81:e6:31:fb:a6:
                    b4:06:22:d7:fd:51:51:7d:00:07:4e:fc:cc:fb:8b:
                    32:1e:95:6e:74:47:63:d3:a0:68:bc:18:bb:30:e8:
                    5b:6e:ca:1f:88:56:a3:1c:b9:77:16:29:f4:60:7b:
                    cf:18:fa:f2:2d:c7:3a:c8:35:ec:68:04:5f:7e:47:
                    70:06:0b:90:fc:2a:60:5a:a6:46:05:c2:52:cb:cb:
                    21:1a:1c:47:a5:5c:a8:8a:07:22:5e:a1:8f:7c:fd:
                    03:f8:b6:d5:21:37:e2:77:ed:88:cb:5b:0a:0a:07:
                    52:fe:42:62:76:95:a9:43:72:61:a1:14:ea:b3:9d:
                    cf:46:a0:fb:eb:4c:5e:a6:1c:5d:6f:53:53:7c:99:
                    2b:12:84:f5:73:77:9e:2e:3e:3f:ff:d0:d0:f3:32:
                    98:96:f8:de:bd:5b:93:b3:24:03:f5:8d:d1:67:91:
                    84:48:34:19:81:b5:b4:41:5a:33:47:37:dd:1c:f5:
                    df:e1:45:2f:31:cd:c0:5a:ab:bb:10:52:1d:51:29:
                    c1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:34:D5:4F:7E:58:59:40:61:4A:3D:AE:AB:23:DC:A3:30:30:6C:AE
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:cd:c9:35:84:01:4a:3b:19:ac:29:dc:ec:32:b3:52:de:c3:
         a5:86:e7:eb:27:af:d9:9f:e1:13:53:f5:10:c2:a9:cb:35:b4:
         ef:0c:66:74:f9:90:81:56:92:25:44:c5:fa:9b:25:20:56:7a:
         91:a0:af:7c:2c:ae:5e:03:5c:44:a5:6b:b1:25:fe:db:7b:9b:
         a8:a4:72:b1:04:62:ff:1a:f4:2c:41:ef:2c:e2:f6:a0:96:56:
         f3:14:32:19:b4:ef:b2:c1:de:bf:61:6f:65:bd:ec:b8:bd:de:
         1a:d8:b1:0c:c3:eb:65:5f:b9:ea:02:5f:a6:e7:bf:32:4f:90:
         a1:d4:36:38:ba:34:37:63:2c:fa:45:08:5d:1b:6e:66:9d:bf:
         e4:01:29:03:10:ef:77:f5:a2:3f:06:7e:73:65:d5:f7:34:46:
         3e:00:b2:bb:42:b0:48:ac:8c:90:c5:47:56:91:3e:0c:8f:ae:
         4a:2f:f9:24:2a:69:8c:ac:2f:a2:c6:18:c7:b3:13:b8:52:21:
         8d:d4:49:3f:7f:ba:57:6f:93:5f:69:18:58:14:77:57:d7:9c:
         fa:d5:2c:fc:ff:80:2c:01:24:1c:e1:51:f0:db:da:bd:0d:f2:
         70:68:a9:c8:af:9a:61:c6:76:14:11:57:7e:9f:81:03:7c:a4:
         9b:44:8f:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oPuU8znDgi0BF5Ao2CzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjUwNjI4MTMwMTMyWhcNMjUwNjI5MTMwMTMyWjAzMTEwLwYDVQQD
EyhjNjM0ZDU0ZjdlNTg1OTQwNjE0YTNkYWVhYjIzZGNhMzMwMzA2Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3krRumQYXaAHVOfqdnkdlfVd5e7
+j2g/945+5zM5YgrzMAs046cQd8cum1ncW+y/gsAqfZogeYx+6a0BiLX/VFRfQAH
TvzM+4syHpVudEdj06BovBi7MOhbbsofiFajHLl3Fin0YHvPGPryLcc6yDXsaARf
fkdwBguQ/CpgWqZGBcJSy8shGhxHpVyoigciXqGPfP0D+LbVITfid+2Iy1sKCgdS
/kJidpWpQ3JhoRTqs53PRqD760xephxdb1NTfJkrEoT1c3eeLj4//9DQ8zKYlvje
vVuTsyQD9Y3RZ5GESDQZgbW0QVozRzfdHPXf4UUvMc3AWqu7EFIdUSnBlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY01U9+WFlAYUo9rqsj3KMwMGyuMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkc3JNYQB
SjsZrCnc7DKzUt7DpYbn6yev2Z/hE1P1EMKpyzW07wxmdPmQgVaSJUTF+pslIFZ6
kaCvfCyuXgNcRKVrsSX+23ubqKRysQRi/xr0LEHvLOL2oJZW8xQyGbTvssHev2Fv
Zb3suL3eGtixDMPrZV+56gJfpue/Mk+QodQ2OLo0N2Ms+kUIXRtuZp2/5AEpAxDv
d/WiPwZ+c2XV9zRGPgCyu0KwSKyMkMVHVpE+DI+uSi/5JCppjKwvosYYx7MTuFIh
jdRJP3+6V2+TX2kYWBR3V9ec+tUs/P+ALAEkHOFR8NvavQ3ycGipyK+aYcZ2FBFX
fp+BA3ykm0SP9A==
-----END CERTIFICATE-----