Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          FHS9LzXOCN6FC1HLDiL2H2hbLVPM8o7O6xxDvvSv7e8=
Subject key identifier:   24:9B:25:DF:1C:0D:8E:88:39:30:D0:CF:F5:A3:24:9A:F0:7F:AA:37
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       0197B6A081473AD4CA0E77BA573813A642C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          13FC
Signing time:             Sat 28 Jun 2025 13:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:01 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: 5YlOEplcOgUnoch9PQBYW+98hf8WglnHidgwIEC6ztk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:81:47:3a:d4:ca:0e:77:ba:57:38:13:a6:42:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: Jun 28 13:01:01 2025 GMT
            Not After : Jun 29 13:01:01 2025 GMT
        Subject: CN=249b25df1c0d8e883930d0cff5a3249af07faa37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fe:ce:5a:b2:44:6f:aa:be:bc:fd:a5:b8:c3:
                    c0:40:3f:23:35:39:fc:6f:b5:b0:eb:4a:48:d1:ac:
                    4c:a5:ae:e1:ed:6a:e6:52:5a:be:78:7b:48:14:bd:
                    0c:0a:b2:e2:32:04:44:b5:09:c2:c8:c6:89:4c:08:
                    48:30:d4:ec:36:d9:82:5a:b1:19:ec:c7:12:d8:82:
                    2a:b0:54:5b:db:ea:cc:d8:54:c0:fe:03:24:ce:d2:
                    6c:20:50:58:c4:4a:4b:d9:48:96:ac:d4:6a:5d:9d:
                    58:bc:49:ac:6c:92:db:16:b4:31:19:c7:24:ec:04:
                    68:92:80:ba:a7:3f:2e:13:cf:59:28:d4:2b:fe:1b:
                    17:b9:e7:f7:86:f1:8b:01:2c:e1:0e:d5:f5:6e:de:
                    be:ca:44:e3:94:51:38:36:a9:99:bd:b1:40:cc:75:
                    c4:0d:c5:45:45:82:b7:a4:94:49:2e:0c:9c:0f:6c:
                    98:32:08:3d:92:cc:1c:cc:c0:b8:b3:83:8b:68:ef:
                    96:ba:4d:36:b3:d4:ff:5a:59:f5:f4:b2:fb:59:19:
                    50:86:de:a2:1f:8c:11:08:25:89:cc:b6:fe:63:0f:
                    63:db:69:69:f2:ee:b4:fb:93:4a:3f:25:93:06:ec:
                    34:dc:d7:0c:fb:db:cc:5c:02:32:1c:d6:72:c6:dd:
                    46:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:9B:25:DF:1C:0D:8E:88:39:30:D0:CF:F5:A3:24:9A:F0:7F:AA:37
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:da:b0:96:38:f2:fb:68:51:92:ae:c2:10:82:1b:b4:10:aa:
         fb:ae:2a:44:82:8c:ad:d4:3f:79:3b:27:2e:86:06:09:28:d9:
         29:f0:20:0e:33:b7:3a:a3:6c:20:45:0a:d5:3d:e1:82:ab:b6:
         df:ea:f9:d6:be:9a:db:42:17:e9:65:6b:67:15:87:94:38:11:
         3c:0c:be:07:c9:ee:2f:51:84:44:a0:94:79:02:6f:ed:61:02:
         56:61:6f:ec:44:27:d3:48:ba:86:ea:61:bd:dd:fd:15:49:8c:
         56:ab:3f:2d:a3:7f:b4:cc:39:3c:b6:83:23:c1:74:ad:7a:74:
         44:86:8d:db:5b:76:ad:7a:8d:f0:39:4a:80:f4:d6:60:fc:1d:
         6f:eb:a0:36:46:93:2f:71:2d:e8:76:cd:40:66:69:27:f3:d0:
         38:0c:3f:0a:67:ba:01:8a:b3:11:c4:18:53:5d:53:82:02:3a:
         bb:b6:59:48:db:d1:fb:b9:44:47:e5:58:f3:7e:6d:d9:39:d1:
         b2:fe:03:34:3c:4c:5f:24:60:e3:04:08:80:60:2a:07:1a:6a:
         66:37:a6:bd:c5:f3:ee:d7:f8:c2:8c:9f:91:41:00:2b:87:25:
         cb:0e:d7:00:5a:d3:86:ba:11:56:24:c4:cf:b1:eb:fa:26:0c:
         38:d7:6a:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oIFHOtTKDne6VzgTpkLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjUwNjI4MTMwMTAxWhcNMjUwNjI5MTMwMTAxWjAzMTEwLwYDVQQD
EygyNDliMjVkZjFjMGQ4ZTg4MzkzMGQwY2ZmNWEzMjQ5YWYwN2ZhYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv7OWrJEb6q+vP2luMPAQD8jNTn8
b7Ww60pI0axMpa7h7WrmUlq+eHtIFL0MCrLiMgREtQnCyMaJTAhIMNTsNtmCWrEZ
7McS2IIqsFRb2+rM2FTA/gMkztJsIFBYxEpL2UiWrNRqXZ1YvEmsbJLbFrQxGcck
7ARokoC6pz8uE89ZKNQr/hsXuef3hvGLASzhDtX1bt6+ykTjlFE4NqmZvbFAzHXE
DcVFRYK3pJRJLgycD2yYMgg9kswczMC4s4OLaO+Wuk02s9T/Wln19LL7WRlQht6i
H4wRCCWJzLb+Yw9j22lp8u60+5NKPyWTBuw03NcM+9vMXAIyHNZyxt1GUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSbJd8cDY6IOTDQz/WjJJrwf6o3MB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmdqwljjy
+2hRkq7CEIIbtBCq+64qRIKMrdQ/eTsnLoYGCSjZKfAgDjO3OqNsIEUK1T3hgqu2
3+r51r6a20IX6WVrZxWHlDgRPAy+B8nuL1GERKCUeQJv7WECVmFv7EQn00i6huph
vd39FUmMVqs/LaN/tMw5PLaDI8F0rXp0RIaN21t2rXqN8DlKgPTWYPwdb+ugNkaT
L3Et6HbNQGZpJ/PQOAw/Cme6AYqzEcQYU11TggI6u7ZZSNvR+7lER+VY835t2TnR
sv4DNDxMXyRg4wQIgGAqBxpqZjemvcXz7tf4woyfkUEAK4clyw7XAFrThroRViTE
z7Hr+iYMONdqoA==
-----END CERTIFICATE-----