Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          HAVe+HtfjZUwAaXMnbltVvnwQWBA6rtspP0FxCeDMPs=
Subject key identifier:   1B:94:33:2F:1D:5C:3A:67:E5:A6:C2:8E:ED:B7:09:EA:68:DC:E4:52
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       0197B70F433BE8CC19FAECB069298D2CFFFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          04DF
Signing time:             Sat 28 Jun 2025 15:02:00 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:00 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:00 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: GiLpobrkIF1hV5ZVwf2R6Zmjf7WIMkg4m3ddjrzSRGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:43:3b:e8:cc:19:fa:ec:b0:69:29:8d:2c:ff:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Jun 28 15:02:00 2025 GMT
            Not After : Jun 29 15:02:00 2025 GMT
        Subject: CN=1b94332f1d5c3a67e5a6c28eedb709ea68dce452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:33:ba:5b:d7:e9:7f:e6:22:ef:d5:ee:2f:
                    e7:56:bd:c1:80:c9:5b:93:d5:1c:c2:df:a7:ba:b5:
                    67:08:3a:31:b7:52:41:8d:3f:bb:09:1d:98:2b:c1:
                    20:0a:3f:aa:99:54:a9:98:39:42:5e:d3:82:ca:32:
                    e5:15:c7:f6:5b:b2:54:e2:d3:0c:bf:5b:8a:e2:6f:
                    98:56:cb:d7:8c:24:04:00:1a:95:06:34:4c:1d:89:
                    6b:31:f2:59:68:2a:28:55:a0:04:aa:f3:16:c6:6f:
                    18:52:30:49:46:24:eb:c1:94:2c:c6:98:d0:c8:54:
                    4e:76:2e:81:ff:d3:27:f8:00:2e:4d:d8:83:76:7f:
                    97:00:0a:6e:3f:46:1d:49:09:fe:98:7b:72:01:1d:
                    ca:fa:2f:b4:32:a8:06:a6:64:c7:0e:01:fb:34:cf:
                    ef:65:7f:e6:eb:54:05:3e:8c:a0:fa:b8:b1:42:2a:
                    29:58:12:2a:5b:0d:02:06:0f:ed:35:d3:85:06:4c:
                    71:72:4c:21:b4:6c:a0:d3:47:e7:a5:b6:20:bb:30:
                    29:b7:8a:4b:bc:c0:fa:46:9f:ba:ac:2a:81:bd:be:
                    e1:3d:61:cb:4c:6e:d0:33:3b:4b:fc:91:7c:fa:53:
                    e8:a3:1b:9c:c7:68:64:11:9a:12:53:18:b8:94:98:
                    69:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:94:33:2F:1D:5C:3A:67:E5:A6:C2:8E:ED:B7:09:EA:68:DC:E4:52
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:a5:37:97:c3:ab:ca:3e:5a:5c:24:74:84:72:41:46:42:25:
         da:83:e1:37:fd:15:c5:5e:96:11:1b:17:8f:39:84:da:a1:cc:
         10:38:91:fc:7e:f9:98:6e:7a:43:07:a7:75:4c:68:bf:6e:36:
         fc:4e:89:3d:13:f0:38:d7:30:ec:de:ed:45:07:ad:aa:93:24:
         29:d8:14:2d:81:4a:c2:41:19:85:26:46:d7:c7:64:e4:94:18:
         85:72:81:19:4e:16:1a:53:3d:32:a9:0f:12:81:00:95:c1:2e:
         fa:c4:31:29:07:e0:ad:37:75:aa:13:ad:c2:ec:b7:80:d7:ec:
         22:af:6f:a2:5b:3e:d6:b9:ca:0a:cf:e7:b6:7e:5b:82:b4:61:
         a3:8c:99:03:a4:4f:4a:44:c4:7e:4c:26:d1:40:af:65:a0:56:
         08:29:aa:9f:c2:d5:7f:19:ec:65:26:1e:fe:a3:21:00:ac:0a:
         ce:8b:69:36:67:64:3e:c4:da:ae:a8:83:c0:62:92:17:6e:b9:
         f8:b8:23:41:f5:d1:e3:4c:cb:4a:d1:5d:63:9f:75:21:a7:14:
         dc:4a:5d:b3:8f:57:a9:cc:6b:60:8b:41:ed:39:da:59:23:1f:
         e1:93:27:dc:2c:14:87:76:19:06:51:5d:23:15:7f:b9:88:98:
         79:fd:b1:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D0M76MwZ+uywaSmNLP//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwNjI4MTUwMjAwWhcNMjUwNjI5MTUwMjAwWjAzMTEwLwYDVQQD
EygxYjk0MzMyZjFkNWMzYTY3ZTVhNmMyOGVlZGI3MDllYTY4ZGNlNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7UzulvX6X/mIu/V7i/nVr3BgMlb
k9Ucwt+nurVnCDoxt1JBjT+7CR2YK8EgCj+qmVSpmDlCXtOCyjLlFcf2W7JU4tMM
v1uK4m+YVsvXjCQEABqVBjRMHYlrMfJZaCooVaAEqvMWxm8YUjBJRiTrwZQsxpjQ
yFROdi6B/9Mn+AAuTdiDdn+XAApuP0YdSQn+mHtyAR3K+i+0MqgGpmTHDgH7NM/v
ZX/m61QFPoyg+rixQiopWBIqWw0CBg/tNdOFBkxxckwhtGyg00fnpbYguzApt4pL
vMD6Rp+6rCqBvb7hPWHLTG7QMztL/JF8+lPooxucx2hkEZoSUxi4lJhpHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuUMy8dXDpn5abCju23Cepo3ORSMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnaU3l8Or
yj5aXCR0hHJBRkIl2oPhN/0VxV6WERsXjzmE2qHMEDiR/H75mG56QwendUxov242
/E6JPRPwONcw7N7tRQetqpMkKdgULYFKwkEZhSZG18dk5JQYhXKBGU4WGlM9MqkP
EoEAlcEu+sQxKQfgrTd1qhOtwuy3gNfsIq9vols+1rnKCs/ntn5bgrRho4yZA6RP
SkTEfkwm0UCvZaBWCCmqn8LVfxnsZSYe/qMhAKwKzotpNmdkPsTarqiDwGKSF265
+LgjQfXR40zLStFdY591IacU3Epds49XqcxrYItB7TnaWSMf4ZMn3CwUh3YZBlFd
IxV/uYiYef2xsw==
-----END CERTIFICATE-----