Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
File:                     1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft (raw, json)
Hash identifier:          WLP1DOx1AoEy725rSzdiq0qobhVy4ANocTDhIfJge+A=
Subject key identifier:   B3:2A:B8:E6:AD:18:09:F5:65:77:8D:C2:6D:E3:E0:24:E3:AF:13:D1
Authority key identifier: D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4
Certificate issuer:       /CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
Certificate serial:       0197B7EA23AF380AE5C7945AE3F12C28F597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
Manifest number:          0D01
Signing time:             Sat 28 Jun 2025 19:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:04 +0000
Files and hashes:         1: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl (hash: QZXipCoGWoBQ8YqAqXQgWTarPGbCH+mraOJe92GkafY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:23:af:38:0a:e5:c7:94:5a:e3:f1:2c:28:f5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
        Validity
            Not Before: Jun 28 19:01:04 2025 GMT
            Not After : Jun 29 19:01:04 2025 GMT
        Subject: CN=b32ab8e6ad1809f565778dc26de3e024e3af13d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9e:d3:e8:12:67:e8:59:48:73:7d:1a:12:e2:
                    84:6d:7f:8a:c9:18:ff:34:a7:76:13:d3:98:02:7e:
                    9d:a0:f5:f0:dd:41:aa:1a:f1:56:96:cb:9e:01:7c:
                    07:47:8c:7b:91:84:8e:56:32:75:86:74:aa:a4:de:
                    67:d9:e5:7a:16:a3:08:5a:9b:52:c4:9a:64:5e:3f:
                    77:04:26:0a:99:23:54:07:fb:f2:92:8a:f4:86:d0:
                    f5:29:bc:b5:f3:b8:48:b5:53:00:45:c6:7f:61:46:
                    a5:b4:ff:74:79:01:3b:e7:2b:d9:b8:a2:c2:4a:d1:
                    55:35:9b:9e:36:6d:95:c6:78:ff:f9:02:34:dd:fc:
                    ba:2b:de:18:cb:ce:51:bc:f4:2f:c5:af:a5:68:09:
                    c2:e6:2f:da:de:6f:29:0a:29:fc:26:ce:4e:5b:34:
                    b8:84:3a:02:da:ee:b0:9e:12:ba:82:71:90:d3:57:
                    a2:9a:ce:c2:7b:ef:e7:d6:88:d5:b3:95:b2:2a:cb:
                    d4:2f:78:96:0f:72:ee:30:65:c2:72:d7:2b:7c:fe:
                    df:32:7e:90:5f:0f:63:5a:f5:8c:da:8c:d7:fc:e5:
                    17:f1:b2:87:47:42:1c:fc:10:fa:76:f0:97:8b:d5:
                    21:bb:52:cc:c4:2a:b5:a7:cf:1d:06:db:07:f6:56:
                    39:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:2A:B8:E6:AD:18:09:F5:65:77:8D:C2:6D:E3:E0:24:E3:AF:13:D1
            X509v3 Authority Key Identifier:
                keyid:D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:c7:9b:22:60:e0:1d:07:5f:9a:a0:a3:7d:21:6f:63:d7:ab:
         0d:31:65:5d:bb:82:2d:00:66:0f:5b:2c:f8:d9:8d:9c:e2:2e:
         76:a0:83:cd:0e:47:56:1a:5c:bf:32:97:c7:5f:58:62:32:0f:
         6a:82:c2:5a:99:22:0b:79:44:4b:eb:d0:95:cf:be:de:3a:b9:
         37:3b:f5:dd:a5:9d:c0:5e:bf:86:71:fe:47:89:a3:ef:3e:f1:
         72:ca:68:cc:ac:53:0d:42:0b:e1:25:bf:31:bd:e5:76:dd:c8:
         d1:2c:68:b8:be:ea:98:20:40:1f:e4:df:9d:09:76:dc:0a:4a:
         bb:59:45:6e:1b:bc:a1:77:90:93:fd:b1:fa:f5:b5:69:0e:a7:
         d6:a1:7d:bd:0c:ad:0e:94:d5:30:60:b4:f9:7b:b1:71:c9:61:
         56:89:0a:9d:9f:f8:c1:44:bc:d2:29:0d:bd:eb:50:d0:97:5e:
         c7:a4:8d:df:26:12:e1:aa:89:a4:64:6b:3c:7c:4a:9c:e0:d5:
         ed:ff:56:2b:b7:34:9d:4c:40:2d:03:36:58:5f:eb:26:05:73:
         22:cb:66:71:b6:2b:cd:eb:c1:0b:a9:23:3a:e4:9d:0b:03:b3:
         64:47:c5:31:85:0f:3c:ed:47:04:bb:af:97:10:3a:f8:38:88:
         a4:d3:bd:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36iOvOArlx5Ra4/EsKPWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Y4ZTQyZmI4NDQyYTQ4YTdkNDdlZjRjMGI2ZTE0NzUx
NGJmYzQwHhcNMjUwNjI4MTkwMTA0WhcNMjUwNjI5MTkwMTA0WjAzMTEwLwYDVQQD
EyhiMzJhYjhlNmFkMTgwOWY1NjU3NzhkYzI2ZGUzZTAyNGUzYWYxM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ7T6BJn6FlIc30aEuKEbX+KyRj/
NKd2E9OYAn6doPXw3UGqGvFWlsueAXwHR4x7kYSOVjJ1hnSqpN5n2eV6FqMIWptS
xJpkXj93BCYKmSNUB/vykor0htD1Kby187hItVMARcZ/YUaltP90eQE75yvZuKLC
StFVNZueNm2Vxnj/+QI03fy6K94Yy85RvPQvxa+laAnC5i/a3m8pCin8Js5OWzS4
hDoC2u6wnhK6gnGQ01eims7Ce+/n1ojVs5WyKsvUL3iWD3LuMGXCctcrfP7fMn6Q
Xw9jWvWM2ozX/OUX8bKHR0Ic/BD6dvCXi9Uhu1LMxCq1p88dBtsH9lY5DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMquOatGAn1ZXeNwm3j4CTjrxPRMB8GA1UdIwQY
MBaAFNY/jkL7hEKkin1H70wLbhR1FL/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODct
MmVkN2E3MTVmOGQ3LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODctMmVkN2E3MTVmOGQ3
LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMebImDg
HQdfmqCjfSFvY9erDTFlXbuCLQBmD1ss+NmNnOIudqCDzQ5HVhpcvzKXx19YYjIP
aoLCWpkiC3lES+vQlc++3jq5Nzv13aWdwF6/hnH+R4mj7z7xcspozKxTDUIL4SW/
Mb3ldt3I0SxouL7qmCBAH+TfnQl23ApKu1lFbhu8oXeQk/2x+vW1aQ6n1qF9vQyt
DpTVMGC0+XuxcclhVokKnZ/4wUS80ikNvetQ0Jdex6SN3yYS4aqJpGRrPHxKnODV
7f9WK7c0nUxALQM2WF/rJgVzIstmcbYrzevBC6kjOuSdCwOzZEfFMYUPPO1HBLuv
lxA6+DiIpNO9hg==
-----END CERTIFICATE-----