Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          usRl6O48zw98UmNFzpBKCrURDeTDPXZdl5pTh2/ov3w=
Subject key identifier:   EF:9F:BB:96:48:B6:11:32:EA:14:BD:A4:4C:C1:89:FE:C2:BC:F5:34
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       0196BDEEB103CE57474EC1A209BC11CEA4C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0C3F
Signing time:             Sun 11 May 2025 06:00:58 +0000
Manifest this update:     Sun 11 May 2025 06:00:58 +0000
Manifest next update:     Mon 12 May 2025 06:00:58 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: EAySVotLjp12juAcJZy9WGmfxemkCwv1faSzSsWaIIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:b1:03:ce:57:47:4e:c1:a2:09:bc:11:ce:a4:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: May 11 06:00:58 2025 GMT
            Not After : May 12 06:00:58 2025 GMT
        Subject: CN=ef9fbb9648b61132ea14bda44cc189fec2bcf534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9c:13:69:8f:a5:e0:88:61:a9:ba:d3:94:e5:
                    68:5b:e8:85:6d:39:e8:6a:9b:4c:4f:f7:bb:3d:42:
                    73:2c:77:6d:c6:b2:7e:24:c9:16:b4:a9:3f:e7:51:
                    1f:6c:da:74:e8:72:36:50:54:0d:d6:10:47:73:a5:
                    03:60:02:90:cc:34:d5:46:0e:ff:83:f3:3d:65:0a:
                    a6:a8:e2:2a:9a:63:c2:cd:f6:4f:56:f9:8a:15:ab:
                    f0:c0:b0:46:bb:da:84:d6:8d:2b:cb:18:17:3c:92:
                    cc:f4:7e:2c:fa:a6:6d:f3:5e:ec:5f:d1:68:b3:f5:
                    0d:7b:e2:91:28:23:48:41:2d:2c:22:f2:11:7a:d9:
                    cf:5d:e4:e3:93:65:c5:6d:b3:d7:83:74:b9:2b:38:
                    87:51:33:2d:c4:e7:9e:1a:ff:45:f0:53:08:93:3b:
                    37:8f:08:e1:cb:5c:07:c5:fb:91:67:c9:a1:ed:9a:
                    d6:0d:53:c3:26:d5:7e:49:4c:b9:10:47:15:7e:7b:
                    f2:ee:50:26:39:d7:36:18:79:9d:a9:ee:bc:01:7b:
                    2f:4b:34:20:bc:ce:72:31:90:e8:f2:cf:f7:fe:22:
                    c2:1e:5a:48:ff:48:69:da:48:92:b8:ac:8d:85:a8:
                    f9:f7:42:4b:f2:ea:63:2b:b9:eb:e2:72:60:cc:18:
                    b8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:9F:BB:96:48:B6:11:32:EA:14:BD:A4:4C:C1:89:FE:C2:BC:F5:34
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:20:6f:1a:0c:40:ad:4a:54:d3:5e:50:b7:7f:aa:e6:aa:17:
         0c:93:41:61:b8:fe:4d:50:1b:8d:78:d7:1a:4f:70:5d:bc:db:
         70:37:3a:57:4d:62:9d:1d:1b:0b:7e:cc:1f:cb:73:f3:15:11:
         76:3f:cd:37:a1:23:4b:05:c6:18:2e:f8:28:3c:02:c9:57:d6:
         3f:89:6a:35:6a:d8:4f:5b:a4:c7:8c:af:11:3e:6f:f4:ff:18:
         4d:2e:de:cd:de:69:7d:69:52:35:dd:2b:bd:9e:f8:bf:71:91:
         a1:cd:51:c7:3a:af:2b:2e:33:f8:8d:4f:2c:38:2e:50:ce:60:
         8c:f9:2c:0d:c9:55:a2:2f:fb:32:40:62:44:85:5e:9e:52:d6:
         13:60:16:df:cf:40:d5:72:ef:ff:82:b0:f8:c7:d2:0a:9b:4f:
         8d:4c:e0:40:29:d9:e6:d9:f4:9d:1d:ae:80:27:d0:1f:20:aa:
         24:88:b7:71:aa:7a:06:95:05:30:b1:62:fc:74:1f:44:9f:94:
         a3:db:f7:17:03:e2:96:1e:a8:05:4d:f1:2f:3e:f0:86:89:d2:
         4c:9e:5e:b5:de:c2:7c:b1:28:b2:68:8f:07:40:b7:cd:ce:48:
         9b:ec:19:ae:bd:fd:60:b3:8e:9a:05:a4:c5:b9:29:03:db:03:
         a0:af:30:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97rEDzldHTsGiCbwRzqTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUwNTExMDYwMDU4WhcNMjUwNTEyMDYwMDU4WjAzMTEwLwYDVQQD
EyhlZjlmYmI5NjQ4YjYxMTMyZWExNGJkYTQ0Y2MxODlmZWMyYmNmNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJwTaY+l4IhhqbrTlOVoW+iFbTno
aptMT/e7PUJzLHdtxrJ+JMkWtKk/51EfbNp06HI2UFQN1hBHc6UDYAKQzDTVRg7/
g/M9ZQqmqOIqmmPCzfZPVvmKFavwwLBGu9qE1o0ryxgXPJLM9H4s+qZt817sX9Fo
s/UNe+KRKCNIQS0sIvIRetnPXeTjk2XFbbPXg3S5KziHUTMtxOeeGv9F8FMIkzs3
jwjhy1wHxfuRZ8mh7ZrWDVPDJtV+SUy5EEcVfnvy7lAmOdc2GHmdqe68AXsvSzQg
vM5yMZDo8s/3/iLCHlpI/0hp2kiSuKyNhaj590JL8upjK7nr4nJgzBi4VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+fu5ZIthEy6hS9pEzBif7CvPU0MB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSBvGgxA
rUpU015Qt3+q5qoXDJNBYbj+TVAbjXjXGk9wXbzbcDc6V01inR0bC37MH8tz8xUR
dj/NN6EjSwXGGC74KDwCyVfWP4lqNWrYT1ukx4yvET5v9P8YTS7ezd5pfWlSNd0r
vZ74v3GRoc1RxzqvKy4z+I1PLDguUM5gjPksDclVoi/7MkBiRIVenlLWE2AW389A
1XLv/4Kw+MfSCptPjUzgQCnZ5tn0nR2ugCfQHyCqJIi3cap6BpUFMLFi/HQfRJ+U
o9v3FwPilh6oBU3xLz7whonSTJ5etd7CfLEosmiPB0C3zc5Im+wZrr39YLOOmgWk
xbkpA9sDoK8wUw==
-----END CERTIFICATE-----