Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
File:                     9rG5O-fUO4bWT4tLljvJFWJfI_I.mft (raw, json)
Hash identifier:          5w7JZcjCHYZxNsIIq9Zm7U5suNCeqrgAKEuyTrq9+kM=
Subject key identifier:   C6:09:83:FB:62:8C:03:EF:05:3C:E0:8A:E2:E0:EF:6A:9F:9B:71:34
Authority key identifier: F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2
Certificate issuer:       /CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
Certificate serial:       0197B6A0C8E4393695ACFCFFD875CBBD6DC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
Manifest number:          0246
Signing time:             Sat 28 Jun 2025 13:01:19 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:19 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:19 +0000
Files and hashes:         1: 9rG5O-fUO4bWT4tLljvJFWJfI_I.crl (hash: 7vmitiP+KlRhn8U1P9gOHFqz7pmHETIcRe72d+j4NP0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:c8:e4:39:36:95:ac:fc:ff:d8:75:cb:bd:6d:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6b1b93be7d43b86d64f8b4b963bc915625f23f2
        Validity
            Not Before: Jun 28 13:01:19 2025 GMT
            Not After : Jun 29 13:01:19 2025 GMT
        Subject: CN=c60983fb628c03ef053ce08ae2e0ef6a9f9b7134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d9:b4:95:31:55:32:cb:5f:62:19:5f:d9:b1:
                    e2:1f:4c:b0:7c:1b:b5:25:6c:99:fd:27:fe:b3:2b:
                    d2:c4:ee:a2:f4:a7:e2:cf:e4:5b:fe:92:4d:7b:dd:
                    af:61:d9:be:42:06:ad:ba:d2:63:7a:fe:79:91:fa:
                    ec:1a:50:d2:05:9e:bc:23:e0:ba:c6:61:03:a5:15:
                    88:ea:f1:5e:99:b7:b2:c8:ce:6c:e2:51:60:64:8f:
                    38:c1:46:4c:66:81:9a:5c:d0:81:3c:38:91:39:16:
                    44:6d:4c:89:f6:8f:fd:93:34:89:8c:46:a3:74:48:
                    e0:d1:78:75:e8:a9:82:0a:f9:6f:30:af:df:1c:be:
                    23:42:8f:51:a2:42:21:be:a4:40:7d:a8:41:c2:56:
                    53:be:74:5b:e6:32:08:3b:dd:5a:f9:91:ff:27:05:
                    d0:17:54:ae:c4:db:ca:1e:ca:a4:48:18:e9:0a:8e:
                    e8:a1:eb:49:78:63:da:17:7e:2b:cd:6c:66:bf:cb:
                    32:8e:d2:dc:b3:fb:74:34:e8:09:b9:bd:a6:81:22:
                    d7:53:f0:8a:1e:81:7d:3e:c8:59:93:ab:46:30:54:
                    93:53:0c:94:ff:2e:8f:dc:1c:78:8d:65:d6:80:7e:
                    b1:a7:65:fe:e9:d4:0f:8a:83:13:ad:b3:16:26:81:
                    a1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:09:83:FB:62:8C:03:EF:05:3C:E0:8A:E2:E0:EF:6A:9F:9B:71:34
            X509v3 Authority Key Identifier:
                keyid:F6:B1:B9:3B:E7:D4:3B:86:D6:4F:8B:4B:96:3B:C9:15:62:5F:23:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9rG5O-fUO4bWT4tLljvJFWJfI_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b729cc-754e-4aea-85f2-0ac2cd3fe008/1/9rG5O-fUO4bWT4tLljvJFWJfI_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:64:dc:2f:03:92:76:6d:5d:e1:2d:37:e2:d0:2b:ac:33:86:
         83:40:83:31:27:72:5e:71:88:b9:85:6b:8e:1f:df:be:03:f9:
         d3:7b:e9:6f:9b:bc:fd:75:95:1c:ca:32:ad:6a:93:8e:74:71:
         9d:be:34:f0:86:c4:f3:cc:65:03:b7:f4:b9:04:b7:9e:2b:52:
         a0:97:d5:ee:79:6f:f5:7d:f5:77:2f:47:e0:43:d0:f0:54:27:
         43:7f:51:91:fb:f1:0d:cb:65:d4:30:65:c1:ab:39:eb:36:ef:
         11:a0:e8:31:85:f1:9f:33:fe:b0:a5:64:b0:40:f9:ff:80:4b:
         bb:71:34:9d:b6:44:85:67:86:3b:ab:13:63:c9:6b:6e:f5:bd:
         58:32:00:96:61:71:a7:b7:8a:41:b7:54:67:c2:f0:bc:82:7c:
         0a:b3:8d:3f:ce:b4:3c:6d:ee:e7:6b:2d:28:c1:f3:f1:0b:65:
         ed:4b:f9:af:1a:f7:a6:4c:b1:3c:05:b6:cb:c8:09:4f:f5:f5:
         a7:eb:3b:05:56:89:69:d9:86:73:72:c3:55:60:bf:66:e0:0e:
         ce:31:04:00:9f:82:4b:8d:be:47:0f:0a:62:95:44:a1:6a:95:
         7d:25:13:4b:67:68:48:b4:a8:ef:60:85:8f:12:ad:8e:37:7a:
         f5:95:49:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMjkOTaVrPz/2HXLvW3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YjFiOTNiZTdkNDNiODZkNjRmOGI0Yjk2M2JjOTE1NjI1
ZjIzZjIwHhcNMjUwNjI4MTMwMTE5WhcNMjUwNjI5MTMwMTE5WjAzMTEwLwYDVQQD
EyhjNjA5ODNmYjYyOGMwM2VmMDUzY2UwOGFlMmUwZWY2YTlmOWI3MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9m0lTFVMstfYhlf2bHiH0ywfBu1
JWyZ/Sf+syvSxO6i9Kfiz+Rb/pJNe92vYdm+QgatutJjev55kfrsGlDSBZ68I+C6
xmEDpRWI6vFembeyyM5s4lFgZI84wUZMZoGaXNCBPDiRORZEbUyJ9o/9kzSJjEaj
dEjg0Xh16KmCCvlvMK/fHL4jQo9RokIhvqRAfahBwlZTvnRb5jIIO91a+ZH/JwXQ
F1SuxNvKHsqkSBjpCo7ooetJeGPaF34rzWxmv8syjtLcs/t0NOgJub2mgSLXU/CK
HoF9PshZk6tGMFSTUwyU/y6P3Bx4jWXWgH6xp2X+6dQPioMTrbMWJoGhJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYJg/tijAPvBTzgiuLg72qfm3E0MB8GA1UdIwQY
MBaAFPaxuTvn1DuG1k+LS5Y7yRViXyPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjIt
MGFjMmNkM2ZlMDA4LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iNzI5Y2MtNzU0ZS00YWVhLTg1ZjItMGFjMmNkM2ZlMDA4
LzEvOXJHNU8tZlVPNGJXVDR0TGxqdkpGV0pmSV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWTcLwOS
dm1d4S034tArrDOGg0CDMSdyXnGIuYVrjh/fvgP503vpb5u8/XWVHMoyrWqTjnRx
nb408IbE88xlA7f0uQS3nitSoJfV7nlv9X31dy9H4EPQ8FQnQ39RkfvxDctl1DBl
was56zbvEaDoMYXxnzP+sKVksED5/4BLu3E0nbZEhWeGO6sTY8lrbvW9WDIAlmFx
p7eKQbdUZ8LwvIJ8CrONP860PG3u52stKMHz8Qtl7Uv5rxr3pkyxPAW2y8gJT/X1
p+s7BVaJadmGc3LDVWC/ZuAOzjEEAJ+CS42+Rw8KYpVEoWqVfSUTS2doSLSo72CF
jxKtjjd69ZVJlw==
-----END CERTIFICATE-----