Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          CTpHxw9NbWs2m9PiQcrNF5cNuiENqcPuN5IS24zwPyc=
Subject key identifier:   BE:9E:02:2E:BE:6A:79:9E:D0:E2:07:D1:6C:34:CE:4A:98:E1:25:46
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       0197B70E702E948EF4B390D72C14DEF7E362
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          0607
Signing time:             Sat 28 Jun 2025 15:01:06 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:06 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:06 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: gYjHMj/ZIEMhAD85JsW85cZV1BaM1ao6ilhxwaduDos=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:70:2e:94:8e:f4:b3:90:d7:2c:14:de:f7:e3:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Jun 28 15:01:06 2025 GMT
            Not After : Jun 29 15:01:06 2025 GMT
        Subject: CN=be9e022ebe6a799ed0e207d16c34ce4a98e12546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:97:a1:6f:1b:94:ea:66:50:97:c8:c1:77:2e:
                    28:6c:f0:bf:54:25:f1:39:34:14:a3:ff:2b:90:b8:
                    8e:90:b9:d9:61:78:45:79:5b:27:0e:57:a8:d4:09:
                    2a:d9:21:0c:e0:71:d6:a2:7e:d1:8a:cf:f9:52:f5:
                    8b:2f:66:1b:9b:bf:34:1e:fe:8a:75:bb:8d:71:f9:
                    06:ff:86:3e:86:39:a6:6e:cb:0b:df:1d:9d:aa:e8:
                    4a:f0:7e:29:15:20:c4:1f:1a:c3:3d:69:0f:94:1f:
                    c8:85:7c:1d:b6:bd:29:0f:4c:f6:56:2b:06:37:7f:
                    48:41:d6:cb:49:67:3b:34:84:f7:85:28:08:88:b2:
                    da:9e:7a:92:f4:e4:09:2f:27:5c:9d:31:23:32:28:
                    a9:e4:09:ae:54:16:4d:4b:3c:95:8d:5c:a8:8c:95:
                    24:1a:54:71:9f:d3:cc:7c:54:f6:2b:b3:4f:94:53:
                    99:aa:61:fc:0b:04:e4:fd:ec:60:d5:14:ac:a2:4f:
                    9e:c0:d8:9f:cb:5e:39:87:ad:b8:ef:33:0b:c3:42:
                    72:75:57:77:b9:6b:31:3f:cd:84:62:99:a9:a2:02:
                    83:1a:cb:43:db:4f:d5:f9:5c:6c:13:e6:8b:6a:22:
                    4b:b8:3a:46:f6:e6:5a:17:1d:c3:d4:50:50:22:b9:
                    7f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:9E:02:2E:BE:6A:79:9E:D0:E2:07:D1:6C:34:CE:4A:98:E1:25:46
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:40:14:68:e6:87:97:c7:9a:44:3d:12:c1:1f:ec:24:b4:9a:
         f3:de:19:8e:b5:26:21:69:97:4b:f8:8c:6c:62:0b:38:42:96:
         b8:19:28:bb:64:ce:a4:65:d8:2b:b3:e4:08:12:f1:c6:1a:db:
         95:6b:82:35:0f:49:fd:54:75:76:fd:91:d2:e5:e2:98:68:36:
         ce:91:0e:d2:24:f7:15:3f:69:b6:9f:9e:8f:24:32:f5:4a:29:
         1e:06:0c:52:75:1a:16:3a:77:0b:2a:60:71:c6:10:3c:65:69:
         3f:19:8c:98:5a:0b:88:fc:bf:df:7e:7b:34:dd:8a:b6:a4:3d:
         1b:5e:c1:8d:4a:28:71:c2:cb:17:77:b5:f1:78:45:48:e7:47:
         14:ce:52:56:18:d4:d7:98:4f:e2:b4:13:67:c8:40:82:61:f4:
         17:5e:20:46:56:f2:b9:d0:d5:b3:ab:c2:58:e8:51:87:d1:7b:
         3e:6f:98:8c:e7:9d:38:88:4d:52:45:7f:0d:62:1f:2a:87:1c:
         c3:2a:5b:8b:5d:3d:42:25:fc:6c:f2:c6:b6:2b:26:07:35:3a:
         58:ef:46:35:6a:13:d2:4a:d6:00:82:3a:9b:e0:a3:bc:a6:a3:
         d7:42:de:c6:4e:fe:a8:8b:86:3e:d5:ae:e1:bf:48:fa:24:31:
         77:a4:6a:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DnAulI70s5DXLBTe9+NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjUwNjI4MTUwMTA2WhcNMjUwNjI5MTUwMTA2WjAzMTEwLwYDVQQD
EyhiZTllMDIyZWJlNmE3OTllZDBlMjA3ZDE2YzM0Y2U0YTk4ZTEyNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5ehbxuU6mZQl8jBdy4obPC/VCXx
OTQUo/8rkLiOkLnZYXhFeVsnDleo1Akq2SEM4HHWon7Ris/5UvWLL2Ybm780Hv6K
dbuNcfkG/4Y+hjmmbssL3x2dquhK8H4pFSDEHxrDPWkPlB/IhXwdtr0pD0z2VisG
N39IQdbLSWc7NIT3hSgIiLLannqS9OQJLydcnTEjMiip5AmuVBZNSzyVjVyojJUk
GlRxn9PMfFT2K7NPlFOZqmH8CwTk/exg1RSsok+ewNify145h6247zMLw0JydVd3
uWsxP82EYpmpogKDGstD20/V+VxsE+aLaiJLuDpG9uZaFx3D1FBQIrl/DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6eAi6+anme0OIH0Ww0zkqY4SVGMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPEAUaOaH
l8eaRD0SwR/sJLSa894ZjrUmIWmXS/iMbGILOEKWuBkou2TOpGXYK7PkCBLxxhrb
lWuCNQ9J/VR1dv2R0uXimGg2zpEO0iT3FT9ptp+ejyQy9UopHgYMUnUaFjp3Cypg
ccYQPGVpPxmMmFoLiPy/3357NN2KtqQ9G17BjUooccLLF3e18XhFSOdHFM5SVhjU
15hP4rQTZ8hAgmH0F14gRlbyudDVs6vCWOhRh9F7Pm+YjOedOIhNUkV/DWIfKocc
wypbi109QiX8bPLGtismBzU6WO9GNWoT0krWAII6m+CjvKaj10Lexk7+qIuGPtWu
4b9I+iQxd6RqLw==
-----END CERTIFICATE-----