Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
File:                     TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft (raw, json)
Hash identifier:          DnuQeEaYEDSEF78JPEA4CyTr15W5RSOavjZ1Tpq1R/g=
Subject key identifier:   0E:C3:E9:F7:7E:2A:0A:84:4D:24:EC:56:E2:C0:30:09:6E:87:22:B3
Authority key identifier: 4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC
Certificate issuer:       /CN=4cd710b65373e0d910da70636fc143c06ba5ddac
Certificate serial:       0197B70E4F6B858B2EBDDEA86A122B1D4E1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
Manifest number:          150B
Signing time:             Sat 28 Jun 2025 15:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 15:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 15:00:57 +0000
Files and hashes:         1: TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl (hash: UzlDIt+Pl8QTCF1/LiM+WaFU/s8ZwMiQXR327cCcyNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:4f:6b:85:8b:2e:bd:de:a8:6a:12:2b:1d:4e:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd710b65373e0d910da70636fc143c06ba5ddac
        Validity
            Not Before: Jun 28 15:00:57 2025 GMT
            Not After : Jun 29 15:00:57 2025 GMT
        Subject: CN=0ec3e9f77e2a0a844d24ec56e2c030096e8722b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:5a:b2:18:bd:a9:80:cd:2e:91:13:4b:ea:f6:
                    ac:0d:de:22:7a:90:2d:f3:2c:19:9b:e4:59:ce:69:
                    87:f0:bf:87:f4:cd:d4:91:bb:35:b1:0e:86:7f:e3:
                    e4:e2:b8:29:ca:20:b7:f5:64:05:2c:e8:e8:ae:76:
                    1b:66:93:58:ba:14:f0:a9:44:63:4f:cd:a2:b5:d6:
                    1f:66:2b:32:82:85:41:f2:42:47:de:b9:c3:b6:35:
                    e5:51:1c:6c:b0:b1:9f:6e:54:0f:92:06:1e:ed:e7:
                    57:83:42:b0:6a:49:20:98:a5:90:f1:80:b3:ad:d2:
                    eb:9e:ff:7d:87:cb:1f:da:c1:ac:d0:0c:2c:2b:5a:
                    f1:e2:0a:bb:3c:04:93:31:3b:57:8c:91:7f:4f:7b:
                    b9:e0:57:2b:9c:e0:b5:29:bd:74:e7:76:3b:cd:2e:
                    66:52:15:fc:9c:3b:c2:5e:64:86:eb:1c:e8:cf:85:
                    82:b5:5f:0a:13:e4:bd:75:38:2a:b3:47:b6:63:13:
                    86:45:5b:26:6e:aa:64:7b:35:ec:a0:92:05:2c:19:
                    9d:39:70:05:c7:af:90:e4:d0:32:ea:aa:e7:93:ea:
                    7e:b8:5c:74:1a:03:fe:d8:a7:b8:bd:d6:2d:28:30:
                    52:87:b1:a5:d0:c6:80:bd:3a:46:c8:f6:ed:5d:65:
                    11:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C3:E9:F7:7E:2A:0A:84:4D:24:EC:56:E2:C0:30:09:6E:87:22:B3
            X509v3 Authority Key Identifier:
                keyid:4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:1d:e8:41:8a:b0:a3:24:fc:ed:b6:4a:d9:ac:9a:7b:2e:4b:
         ef:97:68:8a:78:9d:cf:d0:fb:50:38:16:96:b5:01:b0:dd:9e:
         e1:e5:66:33:10:78:eb:bb:ab:2c:86:ee:cb:d6:1b:6d:36:d5:
         f8:05:dd:60:c8:f7:13:9f:82:db:8f:80:79:f5:da:70:67:6f:
         c4:15:a0:68:43:d1:39:d3:ec:ce:69:b8:2b:bb:66:0d:ec:5d:
         8b:03:3b:89:a5:97:a1:00:55:4f:19:ce:96:cc:28:58:b1:78:
         86:45:2f:07:9b:92:53:c2:67:44:bf:95:fb:a9:fa:35:8b:f1:
         d1:80:5f:c6:19:58:18:22:82:ec:a8:e4:be:6d:70:0a:a0:f7:
         39:19:01:53:09:79:40:45:f9:ec:59:92:15:58:46:e7:73:2b:
         16:17:b7:fa:d9:d8:8b:c1:1d:6f:6f:5a:14:95:7f:2a:f5:d7:
         44:0c:55:12:96:5e:3e:09:a6:6b:59:40:b2:d3:16:97:1c:45:
         ed:77:8d:dc:9e:fd:a6:63:ef:23:bb:18:96:71:b3:dd:f0:cd:
         9d:dd:70:f8:42:49:2e:84:62:b9:46:0f:c7:0f:0b:cd:bd:a4:
         0a:94:0d:44:a1:65:88:bb:44:19:13:95:3a:b5:3b:3c:7a:89:
         27:83:43:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dk9rhYsuvd6oahIrHU4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDcxMGI2NTM3M2UwZDkxMGRhNzA2MzZmYzE0M2MwNmJh
NWRkYWMwHhcNMjUwNjI4MTUwMDU3WhcNMjUwNjI5MTUwMDU3WjAzMTEwLwYDVQQD
EygwZWMzZTlmNzdlMmEwYTg0NGQyNGVjNTZlMmMwMzAwOTZlODcyMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlqyGL2pgM0ukRNL6vasDd4iepAt
8ywZm+RZzmmH8L+H9M3Ukbs1sQ6Gf+Pk4rgpyiC39WQFLOjornYbZpNYuhTwqURj
T82itdYfZisygoVB8kJH3rnDtjXlURxssLGfblQPkgYe7edXg0KwakkgmKWQ8YCz
rdLrnv99h8sf2sGs0AwsK1rx4gq7PASTMTtXjJF/T3u54FcrnOC1Kb1053Y7zS5m
UhX8nDvCXmSG6xzoz4WCtV8KE+S9dTgqs0e2YxOGRVsmbqpkezXsoJIFLBmdOXAF
x6+Q5NAy6qrnk+p+uFx0GgP+2Ke4vdYtKDBSh7Gl0MaAvTpGyPbtXWURBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7D6fd+KgqETSTsVuLAMAluhyKzMB8GA1UdIwQY
MBaAFEzXELZTc+DZENpwY2/BQ8Brpd2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDIt
ZjkyNTBkZDc5ZmU5LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDItZjkyNTBkZDc5ZmU5
LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABB3oQYqw
oyT87bZK2ayaey5L75doinidz9D7UDgWlrUBsN2e4eVmMxB467urLIbuy9YbbTbV
+AXdYMj3E5+C24+AefXacGdvxBWgaEPROdPszmm4K7tmDexdiwM7iaWXoQBVTxnO
lswoWLF4hkUvB5uSU8JnRL+V+6n6NYvx0YBfxhlYGCKC7Kjkvm1wCqD3ORkBUwl5
QEX57FmSFVhG53MrFhe3+tnYi8Edb29aFJV/KvXXRAxVEpZePgmma1lAstMWlxxF
7XeN3J79pmPvI7sYlnGz3fDNnd1w+EJJLoRiuUYPxw8Lzb2kCpQNRKFliLtEGROV
OrU7PHqJJ4NDBQ==
-----END CERTIFICATE-----