Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
File:                     1peKb6yHM4CG9TacW0AhsIBhHlc.mft (raw, json)
Hash identifier:          jfSfoke4sXdRPD82MfHzKobsTo3MFl3XG2SmNnkvH8E=
Subject key identifier:   53:06:D1:C6:51:97:B2:4E:15:4E:B2:BD:8C:B7:FE:F5:7A:98:E9:F2
Authority key identifier: D6:97:8A:6F:AC:87:33:80:86:F5:36:9C:5B:40:21:B0:80:61:1E:57
Certificate issuer:       /CN=d6978a6fac87338086f5369c5b4021b080611e57
Certificate serial:       0197B745094B5E532BF988947C013D8B7D63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
Manifest number:          01ED
Signing time:             Sat 28 Jun 2025 16:00:44 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:44 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:44 +0000
Files and hashes:         1: 1peKb6yHM4CG9TacW0AhsIBhHlc.crl (hash: w/4Wm7/7QKKGgeX2HbSKwLWnnRkVVKNzkNuG/+IPy8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:09:4b:5e:53:2b:f9:88:94:7c:01:3d:8b:7d:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6978a6fac87338086f5369c5b4021b080611e57
        Validity
            Not Before: Jun 28 16:00:44 2025 GMT
            Not After : Jun 29 16:00:44 2025 GMT
        Subject: CN=5306d1c65197b24e154eb2bd8cb7fef57a98e9f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e6:d6:fe:7a:85:b7:b5:bb:d0:a4:8d:b3:77:
                    b6:18:aa:40:da:17:1e:f2:8e:72:7a:9d:03:47:05:
                    3c:c0:5c:9c:85:8f:e9:e5:1b:39:0d:77:81:ca:12:
                    01:c3:96:25:1c:ae:70:02:20:c1:57:79:9d:0e:4a:
                    15:f6:91:38:1e:46:6c:4a:9d:f9:75:1b:a5:55:6f:
                    5e:7f:ef:c6:22:49:c6:43:1b:3f:db:54:32:57:69:
                    3b:d3:99:95:9b:f9:af:f0:64:2a:fd:31:1b:24:2b:
                    09:c5:d8:71:5b:10:e6:25:70:96:5d:b9:79:ab:a2:
                    2d:75:c4:d9:c2:d4:28:e9:df:58:a2:fb:5b:d6:3a:
                    fe:d3:d8:50:de:1b:34:1b:a2:d8:31:6b:d3:72:95:
                    36:d7:6d:d4:94:28:40:4c:10:b1:80:9d:ac:a3:3b:
                    b7:11:5a:05:d7:68:76:b5:01:bc:7f:83:66:56:ee:
                    15:96:be:1a:a4:a2:fc:da:a2:06:7d:60:ae:4b:c3:
                    8a:f1:4e:76:77:ba:8a:07:f2:17:68:8e:3c:cf:71:
                    7d:ec:9d:43:60:6d:4d:d2:58:1b:1d:22:bf:69:67:
                    b1:56:14:77:2b:98:8b:58:9c:7e:7d:0f:ea:2e:9a:
                    70:9a:72:e7:55:d9:a1:82:f9:e5:7c:7e:fe:63:8e:
                    a2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:06:D1:C6:51:97:B2:4E:15:4E:B2:BD:8C:B7:FE:F5:7A:98:E9:F2
            X509v3 Authority Key Identifier:
                keyid:D6:97:8A:6F:AC:87:33:80:86:F5:36:9C:5B:40:21:B0:80:61:1E:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1peKb6yHM4CG9TacW0AhsIBhHlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/870596-98ad-47b9-a788-43e70977a70e/1/1peKb6yHM4CG9TacW0AhsIBhHlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:2c:d7:a6:11:a7:f2:65:99:0f:3f:f6:7d:30:b0:35:59:ee:
         e6:35:27:59:99:90:ff:9c:a7:4b:79:55:67:c4:c0:42:5a:84:
         1f:35:95:49:cc:bb:7c:79:f5:96:9f:f9:13:90:ae:58:23:03:
         2b:4e:a7:79:f4:86:20:e7:c9:c4:3f:0e:86:f3:a5:4a:e7:2e:
         46:31:f9:80:76:d4:b8:dd:c2:09:3e:b0:ac:15:8d:57:a4:7d:
         c7:9e:e7:cb:e0:1b:b9:8e:5d:8e:68:8d:0b:76:de:3e:94:66:
         e6:ee:25:c4:82:fb:c1:a9:93:de:c3:8a:03:cd:97:d1:60:45:
         b2:99:42:a8:f9:76:b7:ed:fd:68:11:82:c6:e0:d0:48:78:d6:
         f1:27:68:29:54:a4:29:35:a5:d0:ba:98:bd:08:7b:27:2f:d5:
         8d:04:f1:9d:5f:5d:93:6f:d2:db:8f:23:23:ee:e2:6d:1c:cd:
         29:9f:0a:e2:0d:48:0c:ec:c5:64:09:38:ca:ec:39:ba:64:6b:
         9e:04:ff:b5:66:e1:29:0c:9f:7f:ed:e2:80:db:d8:28:5c:51:
         87:00:69:86:61:f0:ac:d3:0d:34:9c:b3:a6:95:7a:1d:83:61:
         6b:fe:95:1c:48:92:79:81:68:bc:2f:e5:5b:60:21:fb:ad:9c:
         1c:05:77:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RQlLXlMr+YiUfAE9i31jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTc4YTZmYWM4NzMzODA4NmY1MzY5YzViNDAyMWIwODA2
MTFlNTcwHhcNMjUwNjI4MTYwMDQ0WhcNMjUwNjI5MTYwMDQ0WjAzMTEwLwYDVQQD
Eyg1MzA2ZDFjNjUxOTdiMjRlMTU0ZWIyYmQ4Y2I3ZmVmNTdhOThlOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvubW/nqFt7W70KSNs3e2GKpA2hce
8o5yep0DRwU8wFychY/p5Rs5DXeByhIBw5YlHK5wAiDBV3mdDkoV9pE4HkZsSp35
dRulVW9ef+/GIknGQxs/21QyV2k705mVm/mv8GQq/TEbJCsJxdhxWxDmJXCWXbl5
q6ItdcTZwtQo6d9Yovtb1jr+09hQ3hs0G6LYMWvTcpU2123UlChATBCxgJ2sozu3
EVoF12h2tQG8f4NmVu4Vlr4apKL82qIGfWCuS8OK8U52d7qKB/IXaI48z3F97J1D
YG1N0lgbHSK/aWexVhR3K5iLWJx+fQ/qLppwmnLnVdmhgvnlfH7+Y46iMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMG0cZRl7JOFU6yvYy3/vV6mOnyMB8GA1UdIwQY
MBaAFNaXim+shzOAhvU2nFtAIbCAYR5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84NzA1OTYtOThhZC00N2I5LWE3ODgt
NDNlNzA5NzdhNzBlLzEvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84NzA1OTYtOThhZC00N2I5LWE3ODgtNDNlNzA5NzdhNzBl
LzEvMXBlS2I2eUhNNENHOVRhY1cwQWhzSUJoSGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQizXphGn
8mWZDz/2fTCwNVnu5jUnWZmQ/5ynS3lVZ8TAQlqEHzWVScy7fHn1lp/5E5CuWCMD
K06nefSGIOfJxD8OhvOlSucuRjH5gHbUuN3CCT6wrBWNV6R9x57ny+AbuY5djmiN
C3bePpRm5u4lxIL7wamT3sOKA82X0WBFsplCqPl2t+39aBGCxuDQSHjW8SdoKVSk
KTWl0LqYvQh7Jy/VjQTxnV9dk2/S248jI+7ibRzNKZ8K4g1IDOzFZAk4yuw5umRr
ngT/tWbhKQyff+3igNvYKFxRhwBphmHwrNMNNJyzppV6HYNha/6VHEiSeYFovC/l
W2Ah+62cHAV3rg==
-----END CERTIFICATE-----