Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
File:                     4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft (raw, json)
Hash identifier:          axRKHUWQR1U46PAdoHvyzw4iSG9vBKsqhLgzVVrX8Pk=
Subject key identifier:   7F:39:4E:20:D0:94:10:23:36:30:67:5E:48:A2:9F:F1:87:BA:05:C4
Authority key identifier: E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C
Certificate issuer:       /CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
Certificate serial:       0197B6A16ACD1ABE92ED010328D27B73FCDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
Manifest number:          135A
Signing time:             Sat 28 Jun 2025 13:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:01 +0000
Files and hashes:         1: 4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl (hash: wg8+pqKShbJA31tYxd9kMEyysTXvbVdAayqDlZ8aqWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:6a:cd:1a:be:92:ed:01:03:28:d2:7b:73:fc:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2ad1b50377d7c075c64d009f40a30fe7290687c
        Validity
            Not Before: Jun 28 13:02:01 2025 GMT
            Not After : Jun 29 13:02:01 2025 GMT
        Subject: CN=7f394e20d09410233630675e48a29ff187ba05c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cf:c3:e0:cc:a6:25:72:e1:da:b0:f6:de:20:
                    b6:81:6f:16:a0:62:79:49:d4:67:0f:03:29:5d:1c:
                    83:8f:e8:b3:1c:dc:3f:42:fc:6f:7f:c2:e9:d6:9e:
                    e6:20:9a:68:4c:64:32:6b:58:47:d2:3e:0f:8b:da:
                    ca:44:c4:8b:92:4d:d2:32:04:a3:f3:ff:65:18:31:
                    bd:d4:df:7f:4d:e0:b4:05:cd:9e:f5:59:5d:ac:00:
                    28:b1:19:df:58:cc:c7:ec:35:71:74:bd:fe:6d:c8:
                    f8:0d:12:5a:7f:fd:f0:89:bc:0b:96:a0:a4:5e:b9:
                    fc:31:ac:3a:1f:fa:35:83:10:06:c4:37:ca:38:b1:
                    b6:42:e8:d5:fb:cd:b8:e1:b0:64:91:25:a8:b8:fc:
                    13:cc:c9:05:f9:95:db:f6:be:81:37:3e:ce:27:e8:
                    ff:de:06:a0:24:55:7d:61:b5:24:7a:39:0a:26:c3:
                    ab:84:52:08:a5:05:dc:ac:d2:02:ac:fa:b2:ff:6f:
                    14:49:ee:6f:3f:14:13:9c:fa:a6:59:00:57:6b:51:
                    f2:ed:cd:e2:6b:c9:ab:ae:1a:4e:81:5e:bf:4a:6c:
                    25:8a:60:ff:c6:58:9b:d7:28:6f:76:8b:4d:11:4b:
                    fb:84:f7:6e:fd:1e:cd:db:e8:73:99:3e:2a:71:b4:
                    9f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:39:4E:20:D0:94:10:23:36:30:67:5E:48:A2:9F:F1:87:BA:05:C4
            X509v3 Authority Key Identifier:
                keyid:E2:AD:1B:50:37:7D:7C:07:5C:64:D0:09:F4:0A:30:FE:72:90:68:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8f597b-3928-4a4d-8325-73f1ab5cae96/1/4q0bUDd9fAdcZNAJ9Aow_nKQaHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:84:0a:7e:a5:74:07:6c:50:df:19:e0:d2:46:f8:da:bc:ad:
         35:af:a2:4f:0f:29:eb:b4:73:7f:e2:35:39:5b:5c:5f:be:41:
         82:6d:f6:61:fa:17:20:7c:7b:88:16:44:67:af:b5:89:f1:89:
         97:f6:71:cb:c4:c6:bd:a3:54:f4:f0:fd:fb:9a:f4:6e:e7:ae:
         82:94:7c:80:6f:e2:00:bb:fd:d3:19:51:b7:4a:51:8d:38:b6:
         57:de:24:65:97:a9:22:5e:d6:2c:53:ff:a8:a8:7d:e8:25:67:
         98:9b:e3:2c:1c:77:e9:40:af:3f:bf:ec:25:51:dc:42:fa:cd:
         69:e7:7f:41:30:72:8e:cb:84:45:cd:d9:e0:01:75:a5:77:93:
         f8:74:b1:25:eb:11:88:8a:fa:d1:5a:e8:af:60:7e:92:dd:30:
         88:4f:a5:41:ea:ea:5d:d0:a0:07:52:f0:ca:46:45:7a:2b:f2:
         00:f3:98:a9:56:fc:94:e1:63:7e:23:5a:28:90:4e:58:1d:19:
         f7:42:e1:69:f5:c3:d9:96:a4:5d:d2:53:94:1c:ab:8b:45:5d:
         79:88:c6:1b:a8:15:ae:4a:75:ce:f0:74:5a:fe:e2:e9:9b:f7:
         4e:c3:f3:91:2b:ec:a5:80:0b:25:d8:fd:d7:e4:2b:65:79:d0:
         d3:4a:51:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oWrNGr6S7QEDKNJ7c/zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWQxYjUwMzc3ZDdjMDc1YzY0ZDAwOWY0MGEzMGZlNzI5
MDY4N2MwHhcNMjUwNjI4MTMwMjAxWhcNMjUwNjI5MTMwMjAxWjAzMTEwLwYDVQQD
Eyg3ZjM5NGUyMGQwOTQxMDIzMzYzMDY3NWU0OGEyOWZmMTg3YmEwNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM/D4MymJXLh2rD23iC2gW8WoGJ5
SdRnDwMpXRyDj+izHNw/Qvxvf8Lp1p7mIJpoTGQya1hH0j4Pi9rKRMSLkk3SMgSj
8/9lGDG91N9/TeC0Bc2e9VldrAAosRnfWMzH7DVxdL3+bcj4DRJaf/3wibwLlqCk
Xrn8Maw6H/o1gxAGxDfKOLG2QujV+8244bBkkSWouPwTzMkF+ZXb9r6BNz7OJ+j/
3gagJFV9YbUkejkKJsOrhFIIpQXcrNICrPqy/28USe5vPxQTnPqmWQBXa1Hy7c3i
a8mrrhpOgV6/SmwlimD/xlib1yhvdotNEUv7hPdu/R7N2+hzmT4qcbSfkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH85TiDQlBAjNjBnXkiin/GHugXEMB8GA1UdIwQY
MBaAFOKtG1A3fXwHXGTQCfQKMP5ykGh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUt
NzNmMWFiNWNhZTk2LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84ZjU5N2ItMzkyOC00YTRkLTgzMjUtNzNmMWFiNWNhZTk2
LzEvNHEwYlVEZDlmQWRjWk5BSjlBb3dfbktRYUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvYQKfqV0
B2xQ3xng0kb42rytNa+iTw8p67Rzf+I1OVtcX75Bgm32YfoXIHx7iBZEZ6+1ifGJ
l/Zxy8TGvaNU9PD9+5r0bueugpR8gG/iALv90xlRt0pRjTi2V94kZZepIl7WLFP/
qKh96CVnmJvjLBx36UCvP7/sJVHcQvrNaed/QTByjsuERc3Z4AF1pXeT+HSxJesR
iIr60Vror2B+kt0wiE+lQerqXdCgB1LwykZFeivyAPOYqVb8lOFjfiNaKJBOWB0Z
90LhafXD2ZakXdJTlByri0VdeYjGG6gVrkp1zvB0Wv7i6Zv3TsPzkSvspYALJdj9
1+QrZXnQ00pRSQ==
-----END CERTIFICATE-----