Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          lxCasXqkKmgFS8eUVUIKu5kM3wEFNTIQ/+j0+HnX0rU=
Subject key identifier:   80:C7:A0:60:26:21:20:3C:AE:2A:CA:EC:12:ED:89:0A:9E:27:82:CE
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       0197B77C57D3C22E1355DB021A707777A595
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 17:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:08 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: kgSAw5T3bMmAjrDRh/JR5fFdbca9/RgKyP4uFSuv198=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:57:d3:c2:2e:13:55:db:02:1a:70:77:77:a5:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Jun 28 17:01:08 2025 GMT
            Not After : Jun 29 17:01:08 2025 GMT
        Subject: CN=80c7a0602621203cae2acaec12ed890a9e2782ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:18:97:04:3c:c7:0a:7f:a9:41:c8:6c:2c:79:
                    c8:fe:51:f5:21:50:cd:3e:9a:cd:b6:c8:20:0c:73:
                    e0:da:2e:90:fe:82:5e:19:2e:32:82:a2:c3:3f:77:
                    fd:d3:58:26:db:25:6b:70:29:d4:3f:e7:69:41:1a:
                    a7:e8:b7:a0:b5:c4:86:5a:c9:e9:fd:14:cd:6c:13:
                    bc:83:a4:e2:93:aa:87:cd:e0:5a:cc:7f:12:e2:16:
                    da:4d:52:3c:97:b5:93:a0:90:fb:1a:fd:d8:21:08:
                    f0:d1:2a:12:54:b0:57:5a:47:6b:47:9e:b2:c6:81:
                    9a:fc:a2:06:00:90:06:e3:30:73:e5:2c:e9:a6:7a:
                    89:83:5a:73:21:a0:37:d4:4c:08:11:db:2e:d7:f5:
                    a0:6f:e0:58:42:31:6e:f0:58:90:08:8e:cb:73:a8:
                    49:16:fd:bf:0f:85:e3:23:e7:a9:22:bc:94:7f:ed:
                    37:c4:95:9a:9b:7b:55:33:6c:be:87:6c:b5:20:0e:
                    aa:3b:65:20:da:bc:95:93:70:50:a4:64:c2:10:a4:
                    4f:2e:03:b0:a3:03:ec:0d:ee:86:32:3a:5e:34:6f:
                    98:10:2d:7e:14:c6:54:e7:e2:80:59:df:99:10:e0:
                    ee:76:0f:07:13:96:0c:7e:2c:40:79:15:64:dd:3a:
                    5b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C7:A0:60:26:21:20:3C:AE:2A:CA:EC:12:ED:89:0A:9E:27:82:CE
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:54:0a:7c:65:cc:98:4c:1c:44:23:45:2c:96:55:3b:c2:b4:
         df:2c:79:41:3d:8b:91:52:31:b5:fb:ec:94:ca:16:4a:bc:c9:
         4c:6d:07:0e:18:1d:85:48:9e:0b:df:32:d7:da:ba:c2:e1:f7:
         19:6a:f0:5a:94:eb:8d:45:52:c5:35:ff:95:8e:b1:92:05:a6:
         07:a9:63:4f:72:96:af:53:20:62:4b:4f:9c:63:8c:d5:52:51:
         39:a1:cc:3a:f9:de:28:c0:02:c8:96:9c:6d:81:02:33:e3:13:
         5e:66:2a:b5:e0:9c:5c:aa:55:f9:30:f5:d8:d4:1c:f6:67:20:
         04:f9:a6:56:42:d4:dc:18:8f:a7:ab:31:f3:59:3a:b6:81:49:
         a9:80:46:fd:48:f7:af:59:ef:07:59:3c:15:0d:c1:a1:6f:53:
         6b:71:a1:94:d7:4e:bd:69:e8:23:56:8e:8e:29:1d:7d:9c:79:
         00:a9:ae:6b:b6:d0:69:8f:14:2f:a3:c6:4d:ff:57:52:da:1b:
         96:c2:bd:2d:1d:d5:a0:0c:6f:2e:0e:93:54:02:57:3d:a4:af:
         35:11:b7:df:20:bb:c8:c9:0d:c0:15:f4:1c:0d:11:31:8b:d0:
         49:35:ec:d5:4b:58:88:3e:a9:8a:fa:2a:a5:ed:e7:a3:fd:09:
         56:8d:30:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fFfTwi4TVdsCGnB3d6WVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjUwNjI4MTcwMTA4WhcNMjUwNjI5MTcwMTA4WjAzMTEwLwYDVQQD
Eyg4MGM3YTA2MDI2MjEyMDNjYWUyYWNhZWMxMmVkODkwYTllMjc4MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RiXBDzHCn+pQchsLHnI/lH1IVDN
PprNtsggDHPg2i6Q/oJeGS4ygqLDP3f901gm2yVrcCnUP+dpQRqn6LegtcSGWsnp
/RTNbBO8g6Tik6qHzeBazH8S4hbaTVI8l7WToJD7Gv3YIQjw0SoSVLBXWkdrR56y
xoGa/KIGAJAG4zBz5SzppnqJg1pzIaA31EwIEdsu1/Wgb+BYQjFu8FiQCI7Lc6hJ
Fv2/D4XjI+epIryUf+03xJWam3tVM2y+h2y1IA6qO2Ug2ryVk3BQpGTCEKRPLgOw
owPsDe6GMjpeNG+YEC1+FMZU5+KAWd+ZEODudg8HE5YMfixAeRVk3TpbnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDHoGAmISA8rirK7BLtiQqeJ4LOMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAVQKfGXM
mEwcRCNFLJZVO8K03yx5QT2LkVIxtfvslMoWSrzJTG0HDhgdhUieC98y19q6wuH3
GWrwWpTrjUVSxTX/lY6xkgWmB6ljT3KWr1MgYktPnGOM1VJROaHMOvneKMACyJac
bYECM+MTXmYqteCcXKpV+TD12NQc9mcgBPmmVkLU3BiPp6sx81k6toFJqYBG/Uj3
r1nvB1k8FQ3BoW9Ta3GhlNdOvWnoI1aOjikdfZx5AKmua7bQaY8UL6PGTf9XUtob
lsK9LR3VoAxvLg6TVAJXPaSvNRG33yC7yMkNwBX0HA0RMYvQSTXs1UtYiD6pivoq
pe3no/0JVo0wRw==
-----END CERTIFICATE-----