Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          jf1dcf+xwxqOAag5L6Te9K7j1KWg4utJh1+pdP0JlhI=
Subject key identifier:   25:1E:B5:01:CA:3F:92:53:46:92:32:0A:A9:81:AF:8A:08:CE:D2:1E
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       0197B70F265F623544421FA7BAE63AEF1885
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0EDE
Signing time:             Sat 28 Jun 2025 15:01:52 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:52 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:52 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: LQS5+L18laYrrosL75qWojRTl+B14Jgn38R2yD5XqCo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:26:5f:62:35:44:42:1f:a7:ba:e6:3a:ef:18:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Jun 28 15:01:52 2025 GMT
            Not After : Jun 29 15:01:52 2025 GMT
        Subject: CN=251eb501ca3f92534692320aa981af8a08ced21e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:f9:c6:71:79:d9:78:1d:0d:ac:25:96:20:ee:
                    75:f0:d1:f0:0c:c9:dc:1e:4c:1d:17:f4:22:f9:ab:
                    5f:a0:2e:d8:cc:0d:10:58:29:48:e4:e6:ab:fe:69:
                    20:68:e3:94:98:f3:43:aa:a5:17:c0:d8:13:4f:15:
                    d8:72:0b:83:de:93:bc:90:f0:04:41:b0:bf:80:23:
                    21:3b:59:54:aa:97:a1:f4:f1:a3:69:1f:22:b1:48:
                    ec:d5:3b:88:1a:60:ad:91:1f:b5:ca:a2:d8:1d:d7:
                    5e:a9:bc:45:bd:aa:aa:45:55:6b:5e:e8:fb:f7:22:
                    de:d0:e8:29:43:b4:86:c0:f4:d5:50:27:25:e3:fc:
                    d8:da:ca:1f:80:76:50:da:95:db:a1:17:58:96:39:
                    98:59:c0:d6:fa:0a:45:f9:4e:43:57:ca:f4:31:6c:
                    28:11:a4:f1:fa:1a:13:86:37:a4:0c:a5:c9:59:f9:
                    64:b7:11:77:c5:4e:2b:b4:de:91:3c:20:b3:42:41:
                    16:c1:b1:56:65:a2:7e:83:d6:2e:fa:89:ba:5e:03:
                    ae:dc:8e:e1:dd:39:05:15:f9:1e:5b:be:be:c7:ee:
                    ae:f9:9b:7f:9c:09:cf:bd:2d:b5:88:82:18:6b:58:
                    09:74:9a:08:69:b9:fc:af:58:95:a2:19:b8:30:b7:
                    e9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:1E:B5:01:CA:3F:92:53:46:92:32:0A:A9:81:AF:8A:08:CE:D2:1E
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:93:f3:de:35:91:06:8e:d6:2d:fe:29:ca:ca:c1:8c:cb:21:
         94:9e:02:1b:b8:70:7f:a8:8b:de:7a:f2:7d:eb:70:1d:68:07:
         f8:44:99:39:c3:ea:3e:57:9c:8c:b0:40:e7:fe:20:19:c1:7c:
         72:11:6b:70:a3:d5:3b:68:16:82:a7:c8:26:08:15:7f:88:df:
         1a:c9:86:8e:18:43:a0:8d:82:0d:16:b8:54:34:4d:76:ab:6d:
         09:d6:fd:76:4e:22:39:88:f8:f7:36:4d:fe:f0:70:5f:99:10:
         9b:31:2d:96:8c:de:ec:ab:f6:9a:8e:e0:ef:3e:bf:e1:3f:b9:
         38:ef:6a:5b:b5:36:0a:82:11:ee:90:69:5e:6c:43:62:99:c0:
         09:c0:7b:41:e2:36:e7:de:09:db:0d:6b:df:fd:f6:1b:dd:c6:
         0f:06:fd:6a:0b:75:87:a0:d4:d3:9e:03:84:89:14:dc:ba:74:
         f6:00:cf:6c:a7:8a:b9:d3:9f:26:63:f5:ea:7d:08:33:a9:8b:
         23:50:e1:1c:27:68:71:42:5a:1c:d6:51:e6:15:e7:9a:58:0d:
         78:e7:a9:e0:d5:e4:ee:49:60:7d:cb:24:40:55:76:6a:8e:fc:
         b4:7a:43:40:28:96:e9:a9:e7:29:95:87:51:52:72:6f:35:b3:
         12:2a:9f:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DyZfYjVEQh+nuuY67xiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwNjI4MTUwMTUyWhcNMjUwNjI5MTUwMTUyWjAzMTEwLwYDVQQD
EygyNTFlYjUwMWNhM2Y5MjUzNDY5MjMyMGFhOTgxYWY4YTA4Y2VkMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/nGcXnZeB0NrCWWIO518NHwDMnc
HkwdF/Qi+atfoC7YzA0QWClI5Oar/mkgaOOUmPNDqqUXwNgTTxXYcguD3pO8kPAE
QbC/gCMhO1lUqpeh9PGjaR8isUjs1TuIGmCtkR+1yqLYHddeqbxFvaqqRVVrXuj7
9yLe0OgpQ7SGwPTVUCcl4/zY2sofgHZQ2pXboRdYljmYWcDW+gpF+U5DV8r0MWwo
EaTx+hoThjekDKXJWflktxF3xU4rtN6RPCCzQkEWwbFWZaJ+g9Yu+om6XgOu3I7h
3TkFFfkeW76+x+6u+Zt/nAnPvS21iIIYa1gJdJoIabn8r1iVohm4MLfp9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUetQHKP5JTRpIyCqmBr4oIztIeMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZPz3jWR
Bo7WLf4pysrBjMshlJ4CG7hwf6iL3nryfetwHWgH+ESZOcPqPlecjLBA5/4gGcF8
chFrcKPVO2gWgqfIJggVf4jfGsmGjhhDoI2CDRa4VDRNdqttCdb9dk4iOYj49zZN
/vBwX5kQmzEtloze7Kv2mo7g7z6/4T+5OO9qW7U2CoIR7pBpXmxDYpnACcB7QeI2
594J2w1r3/32G93GDwb9agt1h6DU054DhIkU3Lp09gDPbKeKudOfJmP16n0IM6mL
I1DhHCdocUJaHNZR5hXnmlgNeOep4NXk7klgfcskQFV2ao78tHpDQCiW6annKZWH
UVJybzWzEiqfFg==
-----END CERTIFICATE-----