Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          YqZAJGral/2TvooN97UXG41j5vgVZBJ+ohFzbjL7hy0=
Subject key identifier:   24:04:46:AB:9C:E9:B8:4E:47:CD:87:D2:17:DD:B3:72:FD:9B:A1:01
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       0197B6A16A7268661AA23EDF34A49481D646
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0D4D
Signing time:             Sat 28 Jun 2025 13:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:01 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: wmZNyPbcDkvWJA1mWvFtCVVm6Si1jFdumbnknpWc5Q0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:6a:72:68:66:1a:a2:3e:df:34:a4:94:81:d6:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Jun 28 13:02:01 2025 GMT
            Not After : Jun 29 13:02:01 2025 GMT
        Subject: CN=240446ab9ce9b84e47cd87d217ddb372fd9ba101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6f:fa:36:09:e1:94:a2:21:9d:bc:6a:f8:ac:
                    9c:0f:78:ce:e8:ba:b8:c7:aa:63:1e:e3:c9:a2:cc:
                    b1:01:4d:01:4b:96:a9:3a:1f:e9:00:01:5b:64:66:
                    10:f1:97:a0:fb:fb:9d:22:f3:1d:33:b9:79:1c:cf:
                    f6:9b:3f:b3:58:34:15:2e:72:60:7f:7d:88:78:e4:
                    0b:96:b9:60:0f:87:78:ee:a4:e9:f8:9b:74:8f:ea:
                    49:dd:59:75:ff:1c:ad:12:e6:d9:24:0d:66:93:57:
                    65:f5:82:85:d5:75:44:ce:07:22:90:f5:6f:f2:73:
                    7e:83:42:6e:ca:d7:f7:4b:28:55:4f:ab:1c:e5:00:
                    a9:88:78:0c:01:92:a2:e4:2a:66:aa:b9:a0:8d:ed:
                    7c:41:0a:bf:24:62:b9:52:fb:09:68:0b:f8:10:09:
                    93:ac:ce:40:3d:aa:83:39:41:58:ba:4d:45:02:8a:
                    ce:69:59:d3:f6:52:fb:70:8d:bc:0a:b5:d1:3e:80:
                    32:b6:4f:ce:5d:aa:5c:0e:a0:30:8e:95:5d:f5:9e:
                    e5:5f:8e:ec:b3:14:4b:ef:e2:76:e3:ed:48:16:bf:
                    fe:93:59:4a:f6:41:53:02:d0:38:76:5e:ef:07:a6:
                    b0:5b:73:48:31:d3:6f:4c:14:76:b0:cc:2d:a6:a4:
                    d3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:04:46:AB:9C:E9:B8:4E:47:CD:87:D2:17:DD:B3:72:FD:9B:A1:01
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:a0:f8:f5:3c:92:4d:b2:17:0c:0e:a9:49:1b:a1:bf:b4:1a:
         ba:94:5f:34:d0:79:f4:02:b9:20:ba:bc:9c:ac:9e:3f:45:7d:
         36:3e:1e:70:f8:54:ab:eb:ad:d4:18:d7:13:09:19:93:dd:2c:
         a6:81:f9:81:1e:dd:39:f8:8d:e6:4e:49:9b:61:a9:ba:63:46:
         d5:20:be:a3:64:82:f6:e5:08:de:a6:31:93:5e:f6:40:7d:4e:
         f4:10:57:98:41:5d:67:e2:0c:14:05:b6:00:ba:5a:b9:9c:4c:
         62:dd:f7:b5:8f:b8:98:6e:fa:cd:b4:bf:c6:e8:b3:cd:cb:c6:
         f5:70:8c:c5:0c:fb:22:a8:2a:1b:2e:9d:b2:4d:f8:c2:ee:01:
         7a:2f:64:63:32:14:ac:60:b3:bf:46:a1:f4:96:df:36:76:cf:
         8d:cb:45:ea:cf:5a:cd:59:f4:b9:5f:e7:db:38:0a:65:1a:93:
         7f:a4:c0:c7:82:74:1d:ac:87:a4:b7:88:d1:65:9e:31:9b:10:
         f0:b6:26:69:a2:07:ea:b6:5b:3a:56:8f:dd:35:3c:0d:cf:7f:
         ab:61:8a:c1:c9:fa:fc:8a:90:88:56:02:cf:b7:41:7f:5a:0d:
         1a:72:97:c9:a2:1e:a7:61:10:71:47:86:d1:fa:91:b4:fc:42:
         3e:63:4b:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oWpyaGYaoj7fNKSUgdZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUwNjI4MTMwMjAxWhcNMjUwNjI5MTMwMjAxWjAzMTEwLwYDVQQD
EygyNDA0NDZhYjljZTliODRlNDdjZDg3ZDIxN2RkYjM3MmZkOWJhMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm/6NgnhlKIhnbxq+KycD3jO6Lq4
x6pjHuPJosyxAU0BS5apOh/pAAFbZGYQ8Zeg+/udIvMdM7l5HM/2mz+zWDQVLnJg
f32IeOQLlrlgD4d47qTp+Jt0j+pJ3Vl1/xytEubZJA1mk1dl9YKF1XVEzgcikPVv
8nN+g0Juytf3SyhVT6sc5QCpiHgMAZKi5Cpmqrmgje18QQq/JGK5UvsJaAv4EAmT
rM5APaqDOUFYuk1FAorOaVnT9lL7cI28CrXRPoAytk/OXapcDqAwjpVd9Z7lX47s
sxRL7+J24+1IFr/+k1lK9kFTAtA4dl7vB6awW3NIMdNvTBR2sMwtpqTTtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQERquc6bhOR82H0hfds3L9m6EBMB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl6D49TyS
TbIXDA6pSRuhv7QaupRfNNB59AK5ILq8nKyeP0V9Nj4ecPhUq+ut1BjXEwkZk90s
poH5gR7dOfiN5k5Jm2GpumNG1SC+o2SC9uUI3qYxk172QH1O9BBXmEFdZ+IMFAW2
ALpauZxMYt33tY+4mG76zbS/xuizzcvG9XCMxQz7IqgqGy6dsk34wu4Bei9kYzIU
rGCzv0ah9JbfNnbPjctF6s9azVn0uV/n2zgKZRqTf6TAx4J0HayHpLeI0WWeMZsQ
8LYmaaIH6rZbOlaP3TU8Dc9/q2GKwcn6/IqQiFYCz7dBf1oNGnKXyaIep2EQcUeG
0fqRtPxCPmNLaA==
-----END CERTIFICATE-----