Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
File:                     13j4yccHK3MEiPnjISjdiVveMtM.mft (raw, json)
Hash identifier:          GpgA/8tWoFsKlSJdTLZv9a67yPsRB33xy7wQ61eGo14=
Subject key identifier:   17:E8:51:D8:94:3D:25:17:33:7A:D8:05:85:2A:A3:7F:A4:0D:4E:92
Authority key identifier: D7:78:F8:C9:C7:07:2B:73:04:88:F9:E3:21:28:DD:89:5B:DE:32:D3
Certificate issuer:       /CN=d778f8c9c7072b730488f9e32128dd895bde32d3
Certificate serial:       0197B7B335227E5D6132CC07C7EC533D6006
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
Manifest number:          05CF
Signing time:             Sat 28 Jun 2025 18:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:04 +0000
Files and hashes:         1: 13j4yccHK3MEiPnjISjdiVveMtM.crl (hash: YIPM0KMFaEZ2p0ReFwaXDCnMAHiBDaJkmk+lpAJ97Ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:35:22:7e:5d:61:32:cc:07:c7:ec:53:3d:60:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d778f8c9c7072b730488f9e32128dd895bde32d3
        Validity
            Not Before: Jun 28 18:01:04 2025 GMT
            Not After : Jun 29 18:01:04 2025 GMT
        Subject: CN=17e851d8943d2517337ad805852aa37fa40d4e92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ef:17:d6:7d:c4:62:e1:3a:e7:a1:f9:09:79:
                    77:f7:61:a0:45:ed:58:93:bb:bd:54:a8:74:70:5e:
                    af:65:4d:f2:0d:82:40:de:ce:56:3a:3f:a0:78:b5:
                    2e:63:51:5f:72:43:44:62:d5:f0:fa:82:32:dc:bb:
                    bc:e7:04:ff:2e:86:26:51:af:3b:ed:c6:dc:2b:59:
                    b2:ce:89:f6:e9:be:ea:66:cd:b5:99:3b:51:73:b0:
                    e9:42:94:a6:84:3c:fb:78:30:cd:6a:91:3e:92:28:
                    15:fe:bd:c8:4d:cf:c0:ee:75:4c:0b:77:e2:49:1f:
                    88:bc:1f:d1:13:56:cf:28:b7:92:da:d6:d5:97:df:
                    4b:5f:ea:5d:05:be:f3:09:54:31:93:0c:b6:26:c0:
                    48:e3:fd:c0:ca:87:29:02:f0:41:10:ed:d2:97:4e:
                    9c:67:82:23:50:9e:6c:7e:78:9c:cb:8d:a5:4d:a3:
                    6d:8f:a3:f7:46:18:03:8d:90:27:77:fe:db:af:48:
                    ec:ea:10:ee:5c:36:c2:e8:93:96:91:25:2a:7a:59:
                    2e:13:bd:15:43:ce:af:15:cb:85:a1:59:7e:f4:3a:
                    6e:76:84:99:42:40:65:2b:c6:49:3b:dc:cf:49:97:
                    fd:2b:c3:f5:85:49:1e:00:26:0f:8f:7d:f3:ec:92:
                    d9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:E8:51:D8:94:3D:25:17:33:7A:D8:05:85:2A:A3:7F:A4:0D:4E:92
            X509v3 Authority Key Identifier:
                keyid:D7:78:F8:C9:C7:07:2B:73:04:88:F9:E3:21:28:DD:89:5B:DE:32:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:f2:1b:bc:a2:27:7d:5c:b9:34:42:9e:58:b6:48:01:db:8b:
         78:9d:3b:b6:8c:05:40:9c:a1:91:ca:83:35:70:2a:62:ad:73:
         2d:31:5e:9f:87:9b:58:45:a5:77:5f:0a:16:00:9e:74:0d:39:
         6a:e2:f4:0c:94:8f:70:bb:70:dc:b8:14:b5:eb:df:ed:4f:11:
         c7:98:58:9d:14:50:6c:a7:8c:3d:68:f4:76:1a:bb:40:ad:f8:
         db:d3:b1:a8:27:5d:8d:57:87:7a:f9:a8:0f:42:07:57:30:47:
         db:e7:ff:5f:d8:03:73:00:70:d0:74:04:11:37:ac:92:53:b0:
         0e:b4:93:91:a4:c9:6d:2e:cb:80:3e:b7:68:4c:2b:cc:f6:e5:
         a2:03:42:d8:bf:79:ab:4b:b7:4b:a5:b1:a9:b0:b1:22:30:fc:
         79:e3:fa:f8:f3:97:37:8b:3b:de:e6:9d:57:b3:8c:84:45:72:
         61:1e:c5:fc:ee:34:d5:61:42:df:0c:0c:4f:44:c2:cc:3a:64:
         dd:b1:f5:96:4a:1b:ed:6d:88:92:0a:41:22:2b:3f:a0:bb:5f:
         4e:ad:ac:96:c0:a2:fc:b2:62:a4:70:a5:df:9a:9f:6c:43:cc:
         ae:ab:71:32:5f:9d:12:fa:0f:e3:3d:83:2d:b8:a0:78:3a:9a:
         d8:cc:f2:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3szUifl1hMswHx+xTPWAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NzhmOGM5YzcwNzJiNzMwNDg4ZjllMzIxMjhkZDg5NWJk
ZTMyZDMwHhcNMjUwNjI4MTgwMTA0WhcNMjUwNjI5MTgwMTA0WjAzMTEwLwYDVQQD
EygxN2U4NTFkODk0M2QyNTE3MzM3YWQ4MDU4NTJhYTM3ZmE0MGQ0ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO8X1n3EYuE656H5CXl392GgRe1Y
k7u9VKh0cF6vZU3yDYJA3s5WOj+geLUuY1FfckNEYtXw+oIy3Lu85wT/LoYmUa87
7cbcK1myzon26b7qZs21mTtRc7DpQpSmhDz7eDDNapE+kigV/r3ITc/A7nVMC3fi
SR+IvB/RE1bPKLeS2tbVl99LX+pdBb7zCVQxkwy2JsBI4/3AyocpAvBBEO3Sl06c
Z4IjUJ5sfnicy42lTaNtj6P3RhgDjZAnd/7br0js6hDuXDbC6JOWkSUqelkuE70V
Q86vFcuFoVl+9DpudoSZQkBlK8ZJO9zPSZf9K8P1hUkeACYPj33z7JLZtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfoUdiUPSUXM3rYBYUqo3+kDU6SMB8GA1UdIwQY
MBaAFNd4+MnHBytzBIj54yEo3Ylb3jLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hMjg0ZjctYWFkZS00MTY4LWE5ZDAt
NThiZTkyN2Y0MmU5LzEvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hMjg0ZjctYWFkZS00MTY4LWE5ZDAtNThiZTkyN2Y0MmU5
LzEvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfIbvKIn
fVy5NEKeWLZIAduLeJ07towFQJyhkcqDNXAqYq1zLTFen4ebWEWld18KFgCedA05
auL0DJSPcLtw3LgUtevf7U8Rx5hYnRRQbKeMPWj0dhq7QK3429OxqCddjVeHevmo
D0IHVzBH2+f/X9gDcwBw0HQEETesklOwDrSTkaTJbS7LgD63aEwrzPblogNC2L95
q0u3S6WxqbCxIjD8eeP6+POXN4s73uadV7OMhEVyYR7F/O401WFC3wwMT0TCzDpk
3bH1lkob7W2IkgpBIis/oLtfTq2slsCi/LJipHCl35qfbEPMrqtxMl+dEvoP4z2D
LbigeDqa2MzyXw==
-----END CERTIFICATE-----