Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          IBxjRf/kzu6oDUYSgD040SfaIoVG7+EurXHvnJFr72g=
Subject key identifier:   7C:A5:46:BA:99:BD:71:55:50:20:15:C2:9C:6C:04:6F:09:BF:A4:AC
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       0197B70E6564A28559759E97CBAD228E4F75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          1544
Signing time:             Sat 28 Jun 2025 15:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:03 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: TSYoSKthqVMZL9ZQt+w/CPwA6TIdb1X2Z7VJHt9yjO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:65:64:a2:85:59:75:9e:97:cb:ad:22:8e:4f:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Jun 28 15:01:03 2025 GMT
            Not After : Jun 29 15:01:03 2025 GMT
        Subject: CN=7ca546ba99bd7155502015c29c6c046f09bfa4ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:45:36:75:cd:fa:4b:d9:c1:c6:50:1a:43:22:
                    42:8c:2e:34:69:a8:39:d3:82:a6:cb:81:35:45:2a:
                    a4:ed:a5:c2:df:96:af:68:aa:73:86:c5:48:ac:b7:
                    51:4c:a3:90:27:3c:dc:7b:e6:7e:46:e3:cd:23:a0:
                    eb:20:08:ec:42:0d:66:85:6c:e1:cb:98:a0:41:18:
                    fc:58:28:90:37:54:d7:61:7c:92:7c:86:45:ef:43:
                    f0:4a:09:41:db:45:b3:07:5f:0e:2e:cc:67:8f:d4:
                    1d:12:51:ca:e6:1d:c0:c8:be:9d:5e:73:a8:d5:ea:
                    c3:6f:3e:43:d6:72:81:17:7d:48:9d:dd:64:20:34:
                    e3:91:38:a1:5c:e7:48:8a:00:96:96:cb:86:66:06:
                    fa:af:02:aa:df:bd:03:ff:e3:78:89:0e:97:68:b8:
                    c0:dd:26:b5:19:82:f2:84:d6:ef:33:e2:21:31:a3:
                    7c:82:f6:93:43:53:c8:bf:64:9a:6d:39:fc:c5:07:
                    f5:55:75:ab:80:5a:d3:50:04:51:54:d9:ad:15:84:
                    94:e2:a9:b6:36:40:5d:ea:4f:8d:68:f7:fc:49:68:
                    45:e4:2f:38:31:cf:a0:b0:d3:b1:01:42:a8:b9:0d:
                    6b:c0:00:f3:d8:b3:46:4c:b9:48:39:d6:0e:62:2b:
                    43:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A5:46:BA:99:BD:71:55:50:20:15:C2:9C:6C:04:6F:09:BF:A4:AC
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:3b:80:ff:6e:4e:43:45:b3:2a:a8:b6:17:00:ff:c2:34:e3:
         ee:b7:a4:ee:57:9b:79:15:1b:bb:ee:e5:35:91:c9:2a:21:f7:
         7c:89:15:78:60:2a:21:8b:9f:59:10:25:47:af:3d:f2:9b:6e:
         7e:a5:ff:a7:4c:f8:54:3f:a3:f1:3c:45:2e:cf:f7:8e:17:55:
         49:7f:ec:00:53:36:f9:fe:a2:d6:2e:59:05:af:5a:35:9e:ee:
         fc:1b:9f:08:1a:ad:5b:17:f9:10:49:95:f4:f5:ca:28:3f:1d:
         14:de:6c:20:60:e6:7a:f2:31:e0:44:e8:32:06:b0:1c:ff:0c:
         bd:06:2e:9d:5e:41:e1:9f:24:66:f5:d0:00:91:8e:2b:90:dc:
         24:0e:7e:5d:4d:71:0d:e1:42:2a:e6:29:ae:77:54:06:ee:37:
         ca:79:c6:85:d7:18:8d:cb:2e:c1:e6:ed:6d:74:1a:f7:d2:59:
         fb:11:e9:93:85:ae:32:95:28:a7:45:7f:85:65:3e:52:24:7d:
         45:44:f9:72:2f:67:5a:9f:b1:06:ff:37:29:8d:3a:6f:25:40:
         63:a6:5e:c3:8d:ec:66:49:66:a3:d4:ec:a1:fb:25:dc:84:41:
         a3:85:34:6f:6b:51:a4:9e:c4:f3:fb:d1:d0:36:ad:ab:44:7b:
         71:c8:e7:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DmVkooVZdZ6Xy60ijk91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjUwNjI4MTUwMTAzWhcNMjUwNjI5MTUwMTAzWjAzMTEwLwYDVQQD
Eyg3Y2E1NDZiYTk5YmQ3MTU1NTAyMDE1YzI5YzZjMDQ2ZjA5YmZhNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkU2dc36S9nBxlAaQyJCjC40aag5
04Kmy4E1RSqk7aXC35avaKpzhsVIrLdRTKOQJzzce+Z+RuPNI6DrIAjsQg1mhWzh
y5igQRj8WCiQN1TXYXySfIZF70PwSglB20WzB18OLsxnj9QdElHK5h3AyL6dXnOo
1erDbz5D1nKBF31Ind1kIDTjkTihXOdIigCWlsuGZgb6rwKq370D/+N4iQ6XaLjA
3Sa1GYLyhNbvM+IhMaN8gvaTQ1PIv2SabTn8xQf1VXWrgFrTUARRVNmtFYSU4qm2
NkBd6k+NaPf8SWhF5C84Mc+gsNOxAUKouQ1rwADz2LNGTLlIOdYOYitDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHylRrqZvXFVUCAVwpxsBG8Jv6SsMB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzuA/25O
Q0WzKqi2FwD/wjTj7rek7lebeRUbu+7lNZHJKiH3fIkVeGAqIYufWRAlR6898ptu
fqX/p0z4VD+j8TxFLs/3jhdVSX/sAFM2+f6i1i5ZBa9aNZ7u/BufCBqtWxf5EEmV
9PXKKD8dFN5sIGDmevIx4EToMgawHP8MvQYunV5B4Z8kZvXQAJGOK5DcJA5+XU1x
DeFCKuYprndUBu43ynnGhdcYjcsuwebtbXQa99JZ+xHpk4WuMpUop0V/hWU+UiR9
RUT5ci9nWp+xBv83KY06byVAY6Zew43sZklmo9Tsofsl3IRBo4U0b2tRpJ7E8/vR
0Datq0R7ccjnow==
-----END CERTIFICATE-----