Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          r1RZO/sFxti10qM7SCgn7LIkr6Tc+I4xt8ajoCKWOaA=
Subject key identifier:   DE:F9:01:E3:78:BD:33:DD:0C:6C:A4:85:C1:7F:E4:46:5C:0D:4A:FA
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       0197B77C4F398F739B8E8BFF3D094A00A44D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          1467
Signing time:             Sat 28 Jun 2025 17:01:06 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:06 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:06 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: GbKfANqZqdD5bLqppBF8d8tr12QYL4+De8x29gMUh10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:4f:39:8f:73:9b:8e:8b:ff:3d:09:4a:00:a4:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: Jun 28 17:01:06 2025 GMT
            Not After : Jun 29 17:01:06 2025 GMT
        Subject: CN=def901e378bd33dd0c6ca485c17fe4465c0d4afa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f3:1a:b0:52:7b:1b:bc:58:b6:c7:cf:7f:93:
                    d1:dc:1a:57:54:7a:8a:f5:9b:b3:69:51:29:80:df:
                    10:f4:0f:62:90:f1:eb:38:7f:2b:86:87:99:56:70:
                    e3:a2:ae:bc:1b:82:12:26:11:d0:55:10:52:89:74:
                    72:40:31:24:99:a8:a4:19:39:9a:cf:bf:25:f7:a4:
                    96:ab:b7:7e:81:50:43:43:a2:b9:c2:e9:e6:87:1d:
                    16:24:6f:ba:bd:04:0a:bb:9c:47:e0:9f:80:49:32:
                    5b:54:66:f2:7a:34:ce:7d:e8:61:82:78:6f:b7:70:
                    74:b8:98:e5:22:28:40:39:db:41:7d:1c:f5:a0:6f:
                    09:91:ea:7f:c3:8d:0b:dd:3b:8a:d0:bb:c3:7f:df:
                    76:af:63:73:04:5e:1f:c4:85:e9:0d:91:eb:43:ee:
                    ff:df:c3:12:bc:82:f2:03:01:cf:84:b8:d3:03:eb:
                    b8:ad:46:9d:67:76:c5:1c:32:8f:c8:42:45:8d:79:
                    7d:bc:07:f9:06:14:e8:22:28:5a:57:40:1c:de:ef:
                    26:ca:d3:de:8a:eb:82:cb:dc:2c:4d:2a:bc:c7:36:
                    88:42:5e:8e:8d:0d:84:3b:fb:bd:fc:2d:a5:14:72:
                    c6:8d:30:bb:06:f5:d8:ca:31:be:32:7f:22:5a:7b:
                    a0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:F9:01:E3:78:BD:33:DD:0C:6C:A4:85:C1:7F:E4:46:5C:0D:4A:FA
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:33:30:57:b5:5f:83:d2:70:1e:45:2e:1f:c6:c1:3d:8b:fc:
         2f:53:24:65:50:b2:34:a3:c1:7c:9c:30:bd:71:c6:27:c9:4b:
         79:ec:b2:25:a1:ac:ba:3b:b9:16:90:51:91:4d:7f:67:6e:f7:
         6d:5e:c9:3a:00:07:95:7d:43:15:fb:4d:59:92:93:1d:7c:d3:
         c2:0a:03:0c:8f:10:07:55:04:aa:f1:d7:e4:18:87:fb:96:f8:
         f4:fa:f7:69:63:1b:6b:7a:45:4f:5d:d7:c9:17:54:fe:42:14:
         db:55:0c:b0:b2:71:04:d0:5d:6d:96:0a:23:ad:12:d8:22:c8:
         29:91:82:c1:2e:0b:f8:b7:d0:1b:f0:2c:1e:58:b2:2f:d2:49:
         d2:27:0e:ae:ff:49:bd:2c:b4:7d:5f:8f:f7:fd:2a:26:a5:dd:
         53:a1:88:35:7d:cf:51:1d:21:2b:6c:cf:56:5e:b5:71:72:c5:
         04:a7:6f:39:98:9a:67:2d:55:d9:ac:da:1b:99:03:44:36:cc:
         b6:82:13:ca:9a:10:64:41:4c:c5:8b:83:46:4a:27:30:21:b3:
         cb:65:e2:07:0b:78:fb:45:cc:0c:c0:92:a4:a2:d2:06:20:e5:
         39:c8:a1:a2:e6:dc:34:a0:51:49:58:88:96:ff:84:5c:0a:fc:
         d3:8b:a8:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fE85j3Objov/PQlKAKRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjUwNjI4MTcwMTA2WhcNMjUwNjI5MTcwMTA2WjAzMTEwLwYDVQQD
EyhkZWY5MDFlMzc4YmQzM2RkMGM2Y2E0ODVjMTdmZTQ0NjVjMGQ0YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PMasFJ7G7xYtsfPf5PR3BpXVHqK
9ZuzaVEpgN8Q9A9ikPHrOH8rhoeZVnDjoq68G4ISJhHQVRBSiXRyQDEkmaikGTma
z78l96SWq7d+gVBDQ6K5wunmhx0WJG+6vQQKu5xH4J+ASTJbVGbyejTOfehhgnhv
t3B0uJjlIihAOdtBfRz1oG8Jkep/w40L3TuK0LvDf992r2NzBF4fxIXpDZHrQ+7/
38MSvILyAwHPhLjTA+u4rUadZ3bFHDKPyEJFjXl9vAf5BhToIihaV0Ac3u8mytPe
iuuCy9wsTSq8xzaIQl6OjQ2EO/u9/C2lFHLGjTC7BvXYyjG+Mn8iWnug+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN75AeN4vTPdDGykhcF/5EZcDUr6MB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljMwV7Vf
g9JwHkUuH8bBPYv8L1MkZVCyNKPBfJwwvXHGJ8lLeeyyJaGsuju5FpBRkU1/Z273
bV7JOgAHlX1DFftNWZKTHXzTwgoDDI8QB1UEqvHX5BiH+5b49Pr3aWMba3pFT13X
yRdU/kIU21UMsLJxBNBdbZYKI60S2CLIKZGCwS4L+LfQG/AsHliyL9JJ0icOrv9J
vSy0fV+P9/0qJqXdU6GINX3PUR0hK2zPVl61cXLFBKdvOZiaZy1V2azaG5kDRDbM
toITypoQZEFMxYuDRkonMCGzy2XiBwt4+0XMDMCSpKLSBiDlOcihoubcNKBRSViI
lv+EXAr804uo8Q==
-----END CERTIFICATE-----