Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
File:                     SmO14kps7e29L-j2bXl6s9jqpMk.mft (raw, json)
Hash identifier:          AEUTxKMVycQAueBp8zoL+qxD3Xmf37YL/2qAHeROMjk=
Subject key identifier:   3F:3E:D9:A7:F0:13:AF:5A:D3:AC:C6:93:A8:D9:95:2E:22:C2:4F:9F
Authority key identifier: 4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9
Certificate issuer:       /CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
Certificate serial:       0197B6A12BCCF55E00A7ACE1CD32FC84A73F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
Manifest number:          15AF
Signing time:             Sat 28 Jun 2025 13:01:45 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:45 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:45 +0000
Files and hashes:         1: SmO14kps7e29L-j2bXl6s9jqpMk.crl (hash: gXFiNnew1Co3ljkmJA/QunlT5W9KR1juVBxdz6Osyzg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:2b:cc:f5:5e:00:a7:ac:e1:cd:32:fc:84:a7:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a63b5e24a6cededbd2fe8f66d797ab3d8eaa4c9
        Validity
            Not Before: Jun 28 13:01:45 2025 GMT
            Not After : Jun 29 13:01:45 2025 GMT
        Subject: CN=3f3ed9a7f013af5ad3acc693a8d9952e22c24f9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a9:e1:a9:f0:98:ff:e5:9e:5d:c0:3f:b0:3c:
                    e3:2f:91:7e:d4:d0:2b:79:d4:fa:b2:51:0e:25:c6:
                    6b:df:aa:c2:a7:f0:5c:61:4d:ac:2c:92:e2:24:b3:
                    a8:7d:c5:0d:ef:54:d5:c8:bd:29:13:93:9e:5a:e3:
                    4c:fd:48:ac:ce:7c:a1:ce:99:96:2b:c1:d7:0f:d8:
                    33:ae:71:cd:a1:97:46:24:2e:f7:52:14:62:a9:27:
                    9e:55:a3:9d:c5:4e:22:9a:74:b8:2a:3d:85:a6:6d:
                    4a:44:73:aa:65:82:c6:a5:45:86:44:1f:8a:f7:ff:
                    fb:a7:db:2d:1a:11:81:51:e5:dc:31:4e:9d:14:64:
                    95:55:df:3f:54:77:0e:eb:30:6f:ae:b3:30:58:78:
                    18:a2:4f:40:d4:35:86:af:04:c6:27:fa:4e:27:aa:
                    10:fa:cf:90:6e:5e:fb:c9:d2:f9:3d:51:f7:38:52:
                    74:4a:87:95:2e:f0:b8:52:7c:e1:78:0e:f3:8e:78:
                    8f:13:cd:4e:bd:9d:15:fd:c4:29:5d:b6:68:7c:9f:
                    d0:4f:d1:04:08:be:d8:8f:e0:5a:7b:80:aa:6e:ad:
                    12:ca:79:31:a7:85:e3:4a:df:ff:d3:29:c3:34:c3:
                    04:ee:d5:ac:c6:f2:46:2f:97:f6:19:11:c6:14:d0:
                    51:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:3E:D9:A7:F0:13:AF:5A:D3:AC:C6:93:A8:D9:95:2E:22:C2:4F:9F
            X509v3 Authority Key Identifier:
                keyid:4A:63:B5:E2:4A:6C:ED:ED:BD:2F:E8:F6:6D:79:7A:B3:D8:EA:A4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmO14kps7e29L-j2bXl6s9jqpMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/64dabc-6564-4ca0-802f-ca9790080716/1/SmO14kps7e29L-j2bXl6s9jqpMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:9c:37:1d:6c:81:74:44:27:98:98:d7:22:9f:b1:0a:6b:6d:
         d6:a0:4b:01:ab:a1:20:49:ed:b9:6c:6f:b9:79:a5:c3:96:48:
         96:61:a6:7f:23:f7:d3:7b:17:d7:2a:db:1e:8d:8c:51:1c:41:
         b4:93:54:49:a9:05:ed:3b:d2:d9:e0:e6:aa:b1:44:d4:c0:e1:
         90:5d:b6:3e:9a:12:fe:ea:b5:af:1d:24:5d:4a:38:6b:7a:e3:
         8d:7f:63:d1:9b:d7:8f:68:56:91:7e:7f:d0:af:7b:41:e8:94:
         83:48:11:f4:84:fb:a3:3b:e1:64:aa:a0:c9:c4:2f:98:03:ca:
         76:72:cc:9c:ad:cf:03:46:63:9d:af:f9:0b:35:cd:a6:6b:05:
         6d:62:2c:9a:75:60:9b:ed:2b:62:3d:6e:75:ca:95:ca:7a:29:
         dd:83:ca:1c:62:f7:92:fb:ad:12:57:d4:26:99:14:de:6b:09:
         9b:d6:8a:7b:f9:13:31:57:71:6d:f9:34:8c:9f:b9:41:14:fc:
         49:bf:eb:12:9f:94:58:a3:33:06:8f:c5:b1:d2:3b:8a:04:62:
         0c:2d:6a:6b:92:34:a5:21:d9:45:2e:1a:93:0a:35:2c:2e:68:
         02:e1:1f:ab:a4:a6:e0:ab:9a:35:fa:42:10:c6:c9:ba:03:99:
         6b:17:89:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oSvM9V4Ap6zhzTL8hKc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNiNWUyNGE2Y2VkZWRiZDJmZThmNjZkNzk3YWIzZDhl
YWE0YzkwHhcNMjUwNjI4MTMwMTQ1WhcNMjUwNjI5MTMwMTQ1WjAzMTEwLwYDVQQD
EygzZjNlZDlhN2YwMTNhZjVhZDNhY2M2OTNhOGQ5OTUyZTIyYzI0ZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKnhqfCY/+WeXcA/sDzjL5F+1NAr
edT6slEOJcZr36rCp/BcYU2sLJLiJLOofcUN71TVyL0pE5OeWuNM/UisznyhzpmW
K8HXD9gzrnHNoZdGJC73UhRiqSeeVaOdxU4imnS4Kj2Fpm1KRHOqZYLGpUWGRB+K
9//7p9stGhGBUeXcMU6dFGSVVd8/VHcO6zBvrrMwWHgYok9A1DWGrwTGJ/pOJ6oQ
+s+Qbl77ydL5PVH3OFJ0SoeVLvC4UnzheA7zjniPE81OvZ0V/cQpXbZofJ/QT9EE
CL7Yj+Bae4Cqbq0Synkxp4XjSt//0ynDNMME7tWsxvJGL5f2GRHGFNBR7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8+2afwE69a06zGk6jZlS4iwk+fMB8GA1UdIwQY
MBaAFEpjteJKbO3tvS/o9m15erPY6qTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYt
Y2E5NzkwMDgwNzE2LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82NGRhYmMtNjU2NC00Y2EwLTgwMmYtY2E5NzkwMDgwNzE2
LzEvU21PMTRrcHM3ZTI5TC1qMmJYbDZzOWpxcE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvZw3HWyB
dEQnmJjXIp+xCmtt1qBLAauhIEntuWxvuXmlw5ZIlmGmfyP303sX1yrbHo2MURxB
tJNUSakF7TvS2eDmqrFE1MDhkF22PpoS/uq1rx0kXUo4a3rjjX9j0ZvXj2hWkX5/
0K97QeiUg0gR9IT7ozvhZKqgycQvmAPKdnLMnK3PA0Zjna/5CzXNpmsFbWIsmnVg
m+0rYj1udcqVynop3YPKHGL3kvutElfUJpkU3msJm9aKe/kTMVdxbfk0jJ+5QRT8
Sb/rEp+UWKMzBo/FsdI7igRiDC1qa5I0pSHZRS4akwo1LC5oAuEfq6Sm4KuaNfpC
EMbJugOZaxeJWw==
-----END CERTIFICATE-----