Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
File:                     4TcnopRRvk3Zkitg0cWW6Aaplfs.mft (raw, json)
Hash identifier:          AD2bG1eWRXUKKwnzJq0EVIWLVX+QFaV29bgXZMJnmOQ=
Subject key identifier:   93:28:0A:3A:15:A8:5D:E6:C4:66:48:8A:99:2B:AC:EC:B5:FC:AA:8C
Authority key identifier: E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB
Certificate issuer:       /CN=e13727a29451be4dd9922b60d1c596e806a995fb
Certificate serial:       0197B6A133E8B576DB39396714F019B96E5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:01:47 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:47 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:47 +0000
Files and hashes:         1: 4TcnopRRvk3Zkitg0cWW6Aaplfs.crl (hash: 0ytoHK+XqZzUeEi0CVFLxJoguWPQNK7G3SKzY9a2Xg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:33:e8:b5:76:db:39:39:67:14:f0:19:b9:6e:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13727a29451be4dd9922b60d1c596e806a995fb
        Validity
            Not Before: Jun 28 13:01:47 2025 GMT
            Not After : Jun 29 13:01:47 2025 GMT
        Subject: CN=93280a3a15a85de6c466488a992bacecb5fcaa8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b6:bb:fe:ec:75:8b:a7:39:a7:bb:e9:77:14:
                    fa:ee:af:10:a6:b8:d4:44:43:e4:f3:27:ff:fb:2f:
                    6d:8b:dd:a1:8c:f5:95:f6:ec:bb:64:dc:4e:1b:43:
                    6d:97:76:52:08:e8:c7:60:bf:b7:d1:ec:e2:82:0f:
                    96:af:70:dc:b4:aa:67:6a:97:dd:d5:12:e4:42:29:
                    fa:78:21:48:ef:60:95:12:85:52:82:c3:cc:20:26:
                    25:8c:63:4b:b3:dd:56:54:67:fc:85:45:0c:b2:f4:
                    e2:b0:95:1a:68:be:d0:73:89:40:97:0e:53:ef:86:
                    12:56:02:e1:c4:53:05:c0:da:02:9f:92:c5:61:a6:
                    40:9a:f9:11:e5:a1:b5:05:80:3a:79:4d:4c:52:ec:
                    b6:69:9a:94:f8:33:cc:15:b2:13:25:e6:c7:c2:e6:
                    7f:ad:9f:39:73:af:29:15:7a:66:03:77:f7:5a:25:
                    82:56:98:13:53:7b:58:00:7e:09:39:59:e0:8e:64:
                    75:1c:a9:8b:61:e8:f8:50:e8:1b:fe:0a:ed:41:52:
                    ea:71:b6:61:94:36:65:02:da:75:b8:67:48:9f:63:
                    f0:69:47:67:ad:b0:10:2c:a9:06:68:9b:6c:92:cd:
                    dd:8b:11:87:9a:2e:a3:f2:7e:14:bd:ff:90:dc:78:
                    67:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:28:0A:3A:15:A8:5D:E6:C4:66:48:8A:99:2B:AC:EC:B5:FC:AA:8C
            X509v3 Authority Key Identifier:
                keyid:E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:6a:b0:5b:b2:6d:83:cc:08:3d:ba:49:4b:43:84:9c:75:e3:
         f1:d1:2a:7c:c7:30:8e:f9:c7:38:72:20:2e:09:ab:9c:e1:32:
         1c:82:f7:90:ce:73:de:21:a1:77:11:b8:68:dd:ea:a9:27:90:
         79:d1:0d:21:35:0a:c5:0c:94:41:d1:36:4a:e1:3f:1e:e5:48:
         d4:6f:5e:7d:93:9e:92:4e:fd:fb:09:fa:e5:8e:40:d4:fd:87:
         86:63:51:1a:6f:7c:6b:d7:33:5b:94:4f:76:3a:2a:9d:bf:5e:
         da:ef:61:67:03:a4:66:df:76:96:fc:32:05:3f:72:3c:c0:f3:
         05:07:42:f1:2a:c1:b2:2d:fc:11:dd:77:11:1b:27:bb:26:b9:
         a2:3b:34:47:db:2c:52:88:b0:c9:d8:7f:a9:44:12:57:52:a5:
         cc:49:ce:da:c3:99:d9:80:15:cb:6a:f0:8c:a3:f3:38:e3:1b:
         5e:30:15:27:84:9d:1d:49:27:13:bb:3b:b7:9e:34:50:e5:d6:
         29:cc:c1:4e:45:f3:2a:53:7e:f1:40:20:f7:d3:42:ff:39:f7:
         78:a0:c4:30:52:0f:21:fa:29:43:c8:9b:d3:34:24:05:dc:88:
         9e:5f:e6:f2:23:22:d7:07:05:1b:6b:af:20:a3:53:37:40:c9:
         95:2b:ec:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oTPotXbbOTlnFPAZuW5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzcyN2EyOTQ1MWJlNGRkOTkyMmI2MGQxYzU5NmU4MDZh
OTk1ZmIwHhcNMjUwNjI4MTMwMTQ3WhcNMjUwNjI5MTMwMTQ3WjAzMTEwLwYDVQQD
Eyg5MzI4MGEzYTE1YTg1ZGU2YzQ2NjQ4OGE5OTJiYWNlY2I1ZmNhYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoba7/ux1i6c5p7vpdxT67q8QprjU
REPk8yf/+y9ti92hjPWV9uy7ZNxOG0Ntl3ZSCOjHYL+30ezigg+Wr3DctKpnapfd
1RLkQin6eCFI72CVEoVSgsPMICYljGNLs91WVGf8hUUMsvTisJUaaL7Qc4lAlw5T
74YSVgLhxFMFwNoCn5LFYaZAmvkR5aG1BYA6eU1MUuy2aZqU+DPMFbITJebHwuZ/
rZ85c68pFXpmA3f3WiWCVpgTU3tYAH4JOVngjmR1HKmLYej4UOgb/grtQVLqcbZh
lDZlAtp1uGdIn2PwaUdnrbAQLKkGaJtsks3dixGHmi6j8n4Uvf+Q3HhnzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMoCjoVqF3mxGZIipkrrOy1/KqMMB8GA1UdIwQY
MBaAFOE3J6KUUb5N2ZIrYNHFlugGqZX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmIt
YWM0YzhmMTk4NzZkLzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmItYWM0YzhmMTk4NzZk
LzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWqwW7Jt
g8wIPbpJS0OEnHXj8dEqfMcwjvnHOHIgLgmrnOEyHIL3kM5z3iGhdxG4aN3qqSeQ
edENITUKxQyUQdE2SuE/HuVI1G9efZOekk79+wn65Y5A1P2HhmNRGm98a9czW5RP
djoqnb9e2u9hZwOkZt92lvwyBT9yPMDzBQdC8SrBsi38Ed13ERsnuya5ojs0R9ss
Uoiwydh/qUQSV1KlzEnO2sOZ2YAVy2rwjKPzOOMbXjAVJ4SdHUknE7s7t540UOXW
KczBTkXzKlN+8UAg99NC/zn3eKDEMFIPIfopQ8ib0zQkBdyInl/m8iMi1wcFG2uv
IKNTN0DJlSvsoQ==
-----END CERTIFICATE-----