Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
File:                     rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft (raw, json)
Hash identifier:          uhQT766SGgVfyRE6WLARWogKnBOAxkRApGMgZ/0V79c=
Subject key identifier:   0E:87:40:65:56:1A:30:24:1C:7C:17:14:FE:A1:7F:50:1B:9E:86:9F
Authority key identifier: AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78
Certificate issuer:       /CN=ad30fb4388ee67144ae04ddc86812d63e028f478
Certificate serial:       0197C614526A569BF226DC47FE46EFBB2E25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
Manifest number:          15B9
Signing time:             Tue 01 Jul 2025 13:01:49 +0000
Manifest this update:     Tue 01 Jul 2025 13:01:49 +0000
Manifest next update:     Wed 02 Jul 2025 13:01:49 +0000
Files and hashes:         1: rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl (hash: qjsxftWugPZV5kioUcJbbGZb8dRV/ceK4P9Ivi/i83U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:14:52:6a:56:9b:f2:26:dc:47:fe:46:ef:bb:2e:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad30fb4388ee67144ae04ddc86812d63e028f478
        Validity
            Not Before: Jul  1 13:01:49 2025 GMT
            Not After : Jul  2 13:01:49 2025 GMT
        Subject: CN=0e874065561a30241c7c1714fea17f501b9e869f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b7:34:6c:9c:53:29:08:df:f8:61:39:ec:72:
                    18:9b:94:4a:e7:f7:c4:e6:54:b1:46:2d:b7:44:e8:
                    bd:11:03:bf:fd:35:42:c4:af:99:97:c8:c0:b3:17:
                    08:75:2c:72:1e:74:8c:f6:fc:40:80:b5:c2:45:53:
                    28:ba:28:63:50:4a:fe:9a:65:58:bf:e5:d0:3f:c1:
                    da:22:43:01:35:bf:80:dd:1a:70:bf:1e:14:ec:c4:
                    b0:25:c4:a2:c3:14:77:cc:5a:ef:22:ff:4b:26:d6:
                    df:72:43:2e:63:ac:02:0e:43:e5:40:a6:ff:33:f1:
                    15:3f:3b:72:95:23:bd:bf:15:c3:11:a0:ff:13:7c:
                    90:43:bf:4b:98:70:cb:0f:bd:bb:c7:55:c3:97:53:
                    e7:12:7b:66:50:27:f2:ba:86:64:e0:aa:f7:66:4f:
                    23:90:d9:ef:94:04:92:79:e1:4d:13:65:dc:89:e1:
                    1b:9d:51:36:1f:03:6d:50:fe:77:94:46:6e:35:9d:
                    26:3c:5d:82:42:f6:98:cc:57:0b:ba:c1:e0:d5:d7:
                    3d:41:d9:ea:47:fe:27:d0:25:25:63:3c:da:b9:57:
                    d7:07:78:5f:76:c2:22:a2:4b:b8:48:b8:b9:ab:38:
                    bd:e6:6d:4a:3c:e7:ee:a8:ff:07:0a:e3:41:46:1e:
                    7c:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:87:40:65:56:1A:30:24:1C:7C:17:14:FE:A1:7F:50:1B:9E:86:9F
            X509v3 Authority Key Identifier:
                keyid:AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:98:96:c4:96:f9:83:56:91:b0:2f:0c:57:b4:67:48:03:40:
         00:a3:15:84:07:bf:dc:8d:c4:ca:e6:65:79:93:27:ce:ee:3c:
         9a:df:00:d4:2e:b0:38:19:a3:10:f7:b6:2e:66:d8:f7:09:ad:
         d3:12:89:79:bc:ab:4e:6e:d8:df:24:1d:9e:8e:7b:d4:01:b8:
         f0:32:a5:fa:1a:c1:fa:2c:86:15:37:57:31:f3:4b:8e:ee:84:
         3e:5a:fb:48:ca:93:f8:54:92:92:04:be:67:eb:45:65:97:96:
         1a:6e:0c:74:72:f5:e1:b8:ed:0d:ef:5f:d0:7f:68:93:6f:3c:
         7c:c3:9a:87:6f:b4:43:ec:32:a1:68:35:78:1d:39:56:af:7a:
         2d:35:d8:e7:80:b0:59:26:20:64:98:87:1e:11:2c:f0:38:36:
         9e:c6:91:90:fa:e7:c5:91:65:78:25:69:01:ac:04:89:f8:5a:
         02:bf:ed:8e:12:33:ce:a4:5e:62:4e:1a:6a:03:dd:2d:0b:16:
         1d:4e:37:d3:df:36:8a:f8:76:fa:5c:e6:09:60:04:3d:a8:96:
         f3:7d:3d:55:bd:c5:cd:52:2d:1c:5d:49:37:20:25:2d:f8:69:
         87:21:c8:d7:d5:f2:bf:eb:b2:52:ab:d4:13:68:3e:3e:31:5c:
         1a:4c:c3:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGFFJqVpvyJtxH/kbvuy4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzBmYjQzODhlZTY3MTQ0YWUwNGRkYzg2ODEyZDYzZTAy
OGY0NzgwHhcNMjUwNzAxMTMwMTQ5WhcNMjUwNzAyMTMwMTQ5WjAzMTEwLwYDVQQD
EygwZTg3NDA2NTU2MWEzMDI0MWM3YzE3MTRmZWExN2Y1MDFiOWU4NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrc0bJxTKQjf+GE57HIYm5RK5/fE
5lSxRi23ROi9EQO//TVCxK+Zl8jAsxcIdSxyHnSM9vxAgLXCRVMouihjUEr+mmVY
v+XQP8HaIkMBNb+A3Rpwvx4U7MSwJcSiwxR3zFrvIv9LJtbfckMuY6wCDkPlQKb/
M/EVPztylSO9vxXDEaD/E3yQQ79LmHDLD727x1XDl1PnEntmUCfyuoZk4Kr3Zk8j
kNnvlASSeeFNE2XcieEbnVE2HwNtUP53lEZuNZ0mPF2CQvaYzFcLusHg1dc9Qdnq
R/4n0CUlYzzauVfXB3hfdsIioku4SLi5qzi95m1KPOfuqP8HCuNBRh58GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6HQGVWGjAkHHwXFP6hf1AbnoafMB8GA1UdIwQY
MBaAFK0w+0OI7mcUSuBN3IaBLWPgKPR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQt
YjY2MDQ0YWRiY2IxLzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQtYjY2MDQ0YWRiY2Ix
LzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALpiWxJb5
g1aRsC8MV7RnSANAAKMVhAe/3I3EyuZleZMnzu48mt8A1C6wOBmjEPe2LmbY9wmt
0xKJebyrTm7Y3yQdno571AG48DKl+hrB+iyGFTdXMfNLju6EPlr7SMqT+FSSkgS+
Z+tFZZeWGm4MdHL14bjtDe9f0H9ok288fMOah2+0Q+wyoWg1eB05Vq96LTXY54Cw
WSYgZJiHHhEs8Dg2nsaRkPrnxZFleCVpAawEifhaAr/tjhIzzqReYk4aagPdLQsW
HU430982ivh2+lzmCWAEPaiW8309Vb3FzVItHF1JNyAlLfhphyHI19Xyv+uyUqvU
E2g+PjFcGkzD3A==
-----END CERTIFICATE-----