Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
File:                     tRm7YH6Ot267nMsgIsxkbDzOC2A.mft (raw, json)
Hash identifier:          x7xTHNZvSai74hkTV5R9fptINoRdnWGi3yR1eOl7/Lc=
Subject key identifier:   F2:BE:87:44:93:D4:80:AB:48:88:87:E7:6C:F5:36:C6:A4:CD:4C:3A
Authority key identifier: B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60
Certificate issuer:       /CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
Certificate serial:       0197B6A08F8741A1546E5B5C0DF63366084C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 13:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:05 +0000
Files and hashes:         1: tRm7YH6Ot267nMsgIsxkbDzOC2A.crl (hash: ri3VEteYPKR3UpSZjx5xUyyVkIFXSZ6kbDccU3DaqxU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:8f:87:41:a1:54:6e:5b:5c:0d:f6:33:66:08:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
        Validity
            Not Before: Jun 28 13:01:05 2025 GMT
            Not After : Jun 29 13:01:05 2025 GMT
        Subject: CN=f2be874493d480ab488887e76cf536c6a4cd4c3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:65:e5:a4:c0:13:bd:d5:52:e6:37:c2:5e:02:
                    cd:33:ef:8a:76:de:22:4b:57:fc:c5:a6:f5:b5:ab:
                    e2:5c:8a:7c:b2:7a:f2:17:af:45:02:a8:ff:fe:b4:
                    bd:cf:16:4d:b3:d8:bc:43:22:f3:50:19:a9:89:90:
                    5f:77:0c:04:de:90:12:4a:32:71:05:9f:21:b2:b3:
                    61:d0:4d:fd:04:97:f2:74:f7:ad:4f:42:74:9e:b8:
                    b5:de:44:97:52:52:82:a2:9b:e2:8c:c3:5e:6a:f8:
                    d0:af:8b:5f:e7:1c:9e:33:08:2b:b0:f7:84:13:1b:
                    1d:3d:bd:42:20:a3:fd:9f:68:b1:93:cb:66:9b:63:
                    6c:90:37:cb:6d:1f:dd:1e:b6:68:72:e8:62:01:af:
                    1d:91:35:22:5c:e8:97:6a:8e:82:5c:fd:ff:dc:d7:
                    3c:58:ef:4c:31:04:3f:2f:40:c7:3c:9d:ba:7f:5a:
                    c8:d7:5f:ef:04:83:d9:ec:6f:57:fe:9a:06:17:58:
                    99:52:3b:96:d6:a0:9f:c2:e1:8a:18:0b:74:f5:85:
                    d4:17:b0:86:1f:20:3b:62:f4:32:95:d2:dc:3f:e1:
                    5f:9e:46:d1:ef:f0:f6:54:24:0e:2f:4c:ba:b8:f2:
                    b9:7f:93:ae:42:f4:0b:b1:a9:19:7a:5a:c2:3a:41:
                    53:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:BE:87:44:93:D4:80:AB:48:88:87:E7:6C:F5:36:C6:A4:CD:4C:3A
            X509v3 Authority Key Identifier:
                keyid:B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:2c:14:7b:06:e1:f6:4e:f3:c7:9b:d1:a3:7d:a8:c9:22:40:
         2f:ca:78:85:8b:d6:5c:02:24:c3:80:f3:c1:df:c2:af:f8:2e:
         36:9e:0a:3a:85:4c:07:64:c0:74:92:b6:4e:03:37:fa:13:4f:
         da:f0:5e:d8:f7:1a:b0:af:90:fd:77:0c:d5:02:9d:bb:8f:cc:
         27:6e:e5:cb:40:96:de:85:39:89:b5:68:9a:60:1c:24:14:99:
         d9:c0:0f:dc:ee:b7:db:2a:cd:02:5e:e5:f9:dc:42:89:26:93:
         f8:83:73:8f:be:0f:0c:d0:8c:d7:8e:f0:d8:8d:a1:7f:55:1b:
         0c:3e:05:ab:13:d5:e0:41:3d:98:fc:04:01:82:2b:a3:19:f5:
         eb:63:bb:e0:b2:9b:9b:ec:91:b3:d4:e6:04:d7:33:b9:03:9f:
         d0:92:bd:81:bd:f1:d7:86:e4:75:a9:6e:18:99:33:f7:a1:be:
         c9:f1:5f:9e:2d:1a:25:60:3e:4d:d8:13:89:72:56:0f:69:05:
         ef:8c:45:2e:86:03:6a:40:9f:35:48:5f:62:ea:59:46:56:76:
         f9:82:1f:c8:f9:90:42:ac:aa:87:3d:39:db:77:c2:1c:9d:3e:
         37:17:9b:5c:96:35:f8:e1:59:f2:62:3d:d8:08:2d:61:3c:ed:
         11:9f:d9:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oI+HQaFUbltcDfYzZghMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTliYjYwN2U4ZWI3NmViYjljY2IyMDIyY2M2NDZjM2Nj
ZTBiNjAwHhcNMjUwNjI4MTMwMTA1WhcNMjUwNjI5MTMwMTA1WjAzMTEwLwYDVQQD
EyhmMmJlODc0NDkzZDQ4MGFiNDg4ODg3ZTc2Y2Y1MzZjNmE0Y2Q0YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGXlpMATvdVS5jfCXgLNM++Kdt4i
S1f8xab1taviXIp8snryF69FAqj//rS9zxZNs9i8QyLzUBmpiZBfdwwE3pASSjJx
BZ8hsrNh0E39BJfydPetT0J0nri13kSXUlKCopvijMNeavjQr4tf5xyeMwgrsPeE
ExsdPb1CIKP9n2ixk8tmm2NskDfLbR/dHrZocuhiAa8dkTUiXOiXao6CXP3/3Nc8
WO9MMQQ/L0DHPJ26f1rI11/vBIPZ7G9X/poGF1iZUjuW1qCfwuGKGAt09YXUF7CG
HyA7YvQyldLcP+FfnkbR7/D2VCQOL0y6uPK5f5OuQvQLsakZelrCOkFTwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPK+h0ST1ICrSIiH52z1NsakzUw6MB8GA1UdIwQY
MBaAFLUZu2B+jrduu5zLICLMZGw8zgtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYt
ZTE4MTg0ZTgwMjU4LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYtZTE4MTg0ZTgwMjU4
LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjiwUewbh
9k7zx5vRo32oySJAL8p4hYvWXAIkw4Dzwd/Cr/guNp4KOoVMB2TAdJK2TgM3+hNP
2vBe2PcasK+Q/XcM1QKdu4/MJ27ly0CW3oU5ibVommAcJBSZ2cAP3O632yrNAl7l
+dxCiSaT+INzj74PDNCM147w2I2hf1UbDD4FqxPV4EE9mPwEAYIroxn162O74LKb
m+yRs9TmBNczuQOf0JK9gb3x14bkdaluGJkz96G+yfFfni0aJWA+TdgTiXJWD2kF
74xFLoYDakCfNUhfYupZRlZ2+YIfyPmQQqyqhz0523fCHJ0+NxebXJY1+OFZ8mI9
2AgtYTztEZ/ZBQ==
-----END CERTIFICATE-----