Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
File:                     71j4Vyvdd9mBQRGA4u-aioAsdqw.mft (raw, json)
Hash identifier:          eEBubYieOhRfz/0jEP7Ve8mIrhXuNcJFev8lFkloY7Q=
Subject key identifier:   6A:61:24:B3:B1:E0:7B:85:2E:5A:C5:3B:2E:76:2C:E4:A5:57:4D:8D
Authority key identifier: EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC
Certificate issuer:       /CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
Certificate serial:       0197B9D9048A5402165F2BD36F88D45655B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
Manifest number:          0132
Signing time:             Sun 29 Jun 2025 04:01:36 +0000
Manifest this update:     Sun 29 Jun 2025 04:01:36 +0000
Manifest next update:     Mon 30 Jun 2025 04:01:36 +0000
Files and hashes:         1: 71j4Vyvdd9mBQRGA4u-aioAsdqw.crl (hash: 2SJQVDdNeTNw4plz0g8mJS6mVX3e+930QnEze6CyzHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:d9:04:8a:54:02:16:5f:2b:d3:6f:88:d4:56:55:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
        Validity
            Not Before: Jun 29 04:01:36 2025 GMT
            Not After : Jun 30 04:01:36 2025 GMT
        Subject: CN=6a6124b3b1e07b852e5ac53b2e762ce4a5574d8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a4:05:a1:42:c1:8a:68:de:d9:25:f5:79:06:
                    5a:93:d4:b8:09:79:d5:1e:b6:98:45:92:d5:19:07:
                    0e:93:ac:d5:34:db:ec:83:43:82:18:5f:08:69:4f:
                    5f:99:c8:9e:43:30:f1:0a:22:1d:53:a7:90:d8:ea:
                    fe:72:4a:a2:5f:67:d6:f1:1b:b0:9d:20:36:f0:5e:
                    4f:48:18:d1:45:7c:2e:6c:5f:06:fd:7b:5c:e3:29:
                    ca:fe:a2:7f:43:09:2f:0f:06:57:d9:6d:27:df:ca:
                    fc:d0:04:36:8b:9c:f8:cc:fa:09:81:bb:b3:f0:49:
                    cf:b4:61:dc:82:23:91:c3:4b:69:62:25:ee:a1:9e:
                    21:97:dd:ba:8f:42:c0:b8:aa:a1:10:c0:ea:de:2d:
                    bd:7a:47:41:11:a5:0f:68:d6:7f:15:a5:3a:4e:3c:
                    3f:3c:74:bf:27:af:2d:7e:a9:c0:b2:aa:f8:e9:f8:
                    24:75:ce:12:84:dc:8d:9b:cd:17:5f:c9:05:cc:f7:
                    2f:df:1a:b1:0d:48:ff:34:ae:a8:fe:bb:a4:49:fb:
                    e0:6e:67:9b:be:bb:3f:78:02:52:db:50:e6:14:ea:
                    95:d0:62:9c:98:67:d3:96:ef:65:1d:2f:2c:94:bf:
                    c1:5c:9c:a2:1f:f0:31:fb:2e:df:72:21:4a:fc:57:
                    c2:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:61:24:B3:B1:E0:7B:85:2E:5A:C5:3B:2E:76:2C:E4:A5:57:4D:8D
            X509v3 Authority Key Identifier:
                keyid:EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:08:b2:7d:77:b2:bc:e6:df:0f:e4:f6:6f:0c:56:a5:24:9b:
         85:c3:f9:12:34:b0:7d:06:61:d1:ca:42:4b:27:08:87:4a:78:
         51:ab:62:5d:60:17:b8:19:5f:63:f3:8a:ed:bb:d3:65:81:61:
         91:4f:d0:40:9f:1e:50:67:e6:ff:ed:a8:d8:32:ad:11:eb:d0:
         92:ca:e0:d2:42:95:42:8d:b6:c2:75:52:1a:93:0e:71:95:9e:
         5a:ca:e2:1e:68:09:cd:68:bb:a2:a1:95:24:1e:62:93:b7:2d:
         f9:ca:cb:28:17:49:2f:9a:2d:f4:de:0f:bf:3b:8e:36:e0:34:
         89:ee:da:85:55:c4:3a:46:49:fd:ed:8b:d2:ba:c0:e8:8e:85:
         48:56:ba:77:45:0b:9a:de:42:db:ef:50:00:06:d0:e4:51:6c:
         06:ba:3b:3e:84:c8:41:89:5e:47:9f:f7:41:6d:ad:44:8a:b4:
         8f:8e:94:92:99:df:c6:06:01:59:be:b4:82:ec:2b:38:77:bc:
         e6:e3:ef:ea:c4:d3:b1:fc:41:04:e6:20:e2:5d:1e:45:8d:4d:
         69:29:34:61:c7:5d:66:d0:8a:87:81:9d:d4:cc:5c:39:5d:35:
         ab:ea:d1:79:f3:6a:f2:06:40:47:04:a9:b2:76:bd:77:20:57:
         68:89:1a:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52QSKVAIWXyvTb4jUVlW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNThmODU3MmJkZDc3ZDk4MTQxMTE4MGUyZWY5YThhODAy
Yzc2YWMwHhcNMjUwNjI5MDQwMTM2WhcNMjUwNjMwMDQwMTM2WjAzMTEwLwYDVQQD
Eyg2YTYxMjRiM2IxZTA3Yjg1MmU1YWM1M2IyZTc2MmNlNGE1NTc0ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqQFoULBimje2SX1eQZak9S4CXnV
HraYRZLVGQcOk6zVNNvsg0OCGF8IaU9fmcieQzDxCiIdU6eQ2Or+ckqiX2fW8Ruw
nSA28F5PSBjRRXwubF8G/Xtc4ynK/qJ/QwkvDwZX2W0n38r80AQ2i5z4zPoJgbuz
8EnPtGHcgiORw0tpYiXuoZ4hl926j0LAuKqhEMDq3i29ekdBEaUPaNZ/FaU6Tjw/
PHS/J68tfqnAsqr46fgkdc4ShNyNm80XX8kFzPcv3xqxDUj/NK6o/rukSfvgbmeb
vrs/eAJS21DmFOqV0GKcmGfTlu9lHS8slL/BXJyiH/Ax+y7fciFK/FfCuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGphJLOx4HuFLlrFOy52LOSlV02NMB8GA1UdIwQY
MBaAFO9Y+Fcr3XfZgUERgOLvmoqALHasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAt
MzhlODA1ZmY0YzczLzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAtMzhlODA1ZmY0Yzcz
LzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAAiyfXey
vObfD+T2bwxWpSSbhcP5EjSwfQZh0cpCSycIh0p4UatiXWAXuBlfY/OK7bvTZYFh
kU/QQJ8eUGfm/+2o2DKtEevQksrg0kKVQo22wnVSGpMOcZWeWsriHmgJzWi7oqGV
JB5ik7ct+crLKBdJL5ot9N4PvzuONuA0ie7ahVXEOkZJ/e2L0rrA6I6FSFa6d0UL
mt5C2+9QAAbQ5FFsBro7PoTIQYleR5/3QW2tRIq0j46UkpnfxgYBWb60guwrOHe8
5uPv6sTTsfxBBOYg4l0eRY1NaSk0YcddZtCKh4Gd1MxcOV01q+rRefNq8gZARwSp
sna9dyBXaIkahQ==
-----END CERTIFICATE-----