Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
File:                     C86QcAXcPrBHC8PbRpCNoQkXuEo.mft (raw, json)
Hash identifier:          BBpuHrkOLuqQa9EiF6118gkhd7ome29gvY4glBc42n8=
Subject key identifier:   D6:AD:47:D9:91:E9:7A:42:46:32:C6:CE:49:DA:DC:73:5A:A6:1A:42
Authority key identifier: 0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A
Certificate issuer:       /CN=0bce907005dc3eb0470bc3db46908da10917b84a
Certificate serial:       0197B6A22FF9E931AC32CCC82ED6163823B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
Manifest number:          0F64
Signing time:             Sat 28 Jun 2025 13:02:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:51 +0000
Files and hashes:         1: C86QcAXcPrBHC8PbRpCNoQkXuEo.crl (hash: HnZQK8ID+Tmx/NB9qc9Eou4Bq1e2mFqLDenonRC9uWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:2f:f9:e9:31:ac:32:cc:c8:2e:d6:16:38:23:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bce907005dc3eb0470bc3db46908da10917b84a
        Validity
            Not Before: Jun 28 13:02:51 2025 GMT
            Not After : Jun 29 13:02:51 2025 GMT
        Subject: CN=d6ad47d991e97a424632c6ce49dadc735aa61a42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:36:cf:c0:74:e0:25:88:5c:d6:df:5b:3d:81:
                    e4:b1:86:34:c0:55:05:58:85:c7:e9:3a:dc:eb:e7:
                    9a:e3:9f:0c:cb:bc:46:0e:2f:04:a8:87:25:a5:3d:
                    ae:c8:fc:50:d2:79:0a:e5:f4:8a:d0:ff:9a:f2:f8:
                    5f:02:7f:b3:e8:a7:3b:70:16:2d:18:6e:06:a7:b8:
                    ae:4d:0f:0b:f2:27:dd:6c:77:c5:b0:1f:dc:5e:f4:
                    bf:23:fa:62:ed:ba:cd:5f:36:1d:c1:02:cb:cb:a8:
                    e7:37:92:a8:04:9e:b3:97:ed:5b:1f:22:e7:97:7e:
                    a9:e0:6f:6b:4e:d1:d9:b6:11:39:a4:e3:ee:db:22:
                    00:cf:49:4b:d0:de:01:dc:57:d1:7b:56:55:a7:cd:
                    68:87:60:0e:fb:13:ac:eb:73:d0:10:2e:77:87:82:
                    5a:93:15:f5:53:15:29:8d:b1:e9:40:2a:9f:28:c0:
                    94:c6:d2:fa:21:5b:6e:80:5f:7b:ca:58:3e:d8:72:
                    98:c2:c5:a1:54:e3:86:0c:8f:7c:b1:a7:24:67:ce:
                    34:93:13:46:92:36:3f:07:c5:1d:ba:e0:4f:90:85:
                    81:c8:ab:a1:58:dc:07:ec:f4:77:3d:96:54:10:3b:
                    d0:c5:06:8a:38:f9:5b:49:97:07:43:df:84:b8:72:
                    25:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:AD:47:D9:91:E9:7A:42:46:32:C6:CE:49:DA:DC:73:5A:A6:1A:42
            X509v3 Authority Key Identifier:
                keyid:0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:b0:a0:25:e0:ba:ca:94:d7:04:06:e8:d2:87:0e:3d:f3:00:
         c0:6d:bb:88:63:72:2c:23:9f:76:43:7e:bb:26:dc:5e:e6:a7:
         56:44:21:41:60:02:25:8e:de:e4:7c:2f:dc:7d:25:57:6d:38:
         ee:5e:87:63:d3:ae:05:7c:99:03:0d:f5:e9:31:72:0a:88:c7:
         6b:29:20:c2:6b:d6:94:91:6d:a0:4a:19:fd:b3:a6:bf:b8:f5:
         1f:89:03:be:81:f4:a6:6e:dd:b6:ee:3e:8a:d4:65:ec:e7:82:
         ad:7c:80:6f:fa:8c:3d:47:86:fa:c3:04:7d:32:3a:90:2b:69:
         4b:cb:9a:f2:71:5f:77:d8:7f:c6:63:54:1e:30:46:81:90:cf:
         21:49:6a:85:5c:a5:f6:92:9f:f4:90:c1:62:96:c3:70:ee:14:
         e8:45:11:ed:c1:bd:88:c0:08:ab:a6:da:36:02:77:89:7b:1c:
         30:fd:f2:89:68:1b:df:17:59:3b:fb:ed:7f:d3:52:e4:80:16:
         7a:9e:04:1e:25:41:81:c1:23:63:c6:fa:c1:6a:f9:fd:1f:f8:
         f1:03:36:ce:6e:f0:de:48:47:4a:c7:6b:ca:e1:28:a5:39:06:
         76:d8:87:06:eb:e0:67:2f:3d:9f:43:0b:07:ff:df:6f:15:b5:
         c0:1d:eb:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oi/56TGsMszILtYWOCOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiY2U5MDcwMDVkYzNlYjA0NzBiYzNkYjQ2OTA4ZGExMDkx
N2I4NGEwHhcNMjUwNjI4MTMwMjUxWhcNMjUwNjI5MTMwMjUxWjAzMTEwLwYDVQQD
EyhkNmFkNDdkOTkxZTk3YTQyNDYzMmM2Y2U0OWRhZGM3MzVhYTYxYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDbPwHTgJYhc1t9bPYHksYY0wFUF
WIXH6Trc6+ea458My7xGDi8EqIclpT2uyPxQ0nkK5fSK0P+a8vhfAn+z6Kc7cBYt
GG4Gp7iuTQ8L8ifdbHfFsB/cXvS/I/pi7brNXzYdwQLLy6jnN5KoBJ6zl+1bHyLn
l36p4G9rTtHZthE5pOPu2yIAz0lL0N4B3FfRe1ZVp81oh2AO+xOs63PQEC53h4Ja
kxX1UxUpjbHpQCqfKMCUxtL6IVtugF97ylg+2HKYwsWhVOOGDI98sackZ840kxNG
kjY/B8UduuBPkIWByKuhWNwH7PR3PZZUEDvQxQaKOPlbSZcHQ9+EuHIlKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNatR9mR6XpCRjLGzkna3HNaphpCMB8GA1UdIwQY
MBaAFAvOkHAF3D6wRwvD20aQjaEJF7hKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAt
ZTM3MTg5OThiMTg0LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAtZTM3MTg5OThiMTg0
LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbbCgJeC6
ypTXBAbo0ocOPfMAwG27iGNyLCOfdkN+uybcXuanVkQhQWACJY7e5Hwv3H0lV204
7l6HY9OuBXyZAw316TFyCojHaykgwmvWlJFtoEoZ/bOmv7j1H4kDvoH0pm7dtu4+
itRl7OeCrXyAb/qMPUeG+sMEfTI6kCtpS8ua8nFfd9h/xmNUHjBGgZDPIUlqhVyl
9pKf9JDBYpbDcO4U6EUR7cG9iMAIq6baNgJ3iXscMP3yiWgb3xdZO/vtf9NS5IAW
ep4EHiVBgcEjY8b6wWr5/R/48QM2zm7w3khHSsdryuEopTkGdtiHBuvgZy89n0ML
B//fbxW1wB3rRQ==
-----END CERTIFICATE-----