Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
File:                     9j_pwTQEHOvaVoufkI4q7zirf3U.mft (raw, json)
Hash identifier:          4l49Xq2TrYrfPWrJ6CReCr9C+JRpxgdD2CHv3t5QKZ8=
Subject key identifier:   E1:71:0F:51:C8:75:08:A8:95:73:3C:4B:E3:C3:A2:BD:92:44:DD:DE
Authority key identifier: F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75
Certificate issuer:       /CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
Certificate serial:       0197B6A1E1653761DF0494C3A86E6FD33923
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
Manifest number:          0C09
Signing time:             Sat 28 Jun 2025 13:02:31 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:31 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:31 +0000
Files and hashes:         1: 9j_pwTQEHOvaVoufkI4q7zirf3U.crl (hash: JeXDFMQT1h8wHawG7FdJ6kDEzIRr921gNA1HTHw843Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:e1:65:37:61:df:04:94:c3:a8:6e:6f:d3:39:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
        Validity
            Not Before: Jun 28 13:02:31 2025 GMT
            Not After : Jun 29 13:02:31 2025 GMT
        Subject: CN=e1710f51c87508a895733c4be3c3a2bd9244ddde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c9:b1:f3:88:86:c5:cc:e0:cd:2f:f9:ea:ff:
                    8c:63:ba:db:c0:9f:2e:00:44:c0:0e:98:53:d4:57:
                    ed:3f:dd:72:f8:32:54:d7:ab:28:71:5c:79:90:24:
                    8b:d8:df:0f:ec:53:61:f4:6b:da:a9:17:d5:a8:80:
                    7c:8e:e8:3e:a8:39:8e:c7:cc:ab:f1:98:44:82:8d:
                    4f:e6:44:f9:a9:ca:fc:70:80:16:99:cc:e4:3b:a3:
                    a8:d5:45:85:fd:5e:41:16:7d:85:fc:bd:91:ef:d7:
                    0a:14:60:f7:00:4f:95:26:bd:11:63:23:15:1e:ed:
                    7e:ff:ea:5e:08:c3:d0:cd:63:88:cd:6d:91:41:c7:
                    6b:9a:3b:a6:a3:c3:d2:eb:ee:51:b0:6d:90:60:8a:
                    6c:e2:46:c1:9f:8b:3a:0c:e1:34:ad:ec:9d:d0:d4:
                    6c:a2:d6:c7:80:36:dc:ea:8d:fc:16:b7:d0:57:4a:
                    1e:7a:5d:4b:c1:b6:6a:0a:2b:83:ca:7a:d6:66:4f:
                    7e:6d:16:90:a1:28:cd:80:b7:ef:34:23:36:d3:3b:
                    e9:d0:5c:c0:38:e6:7d:26:37:04:c4:d6:c6:55:c6:
                    4a:f6:6b:b7:28:b7:44:f8:f0:85:0e:e4:18:0b:b9:
                    39:85:a3:d2:fc:fd:62:c4:85:16:9c:51:04:08:26:
                    3d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:71:0F:51:C8:75:08:A8:95:73:3C:4B:E3:C3:A2:BD:92:44:DD:DE
            X509v3 Authority Key Identifier:
                keyid:F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:d1:90:a8:35:79:2d:3d:28:59:f2:ff:cb:ca:94:ec:f7:95:
         c3:cd:73:20:53:54:5b:ea:2e:8b:78:11:c6:fe:46:ac:e2:1d:
         9a:90:4d:0d:e4:3a:a2:29:ea:2c:f8:f9:2b:cf:e4:02:d3:09:
         a4:43:e5:51:e3:a2:ea:78:24:23:74:f8:63:9f:c4:e8:15:4e:
         17:71:f0:ac:61:a6:e5:9d:51:a2:43:cd:04:9c:3f:0d:65:d5:
         d2:be:46:3e:df:f6:d7:11:28:d7:be:d5:fd:04:8f:7e:16:10:
         f3:88:6d:a5:d6:c9:07:5c:db:29:c7:65:d0:55:c4:77:23:16:
         6e:c0:ef:f4:3a:e1:6c:7d:c1:48:41:de:bc:8d:e2:0f:b2:69:
         51:6e:10:87:e2:45:e0:01:e7:cb:2e:70:d6:a1:9f:15:80:a4:
         7a:ae:be:42:7f:86:82:8c:98:50:81:21:0f:f5:a5:7e:03:80:
         75:b7:5e:a8:07:66:16:9e:04:84:6c:e5:ee:ba:c4:db:1e:c8:
         f8:88:b8:4a:7d:9a:a2:64:34:02:7f:cf:b0:a5:ca:11:22:65:
         79:a7:29:f8:24:8c:5f:78:08:72:69:d9:51:7b:bb:24:f5:16:
         d9:d1:ef:03:b9:57:82:7a:4f:8b:64:6d:de:2a:b5:03:45:f0:
         fc:b7:c8:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oeFlN2HfBJTDqG5v0zkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZlOWMxMzQwNDFjZWJkYTU2OGI5ZjkwOGUyYWVmMzhh
YjdmNzUwHhcNMjUwNjI4MTMwMjMxWhcNMjUwNjI5MTMwMjMxWjAzMTEwLwYDVQQD
EyhlMTcxMGY1MWM4NzUwOGE4OTU3MzNjNGJlM2MzYTJiZDkyNDRkZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcmx84iGxczgzS/56v+MY7rbwJ8u
AETADphT1FftP91y+DJU16socVx5kCSL2N8P7FNh9GvaqRfVqIB8jug+qDmOx8yr
8ZhEgo1P5kT5qcr8cIAWmczkO6Oo1UWF/V5BFn2F/L2R79cKFGD3AE+VJr0RYyMV
Hu1+/+peCMPQzWOIzW2RQcdrmjumo8PS6+5RsG2QYIps4kbBn4s6DOE0reyd0NRs
otbHgDbc6o38FrfQV0oeel1LwbZqCiuDynrWZk9+bRaQoSjNgLfvNCM20zvp0FzA
OOZ9JjcExNbGVcZK9mu3KLdE+PCFDuQYC7k5haPS/P1ixIUWnFEECCY91wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFxD1HIdQiolXM8S+PDor2SRN3eMB8GA1UdIwQY
MBaAFPY/6cE0BBzr2laLn5COKu84q391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYt
NWFlYzc2NmE0OWI0LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYtNWFlYzc2NmE0OWI0
LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXNGQqDV5
LT0oWfL/y8qU7PeVw81zIFNUW+oui3gRxv5GrOIdmpBNDeQ6oinqLPj5K8/kAtMJ
pEPlUeOi6ngkI3T4Y5/E6BVOF3HwrGGm5Z1RokPNBJw/DWXV0r5GPt/21xEo177V
/QSPfhYQ84htpdbJB1zbKcdl0FXEdyMWbsDv9DrhbH3BSEHevI3iD7JpUW4Qh+JF
4AHnyy5w1qGfFYCkeq6+Qn+GgoyYUIEhD/WlfgOAdbdeqAdmFp4EhGzl7rrE2x7I
+Ii4Sn2aomQ0An/PsKXKESJleacp+CSMX3gIcmnZUXu7JPUW2dHvA7lXgnpPi2Rt
3iq1A0Xw/LfI4g==
-----END CERTIFICATE-----