Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          02mjzcwA2pqRxVgII4S4ugHN/IWMWTi9wo/2KB0mqwE=
Subject key identifier:   AE:74:FF:51:75:F6:19:FF:D1:21:67:9A:A3:B9:0A:EF:D4:E9:BC:B5
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       0197B8FD7E251D7F06256906D49D58062B42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          0125
Signing time:             Sun 29 Jun 2025 00:01:50 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:50 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:50 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: xXtB0KhsclcWsdmnb+niqeL55EY1pYlDN3mH2gSUY50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fd:7e:25:1d:7f:06:25:69:06:d4:9d:58:06:2b:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Jun 29 00:01:50 2025 GMT
            Not After : Jun 30 00:01:50 2025 GMT
        Subject: CN=ae74ff5175f619ffd121679aa3b90aefd4e9bcb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8f:fd:ec:ed:7d:23:0f:31:ad:8d:f8:87:c8:
                    3c:0b:ef:b1:ac:6a:e9:23:58:95:78:e6:92:0e:c8:
                    8e:7c:fa:32:5c:c1:2b:1a:36:59:fd:4b:bc:b0:57:
                    df:f3:d9:fe:4e:4d:7f:62:db:3b:db:db:7b:d4:83:
                    55:36:ec:33:fa:f3:63:ab:18:b9:3a:7f:f1:65:f2:
                    e8:2a:b5:96:a2:3c:fc:26:ad:b9:46:ff:5b:34:dd:
                    7b:7e:5a:93:fd:3a:0a:66:02:45:11:5f:9b:5b:4c:
                    ca:c3:98:06:ca:3d:c8:e0:a6:5d:e9:68:cc:29:75:
                    d9:d3:92:c1:14:80:65:b9:49:02:0a:af:36:b8:00:
                    1a:05:13:bd:05:19:20:fc:d2:b0:28:9f:02:02:bf:
                    e6:ba:ed:6f:ef:c6:26:fa:04:bd:9e:20:b7:fc:7b:
                    01:b3:5b:07:db:1b:95:4d:bd:db:e1:99:9a:fd:51:
                    13:34:50:7b:24:bb:6c:2b:6d:80:00:3d:2d:96:14:
                    e4:7f:c2:85:76:1b:66:91:ac:0d:f4:c2:45:3e:53:
                    08:06:99:2a:0e:af:03:66:1b:cf:73:9b:a4:e4:35:
                    53:e6:13:c9:19:c0:d3:b2:30:3d:7a:66:04:c6:a6:
                    bb:44:e2:14:57:aa:48:33:a0:4f:64:bd:ae:12:0a:
                    5b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:74:FF:51:75:F6:19:FF:D1:21:67:9A:A3:B9:0A:EF:D4:E9:BC:B5
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:b5:cf:d9:b1:ba:06:41:0d:12:40:50:94:89:19:ff:73:2e:
         b7:c6:1b:58:77:0a:3f:07:5e:6c:d8:57:9b:09:88:01:a8:94:
         27:48:3a:24:b4:1c:ad:ed:99:53:98:54:38:f0:de:fc:1a:3b:
         60:ca:62:d9:10:c0:17:99:84:eb:b3:09:13:96:28:97:3b:b3:
         28:cd:a0:9a:74:fc:ff:f6:c4:36:95:d0:18:23:c9:02:10:45:
         7f:c7:74:ca:8b:77:05:cc:ce:c9:8e:e8:fa:ef:1d:9c:19:06:
         5a:64:b2:b1:a6:74:ea:89:c8:05:18:20:81:c3:70:a6:06:52:
         40:f2:f0:91:4e:ba:a0:35:b0:ae:85:43:93:19:52:18:e4:e0:
         3c:ef:9a:93:fd:a5:a4:53:ae:35:25:aa:b1:88:2d:98:13:f9:
         17:27:59:8c:fb:1c:cc:da:1b:e2:ae:65:c9:cb:69:6c:dd:37:
         21:e7:eb:38:a8:d8:a6:3f:ae:18:fd:2e:3c:8c:a3:e4:56:04:
         6a:86:3a:f5:5c:b4:7c:a3:d8:50:55:5d:7c:83:d2:2f:42:1e:
         a6:04:0a:c9:84:66:18:8c:33:fa:3c:f2:2a:ed:54:37:a1:92:
         b3:ed:7e:77:9c:75:c8:06:78:5f:7b:d2:b9:10:1c:58:40:37:
         30:be:1f:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/X4lHX8GJWkG1J1YBitCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUwNjI5MDAwMTUwWhcNMjUwNjMwMDAwMTUwWjAzMTEwLwYDVQQD
EyhhZTc0ZmY1MTc1ZjYxOWZmZDEyMTY3OWFhM2I5MGFlZmQ0ZTliY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY/97O19Iw8xrY34h8g8C++xrGrp
I1iVeOaSDsiOfPoyXMErGjZZ/Uu8sFff89n+Tk1/Yts729t71INVNuwz+vNjqxi5
On/xZfLoKrWWojz8Jq25Rv9bNN17flqT/ToKZgJFEV+bW0zKw5gGyj3I4KZd6WjM
KXXZ05LBFIBluUkCCq82uAAaBRO9BRkg/NKwKJ8CAr/muu1v78Ym+gS9niC3/HsB
s1sH2xuVTb3b4Zma/VETNFB7JLtsK22AAD0tlhTkf8KFdhtmkawN9MJFPlMIBpkq
Dq8DZhvPc5uk5DVT5hPJGcDTsjA9emYExqa7ROIUV6pIM6BPZL2uEgpbEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK50/1F19hn/0SFnmqO5Cu/U6by1MB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqrXP2bG6
BkENEkBQlIkZ/3Mut8YbWHcKPwdebNhXmwmIAaiUJ0g6JLQcre2ZU5hUOPDe/Bo7
YMpi2RDAF5mE67MJE5YolzuzKM2gmnT8//bENpXQGCPJAhBFf8d0yot3BczOyY7o
+u8dnBkGWmSysaZ06onIBRgggcNwpgZSQPLwkU66oDWwroVDkxlSGOTgPO+ak/2l
pFOuNSWqsYgtmBP5FydZjPsczNob4q5lyctpbN03IefrOKjYpj+uGP0uPIyj5FYE
aoY69Vy0fKPYUFVdfIPSL0IepgQKyYRmGIwz+jzyKu1UN6GSs+1+d5x1yAZ4X3vS
uRAcWEA3ML4f7Q==
-----END CERTIFICATE-----