Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          CmYc5J+MZDLIlxpU8NigWrW1cRbNmfb17Qj+0dyYPIo=
Subject key identifier:   88:DC:2D:75:DB:66:6E:6A:47:A6:77:2F:63:2B:58:2F:91:DA:EF:18
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       0197BAEB57F3E0FA72B573178CC4E943DB27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          0869
Signing time:             Sun 29 Jun 2025 09:01:14 +0000
Manifest this update:     Sun 29 Jun 2025 09:01:14 +0000
Manifest next update:     Mon 30 Jun 2025 09:01:14 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: 3Dp8VYEivA9d6lkWqUHXAdlsHOgpYaCBJD4JtO8QLwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:eb:57:f3:e0:fa:72:b5:73:17:8c:c4:e9:43:db:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Jun 29 09:01:14 2025 GMT
            Not After : Jun 30 09:01:14 2025 GMT
        Subject: CN=88dc2d75db666e6a47a6772f632b582f91daef18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:10:29:16:55:6d:c9:d2:5a:97:bc:0f:bc:ae:
                    86:46:94:6a:d4:12:9c:bf:c6:f5:bb:ac:e6:f3:7f:
                    1f:73:05:c1:21:58:c4:c1:9d:cc:95:70:18:91:6c:
                    15:b5:3c:20:c0:e8:9f:75:62:0f:5f:d9:6d:46:32:
                    a4:7e:a4:9c:4a:f5:39:00:e5:2f:08:a0:53:fc:f2:
                    02:ef:3c:a9:bb:71:dc:c7:45:f7:6d:30:7d:2f:ed:
                    0b:35:e5:52:2f:de:45:85:81:ec:0a:da:7f:82:da:
                    be:a9:de:4f:8e:43:86:81:5f:36:b6:b9:ad:1a:5d:
                    96:68:6b:2b:60:2d:74:1c:e4:f6:62:09:97:76:8e:
                    bf:9e:b1:85:f5:40:0f:50:b6:1e:2a:4a:7b:45:c8:
                    c7:e2:de:9f:c7:f9:77:27:1b:af:63:05:21:b7:84:
                    8c:9c:c6:7e:d1:b5:3c:0e:19:f6:23:51:e0:ea:54:
                    a3:49:0d:0f:77:0f:06:61:1e:b4:31:96:be:86:90:
                    59:48:49:89:56:42:cf:41:15:23:ce:93:78:95:61:
                    22:be:74:bf:c2:2b:4e:b5:97:f7:c7:48:5b:f8:5e:
                    3e:0a:3f:10:72:11:1f:02:67:e0:a5:15:66:a3:14:
                    f6:f1:40:45:6b:ff:35:36:68:cc:35:cb:35:c4:31:
                    e6:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:DC:2D:75:DB:66:6E:6A:47:A6:77:2F:63:2B:58:2F:91:DA:EF:18
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ef:be:ab:c4:3a:45:d3:81:1e:ff:a1:f2:b5:d9:d4:8e:b8:
         de:6c:4c:9c:38:a2:3e:28:3e:1e:d9:64:3e:5c:f3:e5:0b:b2:
         1f:8c:2d:df:7c:f4:f7:3c:64:7d:5b:54:69:7d:4c:67:2c:5a:
         8b:bc:d5:93:e6:96:cc:27:ff:c4:7c:05:e9:de:8f:bc:2d:02:
         02:51:1f:6a:0e:c9:1b:59:02:27:b3:6a:83:1d:52:a9:90:41:
         2b:cf:68:dd:e5:dd:e2:28:c4:45:0a:81:a4:78:20:3b:97:a1:
         22:15:ab:eb:75:3c:b3:8c:27:e6:5f:b4:c3:08:3c:0c:93:08:
         2b:3e:7c:b5:e0:7d:19:a7:70:b8:ec:46:34:a5:0f:07:ac:85:
         98:d7:20:32:e9:cb:0a:c4:d7:ff:ca:98:5d:89:79:aa:86:1a:
         4b:75:b7:0d:89:fb:ee:a1:ca:81:fc:de:cd:b1:d5:1e:4a:97:
         fe:90:0b:11:dd:7d:d5:ca:6a:33:40:66:70:74:15:7b:10:b2:
         d4:4a:4f:c5:89:7e:f6:da:61:8f:f7:aa:b0:74:aa:ab:7a:08:
         1f:dd:9e:3a:1d:69:7b:a4:24:5d:cd:59:08:7b:ca:51:55:09:
         9a:d6:9f:11:03:f4:c9:3a:80:a3:92:8f:09:06:f9:84:d5:d2:
         f8:33:8c:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe661fz4PpytXMXjMTpQ9snMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjUwNjI5MDkwMTE0WhcNMjUwNjMwMDkwMTE0WjAzMTEwLwYDVQQD
Eyg4OGRjMmQ3NWRiNjY2ZTZhNDdhNjc3MmY2MzJiNTgyZjkxZGFlZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxApFlVtydJal7wPvK6GRpRq1BKc
v8b1u6zm838fcwXBIVjEwZ3MlXAYkWwVtTwgwOifdWIPX9ltRjKkfqScSvU5AOUv
CKBT/PIC7zypu3Hcx0X3bTB9L+0LNeVSL95FhYHsCtp/gtq+qd5PjkOGgV82trmt
Gl2WaGsrYC10HOT2YgmXdo6/nrGF9UAPULYeKkp7RcjH4t6fx/l3JxuvYwUht4SM
nMZ+0bU8Dhn2I1Hg6lSjSQ0Pdw8GYR60MZa+hpBZSEmJVkLPQRUjzpN4lWEivnS/
witOtZf3x0hb+F4+Cj8QchEfAmfgpRVmoxT28UBFa/81NmjMNcs1xDHmgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjcLXXbZm5qR6Z3L2MrWC+R2u8YMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+++q8Q6
RdOBHv+h8rXZ1I643mxMnDiiPig+HtlkPlzz5QuyH4wt33z09zxkfVtUaX1MZyxa
i7zVk+aWzCf/xHwF6d6PvC0CAlEfag7JG1kCJ7Nqgx1SqZBBK89o3eXd4ijERQqB
pHggO5ehIhWr63U8s4wn5l+0wwg8DJMIKz58teB9GadwuOxGNKUPB6yFmNcgMunL
CsTX/8qYXYl5qoYaS3W3DYn77qHKgfzezbHVHkqX/pALEd191cpqM0BmcHQVexCy
1EpPxYl+9tphj/eqsHSqq3oIH92eOh1pe6QkXc1ZCHvKUVUJmtafEQP0yTqAo5KP
CQb5hNXS+DOMGQ==
-----END CERTIFICATE-----