Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft
File:                     C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft (raw, json)
Hash identifier:          lOUCW6hYuQ2QYe2DECRspXXF65soYUzhE0q1yOrlOQM=
Subject key identifier:   11:14:B5:09:95:0C:30:C4:B2:09:F7:88:79:C1:38:EB:DB:A1:80:3B
Authority key identifier: 0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC
Certificate issuer:       /CN=0bfa7348d6c1d7186328328720730f684fa20edc
Certificate serial:       0197B70F0E94E659743146004B5D1F2F17C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 15:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:46 +0000
Files and hashes:         1: C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl (hash: itJKp5fxoXb51C0ESOG6hR+wVYFjZazr7jbHKpSZQds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:0e:94:e6:59:74:31:46:00:4b:5d:1f:2f:17:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bfa7348d6c1d7186328328720730f684fa20edc
        Validity
            Not Before: Jun 28 15:01:46 2025 GMT
            Not After : Jun 29 15:01:46 2025 GMT
        Subject: CN=1114b509950c30c4b209f78879c138ebdba1803b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:12:6e:7c:a8:48:55:17:c9:a4:77:81:24:56:
                    6f:60:c0:e9:df:41:ea:4c:42:e3:d8:98:9c:43:38:
                    ef:55:8d:a5:b4:85:03:23:d7:ab:33:0e:8b:71:02:
                    89:74:32:83:53:15:cc:ce:7e:83:85:0c:6c:90:65:
                    31:d2:84:c7:a2:79:f6:ad:80:ba:cf:bb:46:dc:55:
                    cc:6a:0b:5d:44:cc:c4:ad:99:ce:c4:95:52:0b:1d:
                    f2:c9:3a:68:d6:39:4c:d7:73:8a:82:a3:d7:0a:28:
                    2b:1b:c6:63:b4:ab:ed:72:36:5a:32:25:c4:7d:b6:
                    9c:16:b6:a6:c9:cb:38:d7:83:ee:ff:ca:b5:bd:b8:
                    97:b2:90:e1:22:5a:dc:f1:5b:e1:79:35:eb:7c:69:
                    4f:61:79:23:25:f0:52:c0:a7:d5:d8:76:69:84:7a:
                    f2:6e:aa:90:d0:ed:0f:8a:26:46:64:71:f9:1f:47:
                    a3:24:25:d2:7f:be:f5:4a:9b:37:b6:79:f2:6c:3d:
                    d4:2e:f5:b1:f7:2b:b7:54:86:5e:bd:b9:bb:fd:f5:
                    46:44:58:e6:16:e5:bc:f5:b7:d5:6e:f2:0b:3c:ed:
                    01:eb:3c:48:2b:d9:d5:70:9d:07:bb:fa:58:9c:cc:
                    b0:62:f1:34:97:be:e5:26:3b:32:73:a6:88:d3:9d:
                    b3:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:14:B5:09:95:0C:30:C4:B2:09:F7:88:79:C1:38:EB:DB:A1:80:3B
            X509v3 Authority Key Identifier:
                keyid:0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:2a:3c:7a:93:ae:70:0e:66:1b:5a:72:f0:74:ec:27:10:ca:
         2e:f9:04:ea:64:c8:db:a0:b3:27:c7:8b:d8:14:9b:d9:89:b4:
         1b:e1:a3:67:ec:e1:c7:ca:1f:b2:2f:74:df:b0:f0:84:ab:9b:
         a3:32:7c:7e:6d:31:e7:c2:f7:22:c5:0a:e5:02:24:70:f7:a3:
         28:b6:74:32:57:4b:a4:cb:07:03:25:90:b2:16:85:c6:78:72:
         ee:86:bf:10:17:25:4a:3e:ee:2d:f9:9b:4f:32:3e:21:ed:b2:
         df:e2:31:8d:da:13:40:03:48:52:12:3b:79:2f:51:5b:c9:44:
         e8:21:5d:d7:09:ee:ba:dd:a9:e2:4c:99:0b:76:2e:f3:09:32:
         50:0f:d3:7b:95:bb:d8:99:9b:c9:ad:a0:16:b3:b6:3f:6b:3c:
         af:fc:77:13:c6:71:32:9e:d4:b5:37:95:20:97:74:af:fb:e6:
         4c:6e:2c:e6:cd:ef:d6:6e:de:fb:52:09:7e:36:d5:c2:73:06:
         12:52:91:9e:f0:90:b1:17:14:01:9a:76:29:9a:03:0f:7b:94:
         4c:85:35:3e:c8:53:8f:c4:46:1a:2f:c5:03:80:64:27:1d:96:
         e0:b5:1c:f8:46:27:14:74:0e:35:98:06:e8:2e:0f:6c:fe:0e:
         e0:fb:68:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dw6U5ll0MUYAS10fLxfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmE3MzQ4ZDZjMWQ3MTg2MzI4MzI4NzIwNzMwZjY4NGZh
MjBlZGMwHhcNMjUwNjI4MTUwMTQ2WhcNMjUwNjI5MTUwMTQ2WjAzMTEwLwYDVQQD
EygxMTE0YjUwOTk1MGMzMGM0YjIwOWY3ODg3OWMxMzhlYmRiYTE4MDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBJufKhIVRfJpHeBJFZvYMDp30Hq
TELj2JicQzjvVY2ltIUDI9erMw6LcQKJdDKDUxXMzn6DhQxskGUx0oTHonn2rYC6
z7tG3FXMagtdRMzErZnOxJVSCx3yyTpo1jlM13OKgqPXCigrG8ZjtKvtcjZaMiXE
fbacFramycs414Pu/8q1vbiXspDhIlrc8VvheTXrfGlPYXkjJfBSwKfV2HZphHry
bqqQ0O0PiiZGZHH5H0ejJCXSf771Sps3tnnybD3ULvWx9yu3VIZevbm7/fVGRFjm
FuW89bfVbvILPO0B6zxIK9nVcJ0Hu/pYnMywYvE0l77lJjsyc6aI052z/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEUtQmVDDDEsgn3iHnBOOvboYA7MB8GA1UdIwQY
MBaAFAv6c0jWwdcYYygyhyBzD2hPog7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2Qt
ODU3MDY2NDVlNzM0LzEvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2QtODU3MDY2NDVlNzM0
LzEvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhyo8epOu
cA5mG1py8HTsJxDKLvkE6mTI26CzJ8eL2BSb2Ym0G+GjZ+zhx8ofsi9037DwhKub
ozJ8fm0x58L3IsUK5QIkcPejKLZ0MldLpMsHAyWQshaFxnhy7oa/EBclSj7uLfmb
TzI+Ie2y3+IxjdoTQANIUhI7eS9RW8lE6CFd1wnuut2p4kyZC3Yu8wkyUA/Te5W7
2Jmbya2gFrO2P2s8r/x3E8ZxMp7UtTeVIJd0r/vmTG4s5s3v1m7e+1IJfjbVwnMG
ElKRnvCQsRcUAZp2KZoDD3uUTIU1PshTj8RGGi/FA4BkJx2W4LUc+EYnFHQONZgG
6C4PbP4O4PtoLw==
-----END CERTIFICATE-----