Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          /dfs3U1mwXR86Ah8hLeB7q2saQMc4lnW/GdtHwstxxQ=
Subject key identifier:   5A:B5:F4:B1:D9:4F:48:FF:C8:72:23:26:36:97:D2:7A:7D:D4:5A:AA
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       0197C0486F7F00C74A8D5BEDCA0A1D9B7CE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          12D0
Signing time:             Mon 30 Jun 2025 10:01:01 +0000
Manifest this update:     Mon 30 Jun 2025 10:01:01 +0000
Manifest next update:     Tue 01 Jul 2025 10:01:01 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: JgLEos90MPYRVrJAkr+Csv5Bp+F1JTxvQQB11DyNRZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:48:6f:7f:00:c7:4a:8d:5b:ed:ca:0a:1d:9b:7c:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Jun 30 10:01:01 2025 GMT
            Not After : Jul  1 10:01:01 2025 GMT
        Subject: CN=5ab5f4b1d94f48ffc87223263697d27a7dd45aaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:22:40:73:73:57:1a:c9:5d:79:04:bb:e9:63:
                    a2:a6:aa:fe:21:7a:f5:cc:49:7e:62:98:60:a2:08:
                    2a:fe:f7:0d:90:2e:c2:ef:ab:e1:8a:04:81:e5:90:
                    f7:e8:95:9a:47:10:b0:8c:0c:7c:bb:88:8f:42:3c:
                    f9:be:9d:11:23:02:80:7f:ff:eb:73:dc:46:b4:f9:
                    bf:8c:c0:92:51:d9:d1:d6:f0:82:ef:41:da:b1:53:
                    79:ee:19:0a:bf:55:47:11:7c:03:e7:a3:65:99:f3:
                    30:5c:5a:5d:dd:ee:8f:04:bd:ab:a9:31:d1:38:3a:
                    4a:26:7a:b4:4f:0e:3e:e5:9c:08:97:a2:e7:a8:a3:
                    b1:56:66:1e:a8:86:3b:ba:74:cc:a4:e4:78:ff:4d:
                    91:51:95:8b:c5:96:6e:fc:ab:b1:6b:68:74:da:e5:
                    f4:a3:4c:91:8f:92:75:78:5b:30:36:a5:eb:4c:00:
                    fe:d1:8e:2f:48:31:d2:c4:af:8d:dc:de:11:f7:b4:
                    f0:50:63:a5:14:a0:fa:be:f1:3a:30:b0:aa:35:a8:
                    78:da:f4:5a:75:3f:67:4f:ba:b5:30:e6:cd:07:b7:
                    85:b7:8e:2e:cc:db:73:42:8c:c8:16:b0:7d:92:d8:
                    48:14:aa:86:49:4b:09:2f:89:99:bf:8c:23:a5:68:
                    05:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B5:F4:B1:D9:4F:48:FF:C8:72:23:26:36:97:D2:7A:7D:D4:5A:AA
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:6e:8a:7e:ac:9d:32:e5:d1:b3:e2:a3:67:f9:1f:b7:6c:0d:
         af:96:e1:6d:11:62:b7:66:17:b2:16:87:7d:b8:41:58:ad:60:
         6d:92:7f:ed:04:a2:11:08:77:89:1e:4c:f8:2b:46:4e:66:ea:
         b2:4c:b1:76:1c:80:ce:fe:af:a9:83:82:cb:42:12:9b:02:10:
         f3:89:65:b0:ee:9a:75:33:54:0e:fc:e5:8e:19:a2:9b:1b:eb:
         4c:62:4f:88:ef:e7:5d:a2:25:86:26:71:3c:ee:a1:4e:ac:fc:
         8b:22:3a:7d:d2:1d:93:95:6c:55:30:5d:a5:09:b0:98:73:8e:
         37:8e:05:50:6d:4c:d9:50:99:5e:e3:5d:2e:93:5c:3b:d8:8e:
         b6:01:1e:33:fd:f2:5f:f2:6c:22:03:00:0b:28:da:51:47:4b:
         21:d2:e0:ad:04:70:29:01:12:18:d6:11:3c:4c:a8:96:79:94:
         e2:ef:13:d9:3d:89:dd:8f:cc:7a:3c:7b:e6:a6:5c:a1:61:d6:
         28:0c:13:2e:0b:14:14:40:b4:8e:3b:64:c0:96:1a:55:9f:a8:
         2e:8a:f1:e2:3e:c2:f5:e4:6a:51:fb:46:99:e6:42:3f:1e:18:
         ec:d5:0b:03:42:5d:45:6c:db:d2:ba:cc:86:52:d5:9f:c8:a9:
         c5:11:0a:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfASG9/AMdKjVvtygodm3zpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUwNjMwMTAwMTAxWhcNMjUwNzAxMTAwMTAxWjAzMTEwLwYDVQQD
Eyg1YWI1ZjRiMWQ5NGY0OGZmYzg3MjIzMjYzNjk3ZDI3YTdkZDQ1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCJAc3NXGsldeQS76WOipqr+IXr1
zEl+Yphgoggq/vcNkC7C76vhigSB5ZD36JWaRxCwjAx8u4iPQjz5vp0RIwKAf//r
c9xGtPm/jMCSUdnR1vCC70HasVN57hkKv1VHEXwD56NlmfMwXFpd3e6PBL2rqTHR
ODpKJnq0Tw4+5ZwIl6LnqKOxVmYeqIY7unTMpOR4/02RUZWLxZZu/Kuxa2h02uX0
o0yRj5J1eFswNqXrTAD+0Y4vSDHSxK+N3N4R97TwUGOlFKD6vvE6MLCqNah42vRa
dT9nT7q1MObNB7eFt44uzNtzQozIFrB9kthIFKqGSUsJL4mZv4wjpWgFNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq19LHZT0j/yHIjJjaX0np91FqqMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXm6Kfqyd
MuXRs+KjZ/kft2wNr5bhbRFit2YXshaHfbhBWK1gbZJ/7QSiEQh3iR5M+CtGTmbq
skyxdhyAzv6vqYOCy0ISmwIQ84llsO6adTNUDvzljhmimxvrTGJPiO/nXaIlhiZx
PO6hTqz8iyI6fdIdk5VsVTBdpQmwmHOON44FUG1M2VCZXuNdLpNcO9iOtgEeM/3y
X/JsIgMACyjaUUdLIdLgrQRwKQESGNYRPEyolnmU4u8T2T2J3Y/Mejx75qZcoWHW
KAwTLgsUFEC0jjtkwJYaVZ+oLorx4j7C9eRqUftGmeZCPx4Y7NULA0JdRWzb0rrM
hlLVn8ipxREKFw==
-----END CERTIFICATE-----