Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
File:                     moI9HNrrg3dfH7vV-frkGsXfFxk.mft (raw, json)
Hash identifier:          LF+Yv0tAID08OWIvI/MscrANwcR//VjM3TpgqdZYzjM=
Subject key identifier:   C4:CD:CD:F7:9D:DB:53:85:17:24:D8:8E:F7:19:F3:2F:EC:7A:55:3F
Authority key identifier: 9A:82:3D:1C:DA:EB:83:77:5F:1F:BB:D5:F9:FA:E4:1A:C5:DF:17:19
Certificate issuer:       /CN=9a823d1cdaeb83775f1fbbd5f9fae41ac5df1719
Certificate serial:       0197C2A489EA8F85A21B57AAA9CEABD31215
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
Manifest number:          05F3
Signing time:             Mon 30 Jun 2025 21:00:52 +0000
Manifest this update:     Mon 30 Jun 2025 21:00:52 +0000
Manifest next update:     Tue 01 Jul 2025 21:00:52 +0000
Files and hashes:         1: moI9HNrrg3dfH7vV-frkGsXfFxk.crl (hash: 4C7Bazy+BtqwIHc6NBo9Koy5ljobqW376zW86FUsUQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:a4:89:ea:8f:85:a2:1b:57:aa:a9:ce:ab:d3:12:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a823d1cdaeb83775f1fbbd5f9fae41ac5df1719
        Validity
            Not Before: Jun 30 21:00:52 2025 GMT
            Not After : Jul  1 21:00:52 2025 GMT
        Subject: CN=c4cdcdf79ddb53851724d88ef719f32fec7a553f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a1:74:8f:9d:ce:db:bf:cf:6b:75:ab:ea:5c:
                    ee:6c:c4:6d:e8:bd:9b:c8:f4:4c:fa:1e:86:84:95:
                    08:f9:f9:cd:4f:dc:53:bc:a4:5c:17:7f:3d:d8:4b:
                    b5:a3:10:f2:0b:c3:aa:8c:2d:d4:a7:24:20:5a:6a:
                    08:09:ee:69:8a:51:e3:2b:aa:4a:f4:b8:41:02:a5:
                    df:7d:ff:42:61:54:c9:26:fe:3a:32:9f:ac:0e:5a:
                    06:c5:56:55:f7:8b:1e:52:16:1b:ba:17:ca:4a:8c:
                    b7:40:1d:3b:ae:25:7b:85:ab:5d:8f:f5:d4:9e:75:
                    6f:0a:f8:c2:2a:d6:24:be:aa:87:24:ea:93:0a:16:
                    9c:09:51:36:f4:c3:4e:8b:f9:92:7f:34:9a:4b:29:
                    44:81:83:8d:3e:11:0b:ec:f8:44:77:98:ea:f0:cb:
                    b6:a6:b3:97:ab:d8:2c:f0:55:82:54:f2:f5:39:86:
                    03:d4:0f:72:72:af:7b:b5:f2:c7:ca:f0:6a:a3:d6:
                    3f:51:7d:87:4c:ed:5e:b2:67:62:f2:45:c4:f9:39:
                    b2:8c:e0:a0:c7:e6:ad:a2:61:be:d5:60:46:d9:e1:
                    de:df:aa:6f:a5:c0:a9:44:ff:7c:4e:f8:cc:49:ee:
                    59:8d:45:ee:81:48:0a:61:9c:9d:95:dd:ea:27:15:
                    e7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:CD:CD:F7:9D:DB:53:85:17:24:D8:8E:F7:19:F3:2F:EC:7A:55:3F
            X509v3 Authority Key Identifier:
                keyid:9A:82:3D:1C:DA:EB:83:77:5F:1F:BB:D5:F9:FA:E4:1A:C5:DF:17:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moI9HNrrg3dfH7vV-frkGsXfFxk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0bf3b2-4dc4-4e25-9b9b-01f9a7b494da/1/moI9HNrrg3dfH7vV-frkGsXfFxk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:3d:63:2f:09:2b:a3:3e:9d:a0:11:47:e3:f9:6b:1a:36:44:
         08:66:38:3a:5e:66:2f:b2:28:30:83:c2:e5:c7:49:0b:21:17:
         91:86:9f:57:21:04:52:b9:65:b9:79:53:83:dd:68:1d:58:04:
         ea:36:bb:98:60:a4:62:bc:04:7a:38:ff:e2:a2:5b:81:65:a4:
         bb:5a:84:70:e2:eb:9c:82:13:3e:d6:4a:02:5f:32:9f:83:9f:
         3a:39:28:35:01:25:9b:1b:aa:28:27:30:3d:ae:04:20:7e:41:
         be:cc:2a:11:30:8b:31:55:93:89:87:f9:9a:60:a7:f3:52:23:
         c4:e6:61:97:66:4d:c1:dc:5e:64:9c:9d:c2:fb:95:55:f4:f7:
         72:f1:9d:b2:50:0c:c7:b9:30:f1:8f:2d:3f:cb:a0:a5:cc:96:
         a8:79:26:cc:96:b5:39:b6:19:87:ce:ac:be:04:4a:65:fe:8c:
         09:94:60:80:53:74:e4:38:14:2b:67:d3:64:ec:80:dd:3f:0a:
         45:88:6b:37:5d:b1:a9:58:8a:fb:11:60:09:fc:2a:d5:12:5d:
         5f:bf:e6:fd:d2:42:8e:12:df:47:2c:56:ed:a9:ff:a5:6b:4b:
         98:ef:58:f1:65:22:ff:bd:d7:21:68:ec:6f:95:fb:da:c8:e2:
         1f:64:c7:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCpInqj4WiG1eqqc6r0xIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODIzZDFjZGFlYjgzNzc1ZjFmYmJkNWY5ZmFlNDFhYzVk
ZjE3MTkwHhcNMjUwNjMwMjEwMDUyWhcNMjUwNzAxMjEwMDUyWjAzMTEwLwYDVQQD
EyhjNGNkY2RmNzlkZGI1Mzg1MTcyNGQ4OGVmNzE5ZjMyZmVjN2E1NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6F0j53O27/Pa3Wr6lzubMRt6L2b
yPRM+h6GhJUI+fnNT9xTvKRcF3892Eu1oxDyC8OqjC3UpyQgWmoICe5pilHjK6pK
9LhBAqXfff9CYVTJJv46Mp+sDloGxVZV94seUhYbuhfKSoy3QB07riV7hatdj/XU
nnVvCvjCKtYkvqqHJOqTChacCVE29MNOi/mSfzSaSylEgYONPhEL7PhEd5jq8Mu2
prOXq9gs8FWCVPL1OYYD1A9ycq97tfLHyvBqo9Y/UX2HTO1esmdi8kXE+TmyjOCg
x+atomG+1WBG2eHe36pvpcCpRP98TvjMSe5ZjUXugUgKYZydld3qJxXn1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTNzfed21OFFyTYjvcZ8y/selU/MB8GA1UdIwQY
MBaAFJqCPRza64N3Xx+71fn65BrF3xcZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wYmYzYjItNGRjNC00ZTI1LTliOWIt
MDFmOWE3YjQ5NGRhLzEvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wYmYzYjItNGRjNC00ZTI1LTliOWItMDFmOWE3YjQ5NGRh
LzEvbW9JOUhOcnJnM2RmSDd2Vi1mcmtHc1hmRnhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYz1jLwkr
oz6doBFH4/lrGjZECGY4Ol5mL7IoMIPC5cdJCyEXkYafVyEEUrlluXlTg91oHVgE
6ja7mGCkYrwEejj/4qJbgWWku1qEcOLrnIITPtZKAl8yn4OfOjkoNQElmxuqKCcw
Pa4EIH5BvswqETCLMVWTiYf5mmCn81IjxOZhl2ZNwdxeZJydwvuVVfT3cvGdslAM
x7kw8Y8tP8ugpcyWqHkmzJa1ObYZh86svgRKZf6MCZRggFN05DgUK2fTZOyA3T8K
RYhrN12xqViK+xFgCfwq1RJdX7/m/dJCjhLfRyxW7an/pWtLmO9Y8WUi/73XIWjs
b5X72sjiH2THiQ==
-----END CERTIFICATE-----