Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          Rv6NMYD9oBHdSK7ffqaqorMfZn9XTL/O0XGhLXXOMdE=
Subject key identifier:   EF:E6:09:61:63:8B:86:08:54:1E:D9:90:27:3E:99:2E:08:35:DE:A4
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0197B6A16BD884054938FBDABCCB82327976
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1144
Signing time:             Sat 28 Jun 2025 13:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:01 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: OF/4hiw1EJKajHd+atNK3OuDbnj5Fu5/SCc8eMaT118=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:6b:d8:84:05:49:38:fb:da:bc:cb:82:32:79:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Jun 28 13:02:01 2025 GMT
            Not After : Jun 29 13:02:01 2025 GMT
        Subject: CN=efe60961638b8608541ed990273e992e0835dea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:96:40:ab:81:27:ea:7e:d9:a8:1e:43:d6:89:
                    b4:dc:4a:a4:6b:8a:aa:43:32:d5:73:59:6f:63:80:
                    f1:45:52:8c:e8:9c:e3:a3:75:d6:12:3d:75:9b:cc:
                    1d:e4:a3:e8:ea:0d:f0:d9:13:08:5a:03:1c:5b:76:
                    aa:9d:17:f0:52:95:55:fa:41:e8:1e:bc:5d:50:c9:
                    d9:78:c8:5e:2d:b6:1c:1e:ca:77:3a:22:e6:1d:33:
                    93:88:01:64:58:6a:fb:0f:4d:4b:1b:b7:f0:98:55:
                    91:d1:61:dd:1e:c3:d7:f9:8d:b6:76:b1:31:2d:6b:
                    f6:a0:a0:56:d5:92:95:49:f5:dc:df:53:ee:e0:83:
                    72:58:c7:9d:05:c0:d2:8f:6d:6c:e8:03:94:c0:6d:
                    0b:96:22:60:f9:ae:ec:e6:1c:e9:e9:49:f1:36:26:
                    75:04:11:8e:f3:2a:17:97:da:91:3a:8b:9a:3b:32:
                    31:2f:83:d0:68:93:00:fe:a9:45:bc:9b:13:dc:8d:
                    eb:52:6e:4d:ad:7c:81:77:31:95:95:1e:a4:c1:0b:
                    a9:2a:ad:e3:ca:b2:da:fc:d7:51:0a:0f:13:a6:ec:
                    9b:50:1a:65:cc:37:f2:4e:a3:f3:28:1e:7b:4f:81:
                    e8:88:f5:7d:14:10:f0:03:68:ad:78:bd:76:1b:dd:
                    6f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:E6:09:61:63:8B:86:08:54:1E:D9:90:27:3E:99:2E:08:35:DE:A4
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:e2:f3:d0:70:14:51:99:25:ff:f2:f2:24:c7:2d:6e:b3:33:
         8f:03:18:bf:75:e7:38:e9:17:db:61:c9:ff:f1:d8:c8:76:09:
         00:e9:14:a9:b6:8e:08:17:3d:7b:f5:b4:67:54:ec:1b:7d:f2:
         20:3a:5d:c7:5d:ee:83:c4:2f:33:e7:3f:c1:66:56:42:59:1f:
         45:bf:ba:b9:05:55:6a:c9:0b:95:bd:99:c2:d7:3f:6a:3e:0a:
         6e:00:c3:ba:48:8f:33:c0:66:10:7e:c6:31:2f:bb:6c:f9:bc:
         d5:66:97:7e:64:74:6d:eb:d5:ea:2e:31:92:31:04:cb:99:ad:
         d3:7b:60:d4:dd:29:bc:c9:ca:58:8e:63:51:e0:fe:6b:7e:cd:
         c8:13:69:74:37:20:3c:d0:89:55:e9:18:2b:36:f9:4c:13:1a:
         5c:13:ce:f9:1c:ac:10:08:22:d2:5d:8a:03:b5:4e:ae:73:be:
         4d:61:ab:2f:84:80:df:e8:7d:33:31:a5:3b:4f:f0:c2:46:8e:
         e5:43:14:30:e3:d9:4e:fe:75:8b:b3:89:d0:49:95:74:1a:9b:
         b6:29:d8:ba:50:55:3b:ac:78:8b:28:6a:ee:9f:37:95:b1:e4:
         17:ad:5f:d5:2a:5e:40:8b:43:98:33:74:1f:c3:d6:11:ce:84:
         ad:c5:cb:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oWvYhAVJOPvavMuCMnl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwNjI4MTMwMjAxWhcNMjUwNjI5MTMwMjAxWjAzMTEwLwYDVQQD
EyhlZmU2MDk2MTYzOGI4NjA4NTQxZWQ5OTAyNzNlOTkyZTA4MzVkZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpZAq4En6n7ZqB5D1om03Eqka4qq
QzLVc1lvY4DxRVKM6Jzjo3XWEj11m8wd5KPo6g3w2RMIWgMcW3aqnRfwUpVV+kHo
HrxdUMnZeMheLbYcHsp3OiLmHTOTiAFkWGr7D01LG7fwmFWR0WHdHsPX+Y22drEx
LWv2oKBW1ZKVSfXc31Pu4INyWMedBcDSj21s6AOUwG0LliJg+a7s5hzp6UnxNiZ1
BBGO8yoXl9qROouaOzIxL4PQaJMA/qlFvJsT3I3rUm5NrXyBdzGVlR6kwQupKq3j
yrLa/NdRCg8TpuybUBplzDfyTqPzKB57T4HoiPV9FBDwA2iteL12G91vbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/mCWFji4YIVB7ZkCc+mS4INd6kMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+Lz0HAU
UZkl//LyJMctbrMzjwMYv3XnOOkX22HJ//HYyHYJAOkUqbaOCBc9e/W0Z1TsG33y
IDpdx13ug8QvM+c/wWZWQlkfRb+6uQVVaskLlb2Zwtc/aj4KbgDDukiPM8BmEH7G
MS+7bPm81WaXfmR0bevV6i4xkjEEy5mt03tg1N0pvMnKWI5jUeD+a37NyBNpdDcg
PNCJVekYKzb5TBMaXBPO+RysEAgi0l2KA7VOrnO+TWGrL4SA3+h9MzGlO0/wwkaO
5UMUMOPZTv51i7OJ0EmVdBqbtinYulBVO6x4iyhq7p83lbHkF61f1SpeQItDmDN0
H8PWEc6ErcXLcQ==
-----END CERTIFICATE-----