Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
File:                     Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft (raw, json)
Hash identifier:          9aP0o369vWhnLl8ZH/y+1WpVZF3XJSt4o3M3jwI6OpA=
Subject key identifier:   C4:49:77:0B:CE:B4:23:AF:C5:F3:79:41:15:84:9D:96:B8:A9:86:20
Authority key identifier: 4A:EF:BC:FA:7F:05:9F:F1:07:27:EA:61:9E:59:13:9D:A3:74:18:EF
Certificate issuer:       /CN=4aefbcfa7f059ff10727ea619e59139da37418ef
Certificate serial:       0197B6A0C1DD552AF6F80283FF7A07878426
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:01:18 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:18 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:18 +0000
Files and hashes:         1: Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl (hash: 9sC1aqY7m9M64EJCcmuT42zlz8p/Ha2TH007i/7Tz+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:c1:dd:55:2a:f6:f8:02:83:ff:7a:07:87:84:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aefbcfa7f059ff10727ea619e59139da37418ef
        Validity
            Not Before: Jun 28 13:01:18 2025 GMT
            Not After : Jun 29 13:01:18 2025 GMT
        Subject: CN=c449770bceb423afc5f3794115849d96b8a98620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:08:78:1d:5f:10:b7:14:e1:df:0a:64:98:f0:
                    a2:a6:97:1d:80:e6:39:e3:63:66:6f:2f:53:40:ed:
                    bb:d1:ae:23:d2:b7:e2:37:5a:09:09:57:c5:4d:d7:
                    57:b4:18:51:7f:f5:fd:1f:c1:5c:02:57:23:3a:6b:
                    cb:9e:08:cd:4b:22:fc:0c:61:dd:26:d1:f6:35:4c:
                    f1:df:0b:0c:24:4b:39:cd:48:24:99:f3:af:16:9f:
                    d6:72:5c:43:b4:e1:17:14:29:1b:a8:56:6d:6e:9c:
                    54:82:d5:6a:d0:1c:ad:b4:03:dd:a6:bb:fa:c1:21:
                    51:3b:d4:36:45:43:12:c2:4d:92:61:b8:65:fa:87:
                    41:81:50:95:ad:60:6e:0f:b3:c1:43:ef:f6:fd:99:
                    8e:7c:8c:16:48:02:7b:fa:0c:ed:4d:92:94:7b:69:
                    27:ad:df:b1:1e:74:8a:cb:ef:c7:0d:12:73:51:d3:
                    bc:65:7c:6a:f9:4e:32:83:bf:0b:b7:de:57:64:73:
                    f1:15:36:80:4d:89:1e:51:31:cc:05:8d:a2:3b:6e:
                    26:33:d8:5c:56:aa:2b:8e:66:3a:06:3d:8d:58:7c:
                    f4:06:4b:c9:5a:a9:f6:6d:97:31:70:58:46:9f:57:
                    e1:7b:b0:e8:0e:43:d8:28:bd:8d:b8:7e:5e:45:66:
                    10:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:49:77:0B:CE:B4:23:AF:C5:F3:79:41:15:84:9D:96:B8:A9:86:20
            X509v3 Authority Key Identifier:
                keyid:4A:EF:BC:FA:7F:05:9F:F1:07:27:EA:61:9E:59:13:9D:A3:74:18:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/63cff3-c9eb-4211-b92e-45f56b42c6ac/1/Su-8-n8Fn_EHJ-phnlkTnaN0GO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:73:f9:8d:21:38:76:7c:e8:a3:55:c7:97:ca:0c:b1:10:08:
         77:72:e1:35:dd:a5:3f:ed:47:b0:7f:7b:d6:39:fc:ce:b8:01:
         6e:2e:22:34:a5:3a:3f:f3:6b:60:a7:bd:7b:8c:f0:c9:c4:a9:
         23:4d:a4:e8:05:b3:87:50:d1:0e:35:09:5c:e3:c4:48:cd:c9:
         65:c8:d0:f7:ba:86:73:c5:84:be:b4:4d:7f:a2:5e:1e:c3:15:
         5f:69:49:86:72:c2:89:cf:f1:fa:fb:37:c8:56:43:14:0f:d8:
         fe:53:a2:d6:36:ff:74:0e:b1:55:3b:41:f3:af:0a:8a:6f:78:
         79:b9:cf:af:c1:ca:3b:5e:cc:8a:f0:e0:86:8f:bf:ce:37:a4:
         c8:bb:52:ef:e4:62:53:9b:e8:ae:0f:03:c8:4b:84:71:14:6e:
         f4:26:a8:a7:ee:e8:a6:8f:21:c1:e3:76:e0:27:97:f0:1c:06:
         f8:78:ef:29:17:12:bb:c0:e3:95:be:cc:e2:5e:61:84:82:13:
         1e:2e:75:ca:e0:f9:1d:1a:b6:56:e0:1e:3f:3c:40:db:18:64:
         a7:f7:be:58:4f:40:df:ec:a6:50:48:6f:1d:db:94:2d:06:3d:
         b2:f4:38:39:5b:db:c7:9d:ce:c6:da:1e:d6:95:5f:c6:0e:d4:
         71:00:32:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMHdVSr2+AKD/3oHh4QmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZiY2ZhN2YwNTlmZjEwNzI3ZWE2MTllNTkxMzlkYTM3
NDE4ZWYwHhcNMjUwNjI4MTMwMTE4WhcNMjUwNjI5MTMwMTE4WjAzMTEwLwYDVQQD
EyhjNDQ5NzcwYmNlYjQyM2FmYzVmMzc5NDExNTg0OWQ5NmI4YTk4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQh4HV8QtxTh3wpkmPCippcdgOY5
42Nmby9TQO270a4j0rfiN1oJCVfFTddXtBhRf/X9H8FcAlcjOmvLngjNSyL8DGHd
JtH2NUzx3wsMJEs5zUgkmfOvFp/WclxDtOEXFCkbqFZtbpxUgtVq0ByttAPdprv6
wSFRO9Q2RUMSwk2SYbhl+odBgVCVrWBuD7PBQ+/2/ZmOfIwWSAJ7+gztTZKUe2kn
rd+xHnSKy+/HDRJzUdO8ZXxq+U4yg78Lt95XZHPxFTaATYkeUTHMBY2iO24mM9hc
VqorjmY6Bj2NWHz0BkvJWqn2bZcxcFhGn1fhe7DoDkPYKL2NuH5eRWYQ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRJdwvOtCOvxfN5QRWEnZa4qYYgMB8GA1UdIwQY
MBaAFErvvPp/BZ/xByfqYZ5ZE52jdBjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82M2NmZjMtYzllYi00MjExLWI5MmUt
NDVmNTZiNDJjNmFjLzEvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82M2NmZjMtYzllYi00MjExLWI5MmUtNDVmNTZiNDJjNmFj
LzEvU3UtOC1uOEZuX0VISi1waG5sa1RuYU4wR084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsnP5jSE4
dnzoo1XHl8oMsRAId3LhNd2lP+1HsH971jn8zrgBbi4iNKU6P/NrYKe9e4zwycSp
I02k6AWzh1DRDjUJXOPESM3JZcjQ97qGc8WEvrRNf6JeHsMVX2lJhnLCic/x+vs3
yFZDFA/Y/lOi1jb/dA6xVTtB868Kim94ebnPr8HKO17MivDgho+/zjekyLtS7+Ri
U5vorg8DyEuEcRRu9Caop+7opo8hweN24CeX8BwG+HjvKRcSu8Djlb7M4l5hhIIT
Hi51yuD5HRq2VuAePzxA2xhkp/e+WE9A3+ymUEhvHduULQY9svQ4OVvbx53Oxtoe
1pVfxg7UcQAyzw==
-----END CERTIFICATE-----