Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
File:                     TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft (raw, json)
Hash identifier:          0JtMtqSzR3DSq8hpQX7Vaq8rwp9Ti9urpw514qiigVM=
Subject key identifier:   10:D8:8F:54:56:A4:91:63:80:D1:69:18:0C:02:D4:66:34:4F:B3:5A
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       0197B70E74295102B5A89A1186DFA428C853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
Manifest number:          1512
Signing time:             Sat 28 Jun 2025 15:01:07 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:07 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:07 +0000
Files and hashes:         1: TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl (hash: 140yCcqHp1pRxDcoAqkSPXDfPRIPX88Q1psXQcrvZVA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:74:29:51:02:b5:a8:9a:11:86:df:a4:28:c8:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Jun 28 15:01:07 2025 GMT
            Not After : Jun 29 15:01:07 2025 GMT
        Subject: CN=10d88f5456a4916380d169180c02d466344fb35a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:82:ba:e7:ff:34:81:32:63:ae:26:15:2f:52:
                    45:3b:58:5a:32:18:75:01:4b:e6:95:22:a7:72:3d:
                    cd:27:a1:34:68:77:d5:62:2d:0f:55:d9:c2:bb:91:
                    12:60:b1:fc:3d:e3:f2:e3:ca:95:c4:a7:19:db:d6:
                    18:4c:e5:85:b1:15:dd:80:03:35:a0:49:91:35:e6:
                    20:6a:92:2f:12:45:94:5c:36:12:ba:06:ec:3f:45:
                    1e:1e:da:c5:14:4d:1c:d3:7a:e4:24:67:f3:0a:a7:
                    6e:a4:11:c5:59:c3:87:1d:3f:81:d3:65:f6:8e:13:
                    19:58:51:6b:ee:07:c1:30:c2:09:39:29:96:01:59:
                    ee:55:3b:78:fd:64:1a:3d:34:60:9f:70:de:c2:fd:
                    d8:9b:81:00:42:95:cd:c1:e7:dc:7e:be:81:d9:36:
                    41:b0:c1:51:9d:bb:26:ee:01:db:45:44:e2:4f:28:
                    b0:1b:29:22:fa:9b:b7:2e:75:4c:a9:a1:ff:42:0c:
                    74:39:b7:19:4b:ac:eb:43:65:4d:c1:7e:38:19:30:
                    18:28:e4:41:2d:1c:65:f8:83:00:88:bb:c1:71:23:
                    2b:ca:94:6f:bd:fb:17:2e:88:2e:86:70:7a:c9:fa:
                    4b:18:25:72:42:17:a4:df:02:1b:36:e1:3c:ab:64:
                    76:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D8:8F:54:56:A4:91:63:80:D1:69:18:0C:02:D4:66:34:4F:B3:5A
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:99:dd:83:f8:08:dc:fd:dd:07:e7:9d:c8:21:41:e9:67:4d:
         53:1d:0a:90:64:74:66:59:c2:93:02:26:e1:af:e8:68:12:04:
         cb:60:0d:3f:9c:d2:c2:a9:98:a7:82:22:10:ec:39:08:88:e8:
         3e:58:00:9e:41:50:dd:e0:63:8b:06:9f:b3:d8:01:11:42:50:
         cd:78:4b:fb:13:e4:4c:83:7a:36:51:e4:fa:55:c2:59:e5:c0:
         16:13:a6:9d:96:4b:77:00:8c:a2:9c:c3:a9:3e:b3:ad:eb:ec:
         21:36:56:06:1a:d0:78:b8:7e:6c:a9:92:22:c6:a0:03:15:e6:
         4f:fc:72:b7:9b:e0:f1:49:09:99:1f:1e:80:34:5a:ad:c5:19:
         46:61:0b:b0:6e:75:d4:7e:96:a9:01:42:06:36:46:4c:fa:91:
         c3:8f:f2:38:1a:ce:ef:d9:95:1c:f7:f7:d1:65:87:2e:85:22:
         c1:8c:b5:4a:bd:11:f0:2f:42:db:57:e2:0d:b9:41:ef:35:26:
         e8:39:63:e5:fd:ba:cf:87:fd:90:d0:ef:35:8d:42:2c:7f:23:
         77:82:9d:70:01:58:c3:d9:17:64:1d:7f:fc:ac:d2:83:5c:4d:
         70:79:4b:91:11:07:ed:de:70:fc:a0:f9:31:cf:b2:65:a5:7f:
         3b:2c:c0:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DnQpUQK1qJoRht+kKMhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjUwNjI4MTUwMTA3WhcNMjUwNjI5MTUwMTA3WjAzMTEwLwYDVQQD
EygxMGQ4OGY1NDU2YTQ5MTYzODBkMTY5MTgwYzAyZDQ2NjM0NGZiMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIK65/80gTJjriYVL1JFO1haMhh1
AUvmlSKncj3NJ6E0aHfVYi0PVdnCu5ESYLH8PePy48qVxKcZ29YYTOWFsRXdgAM1
oEmRNeYgapIvEkWUXDYSugbsP0UeHtrFFE0c03rkJGfzCqdupBHFWcOHHT+B02X2
jhMZWFFr7gfBMMIJOSmWAVnuVTt4/WQaPTRgn3Dewv3Ym4EAQpXNwefcfr6B2TZB
sMFRnbsm7gHbRUTiTyiwGyki+pu3LnVMqaH/Qgx0ObcZS6zrQ2VNwX44GTAYKORB
LRxl+IMAiLvBcSMrypRvvfsXLoguhnB6yfpLGCVyQhek3wIbNuE8q2R25QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDYj1RWpJFjgNFpGAwC1GY0T7NaMB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJndg/gI
3P3dB+edyCFB6WdNUx0KkGR0ZlnCkwIm4a/oaBIEy2ANP5zSwqmYp4IiEOw5CIjo
PlgAnkFQ3eBjiwafs9gBEUJQzXhL+xPkTIN6NlHk+lXCWeXAFhOmnZZLdwCMopzD
qT6zrevsITZWBhrQeLh+bKmSIsagAxXmT/xyt5vg8UkJmR8egDRarcUZRmELsG51
1H6WqQFCBjZGTPqRw4/yOBrO79mVHPf30WWHLoUiwYy1Sr0R8C9C21fiDblB7zUm
6Dlj5f26z4f9kNDvNY1CLH8jd4KdcAFYw9kXZB1//KzSg1xNcHlLkREH7d5w/KD5
Mc+yZaV/OyzAAg==
-----END CERTIFICATE-----