Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.mft
File:                     FLtvrGkZ2QCi_rt4HRl_TYE04Fs.mft (raw, json)
Hash identifier:          oqmLGWXGe0yLJjkFbGK4f2NLOhJGFwBg1vQB4xWpuAQ=
Subject key identifier:   D4:02:1D:1E:50:7B:52:6E:84:4F:B4:C8:75:A1:62:CE:F4:87:D9:67
Authority key identifier: 14:BB:6F:AC:69:19:D9:00:A2:FE:BB:78:1D:19:7F:4D:81:34:E0:5B
Certificate issuer:       /CN=14bb6fac6919d900a2febb781d197f4d8134e05b
Certificate serial:       0197B5FC4D796792DC8EC394BA3CBED55F69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.mft
Manifest number:          11CB
Signing time:             Sat 28 Jun 2025 10:01:40 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:40 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:40 +0000
Files and hashes:         1: FLtvrGkZ2QCi_rt4HRl_TYE04Fs.crl (hash: 2E0uEeBPjNtG6JhguQHHk4qzhhS13HrgaUJKnUfwJ2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:4d:79:67:92:dc:8e:c3:94:ba:3c:be:d5:5f:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14bb6fac6919d900a2febb781d197f4d8134e05b
        Validity
            Not Before: Jun 28 10:01:40 2025 GMT
            Not After : Jun 29 10:01:40 2025 GMT
        Subject: CN=d4021d1e507b526e844fb4c875a162cef487d967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:05:5c:5d:2f:c8:4d:2e:0f:c0:4c:0c:9d:65:
                    e3:ba:d2:9e:00:13:b6:05:53:5c:f7:7e:56:ca:68:
                    56:70:32:d1:b8:ce:25:07:85:fd:65:01:67:49:68:
                    d2:74:e6:a1:05:87:68:0d:40:88:cf:87:92:83:5b:
                    cf:7b:37:de:54:61:53:a3:33:4d:92:5b:18:a0:41:
                    08:89:59:22:d9:57:3f:74:da:81:e7:43:11:44:d5:
                    4b:ba:ff:31:44:51:7b:c1:56:13:1e:60:86:96:a4:
                    00:e8:aa:48:e9:b6:e0:da:5f:55:f3:37:86:ee:4c:
                    4c:ff:9e:5f:c6:2c:5b:fb:b1:74:8c:5c:61:dc:7b:
                    45:62:92:63:3b:aa:d6:39:56:0c:d6:e3:5c:94:45:
                    9b:5c:00:ea:43:3f:08:0e:f3:ae:0b:22:f9:ea:2c:
                    ef:03:3c:55:ce:6c:9e:ac:14:28:c4:9f:da:1a:09:
                    d1:94:47:67:78:15:d6:88:07:c7:98:f7:6d:c8:75:
                    b3:74:c5:b3:9e:4f:08:5f:74:4f:e3:45:50:09:f9:
                    f4:e2:40:68:ac:87:4a:16:cf:99:e5:ae:eb:89:9d:
                    06:35:e3:0b:ea:8b:66:82:75:0c:a5:06:a4:40:c8:
                    fc:76:e0:3c:21:84:2b:64:49:47:5a:6a:52:df:a9:
                    ed:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:02:1D:1E:50:7B:52:6E:84:4F:B4:C8:75:A1:62:CE:F4:87:D9:67
            X509v3 Authority Key Identifier:
                keyid:14:BB:6F:AC:69:19:D9:00:A2:FE:BB:78:1D:19:7F:4D:81:34:E0:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4f4e5f-2549-4ff8-b3f7-2e859575e1ea/1/FLtvrGkZ2QCi_rt4HRl_TYE04Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:43:5d:55:c4:c2:a4:32:af:cb:5b:58:a7:64:c5:52:b9:c4:
         89:14:3b:e6:d7:a7:c5:40:e6:4c:1f:7c:42:8c:39:04:da:66:
         9d:0b:50:1e:5e:d3:42:a4:92:72:89:e1:c4:5e:e9:f1:61:27:
         7d:8b:4f:1c:bf:31:e0:02:91:80:22:e7:53:17:da:81:9a:bd:
         81:75:7c:4f:b4:fb:ff:40:6a:08:65:33:38:6f:45:44:27:fc:
         43:5d:ec:0e:67:6a:11:6d:32:82:05:9c:91:e6:2f:12:2c:8d:
         50:12:78:62:76:38:7c:56:ba:57:4a:59:30:71:e2:80:51:57:
         6c:d6:39:c6:40:80:d9:ae:3d:a7:fb:2f:06:9c:0b:9e:d6:bd:
         3e:d5:e6:73:15:b6:7c:8f:1e:a6:ee:bb:e1:76:02:df:5a:9e:
         53:13:6e:82:8d:08:1b:82:0e:d8:11:74:b6:7f:78:e8:e0:b3:
         03:35:be:35:e4:53:dd:93:47:91:95:1c:ee:91:0f:b6:5c:96:
         6c:f9:d8:93:a9:81:19:f1:34:e7:94:35:ff:ed:75:47:82:00:
         7b:e2:db:82:3c:53:c2:09:c1:95:09:2a:22:62:f1:96:35:04:
         c6:a6:1b:19:68:d7:1c:03:6b:e9:e3:b1:52:79:f5:8b:e0:ba:
         f1:b5:fd:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/E15Z5LcjsOUujy+1V9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmI2ZmFjNjkxOWQ5MDBhMmZlYmI3ODFkMTk3ZjRkODEz
NGUwNWIwHhcNMjUwNjI4MTAwMTQwWhcNMjUwNjI5MTAwMTQwWjAzMTEwLwYDVQQD
EyhkNDAyMWQxZTUwN2I1MjZlODQ0ZmI0Yzg3NWExNjJjZWY0ODdkOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgVcXS/ITS4PwEwMnWXjutKeABO2
BVNc935WymhWcDLRuM4lB4X9ZQFnSWjSdOahBYdoDUCIz4eSg1vPezfeVGFTozNN
klsYoEEIiVki2Vc/dNqB50MRRNVLuv8xRFF7wVYTHmCGlqQA6KpI6bbg2l9V8zeG
7kxM/55fxixb+7F0jFxh3HtFYpJjO6rWOVYM1uNclEWbXADqQz8IDvOuCyL56izv
AzxVzmyerBQoxJ/aGgnRlEdneBXWiAfHmPdtyHWzdMWznk8IX3RP40VQCfn04kBo
rIdKFs+Z5a7riZ0GNeML6otmgnUMpQakQMj8duA8IYQrZElHWmpS36ntHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQCHR5Qe1JuhE+0yHWhYs70h9lnMB8GA1UdIwQY
MBaAFBS7b6xpGdkAov67eB0Zf02BNOBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkx0dnJHa1oyUUNpX3J0NEhSbF9UWUUwNEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80ZjRlNWYtMjU0OS00ZmY4LWIzZjct
MmU4NTk1NzVlMWVhLzEvRkx0dnJHa1oyUUNpX3J0NEhSbF9UWUUwNEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80ZjRlNWYtMjU0OS00ZmY4LWIzZjctMmU4NTk1NzVlMWVh
LzEvRkx0dnJHa1oyUUNpX3J0NEhSbF9UWUUwNEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdUNdVcTC
pDKvy1tYp2TFUrnEiRQ75tenxUDmTB98Qow5BNpmnQtQHl7TQqSSconhxF7p8WEn
fYtPHL8x4AKRgCLnUxfagZq9gXV8T7T7/0BqCGUzOG9FRCf8Q13sDmdqEW0yggWc
keYvEiyNUBJ4YnY4fFa6V0pZMHHigFFXbNY5xkCA2a49p/svBpwLnta9PtXmcxW2
fI8epu674XYC31qeUxNugo0IG4IO2BF0tn946OCzAzW+NeRT3ZNHkZUc7pEPtlyW
bPnYk6mBGfE055Q1/+11R4IAe+LbgjxTwgnBlQkqImLxljUExqYbGWjXHANr6eOx
Unn1i+C68bX9aQ==
-----END CERTIFICATE-----