Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          tdtBWHmERUqw5kfC9ERSo9oXN2hiDTBZ+KGyUE41kQA=
Subject key identifier:   27:54:72:79:B4:0E:52:2F:B2:12:FA:0D:F3:A9:0B:38:E2:C4:B6:6A
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       0197C68216637AA10370736DB84EDDEAC4A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0CC8
Signing time:             Tue 01 Jul 2025 15:01:43 +0000
Manifest this update:     Tue 01 Jul 2025 15:01:43 +0000
Manifest next update:     Wed 02 Jul 2025 15:01:43 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: pRlb6eeio84V5v5doTZM+j82CnBBVsZgOP0FkTIDO5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:82:16:63:7a:a1:03:70:73:6d:b8:4e:dd:ea:c4:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Jul  1 15:01:43 2025 GMT
            Not After : Jul  2 15:01:43 2025 GMT
        Subject: CN=27547279b40e522fb212fa0df3a90b38e2c4b66a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a2:eb:a5:21:5a:03:10:48:7d:eb:27:c4:4e:
                    8b:86:82:88:95:af:32:07:2f:14:f2:3a:b9:df:e3:
                    f5:f2:95:dc:79:7c:40:9c:4a:79:00:fb:99:db:d7:
                    2b:5e:34:d8:e7:79:8a:6d:00:ab:d3:d6:47:32:02:
                    ee:87:cd:8c:c9:a5:fe:ed:33:07:c4:dd:fa:49:55:
                    7d:ce:0d:b0:dc:b6:3c:43:bd:c6:14:92:73:cc:55:
                    79:49:38:6f:eb:19:a9:33:3f:9f:ca:14:be:1f:ec:
                    8b:45:c4:34:7d:ed:3d:89:c1:ba:c8:bb:05:e4:0f:
                    6d:39:9c:c6:66:5b:b4:3e:39:fd:e3:2f:94:53:a1:
                    39:be:5b:dc:86:a1:fc:e7:7e:60:58:e6:5b:ba:47:
                    0f:fa:d7:06:39:85:bb:8d:1b:d2:ce:db:65:ae:69:
                    61:8b:8d:53:9c:bc:2e:06:5c:d7:f2:15:38:9c:d5:
                    35:cf:39:82:cf:2f:b4:07:87:c8:a1:5e:b2:f9:a0:
                    78:c5:61:ea:bf:ee:a7:2b:ec:40:1d:23:d9:32:18:
                    82:b8:b2:c8:4c:98:a2:84:20:74:81:a4:16:cb:eb:
                    64:5c:32:da:7f:4e:5b:b3:fc:26:94:53:3a:c0:f9:
                    f9:f4:7a:3d:74:d9:70:88:56:5e:d4:a7:24:ec:0a:
                    e0:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:54:72:79:B4:0E:52:2F:B2:12:FA:0D:F3:A9:0B:38:E2:C4:B6:6A
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:92:5c:0f:0f:ac:cc:29:3a:57:70:84:57:00:01:a6:f1:b0:
         c8:01:ae:85:de:08:5f:30:67:95:55:b4:1d:45:48:6d:a9:b8:
         29:8b:e0:22:07:dc:68:23:3b:07:7d:3a:42:50:3c:4e:d5:60:
         21:36:86:c2:13:dc:85:b1:a6:1f:be:67:27:f0:c5:b2:70:95:
         a3:11:0d:6d:33:19:6e:3c:26:ca:07:3e:2f:f8:18:b7:c9:d0:
         2f:d3:15:80:c0:3d:92:94:be:90:a8:f1:42:ae:f0:f1:1f:7e:
         e5:dd:88:81:b4:50:f2:ff:72:13:87:e3:a4:ae:ce:83:5e:17:
         d1:3f:d7:d1:9e:5f:b4:0c:60:2e:ca:59:63:45:f9:6f:29:a2:
         1b:9c:13:0a:4a:c9:4b:05:85:96:2a:6e:58:5f:81:51:9a:1d:
         84:ab:fb:af:08:41:ea:86:9e:36:41:52:ad:6d:14:21:21:ad:
         c5:4d:13:57:ad:fd:be:73:bb:03:d4:21:e1:a4:5c:25:7d:38:
         9d:6a:a0:e7:e2:80:12:42:c0:2b:14:a8:9f:fc:3b:2f:84:62:
         88:8e:a5:c6:25:ae:db:f4:65:66:9f:1f:be:26:9d:81:bc:29:
         99:06:51:de:8f:4f:70:0b:85:41:54:a2:59:5e:3b:9c:89:be:
         c3:de:23:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGghZjeqEDcHNtuE7d6sSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUwNzAxMTUwMTQzWhcNMjUwNzAyMTUwMTQzWjAzMTEwLwYDVQQD
EygyNzU0NzI3OWI0MGU1MjJmYjIxMmZhMGRmM2E5MGIzOGUyYzRiNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6LrpSFaAxBIfesnxE6LhoKIla8y
By8U8jq53+P18pXceXxAnEp5APuZ29crXjTY53mKbQCr09ZHMgLuh82MyaX+7TMH
xN36SVV9zg2w3LY8Q73GFJJzzFV5SThv6xmpMz+fyhS+H+yLRcQ0fe09icG6yLsF
5A9tOZzGZlu0Pjn94y+UU6E5vlvchqH8535gWOZbukcP+tcGOYW7jRvSzttlrmlh
i41TnLwuBlzX8hU4nNU1zzmCzy+0B4fIoV6y+aB4xWHqv+6nK+xAHSPZMhiCuLLI
TJiihCB0gaQWy+tkXDLaf05bs/wmlFM6wPn59Ho9dNlwiFZe1Kck7ArgowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdUcnm0DlIvshL6DfOpCzjixLZqMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJJcDw+s
zCk6V3CEVwABpvGwyAGuhd4IXzBnlVW0HUVIbam4KYvgIgfcaCM7B306QlA8TtVg
ITaGwhPchbGmH75nJ/DFsnCVoxENbTMZbjwmygc+L/gYt8nQL9MVgMA9kpS+kKjx
Qq7w8R9+5d2IgbRQ8v9yE4fjpK7Og14X0T/X0Z5ftAxgLspZY0X5bymiG5wTCkrJ
SwWFlipuWF+BUZodhKv7rwhB6oaeNkFSrW0UISGtxU0TV639vnO7A9Qh4aRcJX04
nWqg5+KAEkLAKxSon/w7L4RiiI6lxiWu2/RlZp8fviadgbwpmQZR3o9PcAuFQVSi
WV47nIm+w94j4A==
-----END CERTIFICATE-----