Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          jIQiMEirZ5T2S/RcD6I20ruqOhahjhxULHGxutgeYk4=
Subject key identifier:   23:E7:82:61:9C:D5:F3:70:18:94:FD:DF:AA:44:6B:2E:CD:2C:BA:00
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       0197B70EF458BFB3FE8A6B4FEB2E63F12E86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          74
Signing time:             Sat 28 Jun 2025 15:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:39 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: RaYXEGL2jxQonWb0mKIpY8srgyFzvYiJ5oJECdt9QHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:f4:58:bf:b3:fe:8a:6b:4f:eb:2e:63:f1:2e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Jun 28 15:01:39 2025 GMT
            Not After : Jun 29 15:01:39 2025 GMT
        Subject: CN=23e782619cd5f3701894fddfaa446b2ecd2cba00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:95:70:a1:40:3a:ae:b1:fb:d6:4d:a0:ab:62:
                    f7:5e:80:d8:03:ba:55:c4:4f:bf:23:43:f1:b2:2c:
                    a2:ba:e1:04:cd:1b:b2:1e:43:a2:68:a0:52:74:ab:
                    a2:8c:de:cc:de:b8:f6:d9:bb:4c:24:09:97:9a:49:
                    71:17:0a:a9:9f:08:70:cd:b7:9e:d6:71:38:4f:0a:
                    ba:2d:16:f2:36:b6:ce:d8:9a:a2:3a:ad:d5:ec:8a:
                    53:5d:71:39:b1:ef:6c:50:a1:3d:a3:e2:a3:51:97:
                    ed:a6:96:79:9b:6f:53:f5:d6:b6:70:5a:4f:44:d0:
                    cb:85:ce:1c:4f:a4:ff:97:2b:9f:27:fe:30:af:85:
                    cd:28:76:8d:c4:f4:c7:89:40:f9:01:a3:fd:45:bd:
                    b3:d7:99:5b:e6:54:e6:05:ef:86:57:a4:cd:42:87:
                    36:0a:a4:ec:ed:06:37:8e:82:45:b5:6c:a9:58:b0:
                    de:03:f0:1f:a5:35:2f:d0:d1:bd:ba:7e:dc:9b:1a:
                    2c:d5:ed:60:40:29:10:30:47:a8:2d:1e:6f:cb:76:
                    8d:0c:b2:8d:8b:b9:b6:68:2a:5d:50:cc:bf:55:75:
                    bc:7f:09:4f:40:2b:30:ad:21:b6:e4:63:58:76:86:
                    b9:6c:4a:a8:99:01:11:44:be:57:97:1f:97:04:b2:
                    81:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:E7:82:61:9C:D5:F3:70:18:94:FD:DF:AA:44:6B:2E:CD:2C:BA:00
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:2e:22:a6:01:4a:de:f9:47:33:30:d6:c5:d9:fe:ab:09:71:
         d1:78:e3:0f:30:29:11:b8:2b:db:32:fc:12:af:b7:98:05:90:
         0b:e3:bb:b4:e1:6b:39:bb:42:c5:6c:9e:f5:c6:89:f7:07:f5:
         2b:f3:e8:ed:89:2a:cd:90:90:82:d8:dd:f1:a0:31:e3:92:49:
         ed:14:ba:ba:a2:70:f0:e4:cf:44:2a:67:af:42:b6:9e:e1:ae:
         75:02:3f:83:54:1c:7d:67:c0:c7:38:72:f2:52:7a:de:9d:98:
         b9:1f:5a:72:e3:76:eb:a0:2d:fa:0a:b2:f7:9e:0c:e3:4f:12:
         ed:14:96:37:e0:29:e6:53:1f:26:00:af:ca:fa:cb:c3:ad:b5:
         e2:29:ef:57:9c:de:ed:83:c4:87:61:ef:b5:31:bb:de:9c:9e:
         e9:09:7f:03:7d:21:cd:4e:07:9d:d3:2d:8b:8b:7f:02:61:89:
         ef:5a:96:69:ad:6c:2d:de:1e:76:5c:f7:a9:70:ea:e2:01:fa:
         43:41:82:98:1c:66:b2:cb:49:73:38:b3:f7:35:7c:ee:49:27:
         27:34:72:9c:f1:ce:72:9b:0b:d4:46:b8:d4:fe:9e:db:23:6a:
         c5:8c:5e:85:a5:7d:0d:73:3f:e0:99:07:9e:01:5e:3e:e6:33:
         e2:9a:c6:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DvRYv7P+imtP6y5j8S6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUwNjI4MTUwMTM5WhcNMjUwNjI5MTUwMTM5WjAzMTEwLwYDVQQD
EygyM2U3ODI2MTljZDVmMzcwMTg5NGZkZGZhYTQ0NmIyZWNkMmNiYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZVwoUA6rrH71k2gq2L3XoDYA7pV
xE+/I0PxsiyiuuEEzRuyHkOiaKBSdKuijN7M3rj22btMJAmXmklxFwqpnwhwzbee
1nE4Twq6LRbyNrbO2JqiOq3V7IpTXXE5se9sUKE9o+KjUZftppZ5m29T9da2cFpP
RNDLhc4cT6T/lyufJ/4wr4XNKHaNxPTHiUD5AaP9Rb2z15lb5lTmBe+GV6TNQoc2
CqTs7QY3joJFtWypWLDeA/AfpTUv0NG9un7cmxos1e1gQCkQMEeoLR5vy3aNDLKN
i7m2aCpdUMy/VXW8fwlPQCswrSG25GNYdoa5bEqomQERRL5Xlx+XBLKBuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPngmGc1fNwGJT936pEay7NLLoAMB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYS4ipgFK
3vlHMzDWxdn+qwlx0XjjDzApEbgr2zL8Eq+3mAWQC+O7tOFrObtCxWye9caJ9wf1
K/Po7YkqzZCQgtjd8aAx45JJ7RS6uqJw8OTPRCpnr0K2nuGudQI/g1QcfWfAxzhy
8lJ63p2YuR9acuN266At+gqy954M408S7RSWN+Ap5lMfJgCvyvrLw6214invV5ze
7YPEh2HvtTG73pye6Ql/A30hzU4HndMti4t/AmGJ71qWaa1sLd4edlz3qXDq4gH6
Q0GCmBxmsstJcziz9zV87kknJzRynPHOcpsL1Ea41P6e2yNqxYxehaV9DXM/4JkH
ngFePuYz4prGEw==
-----END CERTIFICATE-----