Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          Jvm6BEZY/L0CyI5Cs+d9hI8pbm8DXELQslXm8G1OkOA=
Subject key identifier:   76:D4:E4:61:33:F7:D3:F7:EA:9F:9B:D2:46:B8:5F:57:BE:31:51:18
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       0197B6A20963DF0C65D4A638C0E90BC0B00C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          011F
Signing time:             Sat 28 Jun 2025 13:02:41 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:41 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:41 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: GwbM3Ydh0ZTw8dHymqPAX2QD6cWBGqyoEjG1TT7f6xM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:09:63:df:0c:65:d4:a6:38:c0:e9:0b:c0:b0:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Jun 28 13:02:41 2025 GMT
            Not After : Jun 29 13:02:41 2025 GMT
        Subject: CN=76d4e46133f7d3f7ea9f9bd246b85f57be315118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:bf:84:f8:e8:fe:4b:a6:0c:d1:49:db:7b:66:
                    79:4c:ee:96:b1:32:ea:8d:64:dc:0c:0a:ca:02:23:
                    61:35:f7:5c:1d:f6:f1:de:9d:66:12:4c:d9:d2:01:
                    19:3c:b2:27:c5:5a:4e:bf:21:8e:ff:99:40:e6:73:
                    b9:18:da:9f:42:25:84:9f:6a:fd:f4:13:08:c1:9f:
                    96:48:b2:41:26:73:6f:92:a6:21:5c:12:c2:ee:24:
                    4f:c6:0f:a6:e6:63:59:14:c6:a2:c1:da:1e:db:c0:
                    65:a1:27:a5:60:9d:84:9a:34:62:b5:a8:2f:ee:ad:
                    73:78:0c:f0:bc:d0:57:4d:e2:7f:a7:88:1b:b4:da:
                    b1:0f:bb:71:af:e9:99:a7:f3:b8:f0:34:ff:f9:88:
                    45:cd:95:b2:2d:d3:c7:3a:80:7d:92:48:a2:d0:19:
                    65:59:53:6d:41:aa:20:ea:e8:5a:a0:5d:4a:49:4f:
                    11:bf:9c:0a:f3:35:72:84:b4:e0:9f:ff:ac:51:6a:
                    bc:2a:51:df:30:14:c0:8c:2c:bb:37:8e:91:10:7a:
                    d9:91:8e:67:9a:7a:71:de:3e:45:40:a4:b1:a2:8d:
                    ca:d8:d9:77:04:97:c4:c2:08:da:09:8e:35:50:7a:
                    e6:ec:92:6b:85:69:64:b4:f4:a9:7d:3b:55:2e:3a:
                    ea:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D4:E4:61:33:F7:D3:F7:EA:9F:9B:D2:46:B8:5F:57:BE:31:51:18
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:ef:88:4a:82:c6:f8:b9:c6:94:b0:5a:4e:1a:16:68:35:c8:
         58:d1:b0:36:d5:dd:6d:2a:1b:bb:59:b7:4b:fd:f4:01:b3:3a:
         0a:67:31:b4:e9:a4:96:e5:25:f1:7a:81:f8:ce:64:da:b3:9f:
         01:90:e9:6c:6d:e6:77:a7:15:b4:79:be:52:12:40:13:e1:b6:
         13:85:e5:93:89:a2:3d:45:9d:8a:26:97:f1:66:04:70:ed:a2:
         79:76:54:d8:e6:7e:d7:2c:0f:c4:d0:a3:66:e8:42:57:50:39:
         14:9f:a2:74:3e:fd:d0:57:6c:04:57:a8:9a:f6:28:e6:72:01:
         fc:99:93:7b:03:00:a5:2f:35:70:95:d9:97:b6:02:76:b6:4b:
         b8:22:48:02:cd:7a:76:3f:2e:58:f7:b3:62:d6:80:96:3e:f1:
         8f:54:0a:a3:58:d5:b5:5f:0d:cf:3a:d6:c3:77:af:4f:02:0e:
         82:8f:eb:fc:b1:ff:8a:7c:da:dc:6a:02:ae:78:01:a4:cc:9e:
         d6:9a:12:46:03:83:9f:d4:2b:b2:17:31:6b:c0:9a:10:6d:56:
         cc:17:fd:1a:19:83:98:db:01:4d:0e:3d:58:81:14:ae:32:dc:
         9f:db:ac:ed:f4:3f:08:91:f1:fa:ef:73:5f:b4:35:8f:f0:cb:
         de:4b:5c:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oglj3wxl1KY4wOkLwLAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwNjI4MTMwMjQxWhcNMjUwNjI5MTMwMjQxWjAzMTEwLwYDVQQD
Eyg3NmQ0ZTQ2MTMzZjdkM2Y3ZWE5ZjliZDI0NmI4NWY1N2JlMzE1MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr+E+Oj+S6YM0Unbe2Z5TO6WsTLq
jWTcDArKAiNhNfdcHfbx3p1mEkzZ0gEZPLInxVpOvyGO/5lA5nO5GNqfQiWEn2r9
9BMIwZ+WSLJBJnNvkqYhXBLC7iRPxg+m5mNZFMaiwdoe28BloSelYJ2EmjRitagv
7q1zeAzwvNBXTeJ/p4gbtNqxD7txr+mZp/O48DT/+YhFzZWyLdPHOoB9kkii0Bll
WVNtQaog6uhaoF1KSU8Rv5wK8zVyhLTgn/+sUWq8KlHfMBTAjCy7N46REHrZkY5n
mnpx3j5FQKSxoo3K2Nl3BJfEwgjaCY41UHrm7JJrhWlktPSpfTtVLjrqQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbU5GEz99P36p+b0ka4X1e+MVEYMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlu+ISoLG
+LnGlLBaThoWaDXIWNGwNtXdbSobu1m3S/30AbM6CmcxtOmkluUl8XqB+M5k2rOf
AZDpbG3md6cVtHm+UhJAE+G2E4Xlk4miPUWdiiaX8WYEcO2ieXZU2OZ+1ywPxNCj
ZuhCV1A5FJ+idD790FdsBFeomvYo5nIB/JmTewMApS81cJXZl7YCdrZLuCJIAs16
dj8uWPezYtaAlj7xj1QKo1jVtV8NzzrWw3evTwIOgo/r/LH/inza3GoCrngBpMye
1poSRgODn9Qrshcxa8CaEG1WzBf9GhmDmNsBTQ49WIEUrjLcn9us7fQ/CJHx+u9z
X7Q1j/DL3ktcqQ==
-----END CERTIFICATE-----