Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          NI2hefBF1p2aQRvOlTbFX0DoRwUvzWHa46YnC7ByCyU=
Subject key identifier:   47:17:9F:6E:00:C4:7A:29:55:BD:0D:21:E8:56:D3:85:0D:8A:06:C9
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       0197B77C3B16494459CC18602039C8AC3A53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 17:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:01 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: wA0+UxREaNBT5rqP3oyYWUvNtSoNSptc0dVEFUaghl4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:3b:16:49:44:59:cc:18:60:20:39:c8:ac:3a:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Jun 28 17:01:01 2025 GMT
            Not After : Jun 29 17:01:01 2025 GMT
        Subject: CN=47179f6e00c47a2955bd0d21e856d3850d8a06c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b3:66:d1:15:9d:13:20:92:17:7f:2a:c7:64:
                    42:ac:07:39:b8:c7:ff:a1:03:53:f6:18:81:33:b3:
                    e7:92:5c:05:c0:15:32:22:b4:61:4d:38:c8:27:d5:
                    29:93:aa:24:29:fb:b0:e1:aa:ff:a5:3e:08:8b:bf:
                    a0:81:5c:fc:05:ea:04:92:13:26:e8:d5:61:ee:3f:
                    a5:de:c3:ae:5b:9c:20:34:62:df:21:e4:4c:84:77:
                    99:c4:55:79:8a:9a:63:b5:a3:8b:e3:99:9d:9e:ac:
                    86:cb:af:dc:cf:e7:51:4b:10:59:a4:ba:51:e7:4d:
                    e0:49:22:37:4a:b2:6d:a0:4e:de:29:24:14:41:b6:
                    84:e5:1d:c5:07:f4:cd:64:29:6c:4f:b2:51:50:1b:
                    72:82:98:08:f2:18:16:31:b8:99:c8:0e:f3:1c:5e:
                    70:7d:dd:0d:f5:af:6b:55:c0:9b:bb:0a:8f:68:1c:
                    a6:25:55:0e:89:f6:38:c0:6b:a7:a5:27:9f:d1:fe:
                    15:56:fc:21:dd:39:2a:e3:86:df:3b:ce:3b:65:a1:
                    ae:8d:43:e0:43:fe:e8:c4:e8:19:7d:1b:d8:7d:85:
                    01:76:13:a5:ec:93:19:b8:12:6c:cd:cd:61:d4:f9:
                    f5:03:52:e6:1c:28:0d:f3:c0:03:a2:15:ef:29:00:
                    00:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:17:9F:6E:00:C4:7A:29:55:BD:0D:21:E8:56:D3:85:0D:8A:06:C9
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:51:cc:d9:07:d2:92:dd:95:6d:77:2e:8c:52:3d:1b:2f:f9:
         ed:97:61:69:7f:79:82:f4:e6:72:82:7a:bb:15:f2:66:bd:fe:
         17:9f:71:64:2a:20:b6:c1:73:47:82:0b:cb:af:05:40:37:40:
         f3:1a:ef:08:7a:61:c2:fa:b7:4f:0c:98:a6:79:6d:07:c8:f8:
         94:84:60:2d:a1:85:ad:94:f2:6d:4b:cf:f4:9b:61:94:e6:b0:
         71:48:ae:11:3b:58:9b:bd:6e:a7:72:d5:7d:ec:27:7d:ce:ab:
         cd:b1:a0:9c:ae:c2:07:37:22:3e:35:c7:3b:5f:fd:11:8d:af:
         64:1b:c2:e1:6d:21:13:eb:5c:a7:45:4b:23:d6:78:a9:1b:27:
         2f:4b:6c:c2:8f:15:d2:2a:11:74:75:45:3c:76:67:88:e0:26:
         51:38:ce:98:dd:a5:2c:6b:51:b5:49:09:d9:6a:7d:46:fe:95:
         58:e4:80:c5:79:b5:db:81:0c:43:6f:f5:f9:37:7f:98:f9:4f:
         c8:f0:93:47:bc:34:b3:2a:66:e9:16:50:c6:08:7b:e7:e1:f8:
         6e:db:d7:ac:a2:58:e3:21:25:97:56:11:94:2d:28:dc:81:af:
         b6:70:6f:69:25:dc:fa:64:23:9a:9f:e6:54:b5:66:cf:72:e9:
         34:52:a3:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fDsWSURZzBhgIDnIrDpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwNjI4MTcwMTAxWhcNMjUwNjI5MTcwMTAxWjAzMTEwLwYDVQQD
Eyg0NzE3OWY2ZTAwYzQ3YTI5NTViZDBkMjFlODU2ZDM4NTBkOGEwNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LNm0RWdEyCSF38qx2RCrAc5uMf/
oQNT9hiBM7PnklwFwBUyIrRhTTjIJ9Upk6okKfuw4ar/pT4Ii7+ggVz8BeoEkhMm
6NVh7j+l3sOuW5wgNGLfIeRMhHeZxFV5ippjtaOL45mdnqyGy6/cz+dRSxBZpLpR
503gSSI3SrJtoE7eKSQUQbaE5R3FB/TNZClsT7JRUBtygpgI8hgWMbiZyA7zHF5w
fd0N9a9rVcCbuwqPaBymJVUOifY4wGunpSef0f4VVvwh3Tkq44bfO847ZaGujUPg
Q/7oxOgZfRvYfYUBdhOl7JMZuBJszc1h1Pn1A1LmHCgN88ADohXvKQAATwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcXn24AxHopVb0NIehW04UNigbJMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVHM2QfS
kt2VbXcujFI9Gy/57ZdhaX95gvTmcoJ6uxXyZr3+F59xZCogtsFzR4ILy68FQDdA
8xrvCHphwvq3TwyYpnltB8j4lIRgLaGFrZTybUvP9JthlOawcUiuETtYm71up3LV
fewnfc6rzbGgnK7CBzciPjXHO1/9EY2vZBvC4W0hE+tcp0VLI9Z4qRsnL0tswo8V
0ioRdHVFPHZniOAmUTjOmN2lLGtRtUkJ2Wp9Rv6VWOSAxXm124EMQ2/1+Td/mPlP
yPCTR7w0sypm6RZQxgh75+H4btvXrKJY4yEll1YRlC0o3IGvtnBvaSXc+mQjmp/m
VLVmz3LpNFKjfA==
-----END CERTIFICATE-----