Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          rMcIWH0PyGCC7WcTTFh2gpvxWgHxxIy9pNmZ5Z9NHIo=
Subject key identifier:   3E:EF:C5:47:21:0B:C9:2E:1C:87:36:C8:2E:2B:DB:F6:BF:74:E9:62
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       0197B6A0BDD59693363EF379A4AA44DE12B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:17 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: u2zWgKwebcaS38OwJmue515Ph8t/JJlIptb2ZDO0B6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:bd:d5:96:93:36:3e:f3:79:a4:aa:44:de:12:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Jun 28 13:01:17 2025 GMT
            Not After : Jun 29 13:01:17 2025 GMT
        Subject: CN=3eefc547210bc92e1c8736c82e2bdbf6bf74e962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6b:15:e6:a1:c9:f4:cc:42:07:a5:c5:43:82:
                    48:e2:77:30:d6:ec:7c:aa:6f:9a:05:a2:e0:d8:a8:
                    89:03:26:07:ee:0e:3a:b3:e0:00:f9:3c:1a:39:56:
                    f7:e4:6c:f6:fb:1a:92:ee:19:99:87:65:f4:4b:fd:
                    07:16:10:c3:f3:7c:45:34:56:70:6a:6f:ae:e3:d2:
                    b1:a1:12:97:70:5c:7d:e0:89:5b:f3:cb:2f:fe:39:
                    ed:65:d5:2d:2b:ff:60:a1:2d:d6:db:e9:6d:bd:d9:
                    1c:48:d9:ab:12:1f:23:65:0e:84:16:5d:1b:e0:85:
                    a9:20:01:61:5f:bb:48:ca:84:a4:c0:d0:0f:84:16:
                    2a:17:cc:41:fa:57:e7:61:90:8e:9d:48:51:36:bd:
                    fe:bc:3a:65:38:09:ea:38:74:65:48:16:bf:fe:e8:
                    25:78:84:19:7c:68:e4:8c:a9:32:d9:f9:ab:5a:0d:
                    58:9e:56:ff:01:7c:9d:ff:7c:7d:0f:4a:6e:92:3f:
                    76:45:e0:96:d6:bc:90:24:f2:04:87:b5:57:15:39:
                    0f:b5:00:cd:ab:ac:92:ea:a6:17:0b:9b:ac:95:db:
                    b2:08:c6:9a:41:48:d5:93:9f:04:a3:a5:7a:cd:60:
                    85:b6:3a:95:d7:33:c0:51:5b:b8:44:f2:fa:1b:e2:
                    a4:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:EF:C5:47:21:0B:C9:2E:1C:87:36:C8:2E:2B:DB:F6:BF:74:E9:62
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:6c:87:96:04:fc:3e:51:50:65:c4:7b:f0:ff:32:dd:f7:17:
         f6:f1:9e:15:b9:2b:b5:03:d9:9a:e1:49:d4:a6:22:c6:4e:09:
         54:36:9a:86:6f:ec:3b:bb:56:3f:32:c5:2e:3a:4b:3b:a6:0f:
         57:89:12:c5:5a:35:b7:2f:21:2d:f2:71:e5:14:3e:3d:6d:20:
         a8:da:2b:ce:fa:93:57:b6:3d:5e:9d:06:29:dd:20:b1:41:07:
         c0:80:ab:b5:35:d5:e1:a5:21:65:ef:fa:a7:16:12:98:e0:3e:
         5b:b4:b1:5b:0e:d0:06:63:14:e6:98:b7:08:92:a1:1b:99:b5:
         44:c5:7f:2c:e6:53:2d:c7:89:a0:a0:6e:37:18:44:e6:d9:26:
         4a:b9:ad:3d:fa:5d:b0:6d:c9:78:68:ef:41:c8:fe:f0:e7:18:
         b5:62:ab:78:25:00:3f:26:5e:e0:8f:16:6a:2a:49:11:8f:7b:
         f2:5b:03:f6:33:67:6d:d9:de:b1:5a:d3:89:dc:6d:e2:a6:e1:
         33:e9:f2:25:32:d0:15:dd:48:1f:de:f2:53:12:70:b8:92:fc:
         33:9a:66:19:0c:39:84:bc:be:d5:96:71:c5:b6:2d:17:f0:2f:
         83:19:c3:df:fd:44:e0:b4:ad:96:dc:b7:2f:b2:e7:03:9b:b7:
         bb:52:a3:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oL3VlpM2PvN5pKpE3hKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjUwNjI4MTMwMTE3WhcNMjUwNjI5MTMwMTE3WjAzMTEwLwYDVQQD
EygzZWVmYzU0NzIxMGJjOTJlMWM4NzM2YzgyZTJiZGJmNmJmNzRlOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWsV5qHJ9MxCB6XFQ4JI4ncw1ux8
qm+aBaLg2KiJAyYH7g46s+AA+TwaOVb35Gz2+xqS7hmZh2X0S/0HFhDD83xFNFZw
am+u49KxoRKXcFx94Ilb88sv/jntZdUtK/9goS3W2+ltvdkcSNmrEh8jZQ6EFl0b
4IWpIAFhX7tIyoSkwNAPhBYqF8xB+lfnYZCOnUhRNr3+vDplOAnqOHRlSBa//ugl
eIQZfGjkjKky2fmrWg1Ynlb/AXyd/3x9D0pukj92ReCW1ryQJPIEh7VXFTkPtQDN
q6yS6qYXC5uslduyCMaaQUjVk58Eo6V6zWCFtjqV1zPAUVu4RPL6G+KkDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7vxUchC8kuHIc2yC4r2/a/dOliMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2yHlgT8
PlFQZcR78P8y3fcX9vGeFbkrtQPZmuFJ1KYixk4JVDaahm/sO7tWPzLFLjpLO6YP
V4kSxVo1ty8hLfJx5RQ+PW0gqNorzvqTV7Y9Xp0GKd0gsUEHwICrtTXV4aUhZe/6
pxYSmOA+W7SxWw7QBmMU5pi3CJKhG5m1RMV/LOZTLceJoKBuNxhE5tkmSrmtPfpd
sG3JeGjvQcj+8OcYtWKreCUAPyZe4I8WaipJEY978lsD9jNnbdnesVrTidxt4qbh
M+nyJTLQFd1IH97yUxJwuJL8M5pmGQw5hLy+1ZZxxbYtF/AvgxnD3/1E4LStlty3
L7LnA5u3u1KjkA==
-----END CERTIFICATE-----