Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          hX1L28nGBgqUZ9YsOyTeoMB12zeP2846ETIM3kgc0zo=
Subject key identifier:   41:49:65:2E:BB:85:35:55:FB:F8:5D:B4:AD:BE:0C:A8:96:A2:A3:63
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       0197C0B623594CAF95C0FF911FF70299F493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0381
Signing time:             Mon 30 Jun 2025 12:00:51 +0000
Manifest this update:     Mon 30 Jun 2025 12:00:51 +0000
Manifest next update:     Tue 01 Jul 2025 12:00:51 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: o4+dwT/328Xd9kWr06i/9CEUGpFK3+lqeHLNnLcKIIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:b6:23:59:4c:af:95:c0:ff:91:1f:f7:02:99:f4:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Jun 30 12:00:51 2025 GMT
            Not After : Jul  1 12:00:51 2025 GMT
        Subject: CN=4149652ebb853555fbf85db4adbe0ca896a2a363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2c:ce:98:e1:83:9d:68:76:46:90:fd:21:57:
                    13:d8:bc:bd:d4:49:49:6a:69:86:74:0c:87:9e:2e:
                    03:cb:cf:3d:d4:c5:81:fe:56:cf:3a:6f:9b:9c:84:
                    9f:3e:de:45:b6:30:79:f9:f6:bc:7e:b0:d5:e9:9c:
                    e0:f7:1e:5a:e5:0d:fd:89:06:a7:ac:c4:6f:b7:91:
                    80:c5:7e:dc:0c:32:da:8e:be:3c:f2:9d:1b:4d:52:
                    ec:91:ea:c7:b1:9a:15:4b:e3:10:da:da:c3:be:0e:
                    90:ab:76:ce:2c:86:41:b2:31:37:cc:31:92:58:41:
                    3b:24:db:8f:14:19:77:7d:96:5e:47:a4:97:a9:d2:
                    fe:85:ee:3c:6b:1a:0c:56:34:76:26:f0:b0:b8:04:
                    66:7f:70:a5:90:20:70:e2:cd:c3:c1:4b:1c:68:be:
                    8f:8a:21:02:3a:05:0d:e0:fb:7b:90:84:5e:17:2a:
                    2a:90:29:6a:eb:1e:da:b0:f3:c5:33:68:18:1b:af:
                    00:1b:dc:e3:17:0f:98:9c:67:61:2f:26:d3:e3:51:
                    df:31:12:61:82:7d:4d:26:13:a5:30:c3:28:20:68:
                    61:ed:07:f3:a2:80:1b:e6:9c:72:38:c2:21:de:64:
                    d3:3b:91:13:27:37:4d:58:ab:08:19:24:d3:4a:51:
                    74:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:49:65:2E:BB:85:35:55:FB:F8:5D:B4:AD:BE:0C:A8:96:A2:A3:63
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:72:f9:52:0f:f8:9a:98:1c:08:b7:fe:84:93:ce:c0:19:8c:
         57:3e:a8:b3:58:4b:cc:43:e3:45:43:b9:82:f4:d2:7f:6b:9f:
         09:0d:f0:87:03:b9:88:dc:44:a1:e3:d4:4b:40:33:8c:f2:37:
         43:a0:01:23:55:1d:eb:fa:a4:1c:fc:39:96:ef:05:27:95:a4:
         ae:55:19:09:77:07:41:13:ca:e3:40:78:47:d7:66:f2:3a:04:
         b8:53:54:54:18:6a:6d:58:b7:49:81:ee:f9:0a:b1:65:16:29:
         2c:42:35:be:9a:cf:87:83:6c:71:e8:cf:b0:62:f4:1a:16:26:
         b0:29:6f:6c:7d:5c:ec:c6:6d:a7:c8:34:e1:18:41:b7:35:17:
         f4:2c:a3:53:db:93:60:f1:41:cd:94:0b:f1:34:5f:85:56:3e:
         53:92:a2:2b:77:d0:c6:0e:69:9a:69:5a:b9:e3:e8:4f:1b:dd:
         16:4b:70:da:7d:63:11:40:68:95:43:b8:dc:2d:94:5f:50:ba:
         db:10:2d:60:de:e5:c2:cc:2d:60:d0:b6:24:1c:6d:97:f3:8b:
         fd:c9:a5:53:86:89:df:6f:b4:40:15:25:41:c3:43:53:65:e0:
         61:66:3c:6f:3c:75:4a:39:7d:cd:8c:a1:b9:aa:73:cb:4a:d9:
         a4:98:f2:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfAtiNZTK+VwP+RH/cCmfSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUwNjMwMTIwMDUxWhcNMjUwNzAxMTIwMDUxWjAzMTEwLwYDVQQD
Eyg0MTQ5NjUyZWJiODUzNTU1ZmJmODVkYjRhZGJlMGNhODk2YTJhMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCzOmOGDnWh2RpD9IVcT2Ly91ElJ
ammGdAyHni4Dy8891MWB/lbPOm+bnISfPt5FtjB5+fa8frDV6Zzg9x5a5Q39iQan
rMRvt5GAxX7cDDLajr488p0bTVLskerHsZoVS+MQ2trDvg6Qq3bOLIZBsjE3zDGS
WEE7JNuPFBl3fZZeR6SXqdL+he48axoMVjR2JvCwuARmf3ClkCBw4s3DwUscaL6P
iiECOgUN4Pt7kIReFyoqkClq6x7asPPFM2gYG68AG9zjFw+YnGdhLybT41HfMRJh
gn1NJhOlMMMoIGhh7QfzooAb5pxyOMIh3mTTO5ETJzdNWKsIGSTTSlF0QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFJZS67hTVV+/hdtK2+DKiWoqNjMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA03L5Ug/4
mpgcCLf+hJPOwBmMVz6os1hLzEPjRUO5gvTSf2ufCQ3whwO5iNxEoePUS0AzjPI3
Q6ABI1Ud6/qkHPw5lu8FJ5WkrlUZCXcHQRPK40B4R9dm8joEuFNUVBhqbVi3SYHu
+QqxZRYpLEI1vprPh4NscejPsGL0GhYmsClvbH1c7MZtp8g04RhBtzUX9CyjU9uT
YPFBzZQL8TRfhVY+U5KiK3fQxg5pmmlauePoTxvdFktw2n1jEUBolUO43C2UX1C6
2xAtYN7lwswtYNC2JBxtl/OL/cmlU4aJ32+0QBUlQcNDU2XgYWY8bzx1Sjl9zYyh
uapzy0rZpJjy+Q==
-----END CERTIFICATE-----