Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
File:                     pU3VdP7HLUOUwlU2uoUyydOPQLo.mft (raw, json)
Hash identifier:          hwOZ8pr5CeZhSA5ZYuIUxrzqZnmIQn/axtAVfPCqejU=
Subject key identifier:   5A:6F:4F:91:C4:F0:57:61:BC:69:5A:EC:E8:BA:3A:8B:1F:92:5C:94
Authority key identifier: A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA
Certificate issuer:       /CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
Certificate serial:       0197B6A190271B7A2384F65247DC15608FBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
Manifest number:          08CA
Signing time:             Sat 28 Jun 2025 13:02:10 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:10 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:10 +0000
Files and hashes:         1: pU3VdP7HLUOUwlU2uoUyydOPQLo.crl (hash: wvApHJFblou0ejiMGR4oRm9S2KAHfWdri/FTMfnJL74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:90:27:1b:7a:23:84:f6:52:47:dc:15:60:8f:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
        Validity
            Not Before: Jun 28 13:02:10 2025 GMT
            Not After : Jun 29 13:02:10 2025 GMT
        Subject: CN=5a6f4f91c4f05761bc695aece8ba3a8b1f925c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:bb:ff:89:34:e2:a0:9c:79:89:3d:fa:9b:90:
                    a6:9e:73:30:de:92:ab:1a:6f:40:8f:97:48:eb:81:
                    4b:6f:54:bc:1c:14:bc:37:3a:d3:34:92:07:af:11:
                    fb:73:70:c1:0c:8a:f9:98:ae:73:b1:1b:94:62:7c:
                    ae:c2:1c:37:da:ca:0c:a7:dd:ba:d9:6c:2c:91:6f:
                    28:48:df:a2:cf:c3:78:0d:f6:bd:38:33:83:fd:b1:
                    20:2e:ca:68:cb:7d:c3:01:a5:e5:32:05:55:2b:36:
                    6c:ba:47:c0:f0:98:10:8a:2a:00:a2:29:43:5b:ac:
                    33:a2:a5:78:16:aa:9c:e5:87:49:1f:64:07:d7:e3:
                    54:5a:78:35:7a:31:7d:f5:fb:2a:56:da:cc:84:53:
                    3e:7d:51:9f:b5:d3:06:09:39:f1:5f:1f:5a:cd:05:
                    96:ce:df:22:3f:71:ca:31:9e:6f:d6:79:a5:ad:06:
                    27:44:37:40:bb:f3:02:9e:b3:dd:e4:b0:7e:bc:f1:
                    3c:d3:4e:e4:97:65:ad:aa:dc:5c:e2:b5:4c:37:89:
                    09:c9:ad:8a:6f:cb:3a:68:b3:a7:5e:4c:4a:b4:7e:
                    07:d2:47:27:a7:cb:c9:b3:63:ca:eb:df:88:4b:ac:
                    d1:0c:12:32:07:ff:3f:54:8d:d8:63:b9:06:22:89:
                    1d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:6F:4F:91:C4:F0:57:61:BC:69:5A:EC:E8:BA:3A:8B:1F:92:5C:94
            X509v3 Authority Key Identifier:
                keyid:A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:25:26:5c:6a:07:7b:f1:2f:07:85:4b:a2:95:ff:3f:0a:3b:
         83:d8:11:61:19:0c:c5:2f:22:d6:57:0d:0d:1a:32:5b:4f:62:
         73:6a:3f:a8:95:61:22:95:0a:e6:7f:b5:a7:34:6b:e3:72:f9:
         49:c0:c0:83:17:d0:5e:56:f8:45:3e:70:54:a8:ae:bd:65:32:
         fc:53:59:3f:57:51:dc:e6:b6:7b:b6:a6:30:c5:78:c5:2d:10:
         83:0e:1a:95:bf:0c:06:6c:03:14:e9:fb:5b:e9:2c:66:c5:0a:
         69:ae:4d:9d:2c:eb:1d:8c:ae:d7:ab:df:36:56:c5:ce:ca:50:
         11:97:32:03:7b:c9:60:aa:02:40:30:a3:fc:ab:e0:4b:e3:d5:
         76:79:0f:5b:b9:4e:7d:bb:12:de:76:df:f6:ac:df:94:0a:ce:
         aa:4c:05:02:6b:31:3c:92:d8:86:76:cd:f9:11:0d:b7:cd:a7:
         19:3e:f9:3b:25:51:fa:69:23:96:50:e0:5a:7d:92:73:d6:52:
         c6:30:ba:49:49:98:9e:a4:a1:a8:21:21:c5:8c:1f:57:9a:fd:
         af:b4:e3:fb:f1:1e:ab:df:c7:63:5a:1b:8a:7a:ef:92:5c:b3:
         01:73:8f:26:02:b0:bf:94:1c:af:d1:0b:bb:a1:30:ae:32:3e:
         11:4b:e1:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZAnG3ojhPZSR9wVYI+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGRkNTc0ZmVjNzJkNDM5NGMyNTUzNmJhODUzMmM5ZDM4
ZjQwYmEwHhcNMjUwNjI4MTMwMjEwWhcNMjUwNjI5MTMwMjEwWjAzMTEwLwYDVQQD
Eyg1YTZmNGY5MWM0ZjA1NzYxYmM2OTVhZWNlOGJhM2E4YjFmOTI1Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7v/iTTioJx5iT36m5CmnnMw3pKr
Gm9Aj5dI64FLb1S8HBS8NzrTNJIHrxH7c3DBDIr5mK5zsRuUYnyuwhw32soMp926
2WwskW8oSN+iz8N4Dfa9ODOD/bEgLspoy33DAaXlMgVVKzZsukfA8JgQiioAoilD
W6wzoqV4Fqqc5YdJH2QH1+NUWng1ejF99fsqVtrMhFM+fVGftdMGCTnxXx9azQWW
zt8iP3HKMZ5v1nmlrQYnRDdAu/MCnrPd5LB+vPE8007kl2Wtqtxc4rVMN4kJya2K
b8s6aLOnXkxKtH4H0kcnp8vJs2PK69+IS6zRDBIyB/8/VI3YY7kGIokdxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpvT5HE8FdhvGla7Oi6OosfklyUMB8GA1UdIwQY
MBaAFKVN1XT+xy1DlMJVNrqFMsnTj0C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQt
MjM3ZjY1YjY0MzI3LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQtMjM3ZjY1YjY0MzI3
LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyUmXGoH
e/EvB4VLopX/Pwo7g9gRYRkMxS8i1lcNDRoyW09ic2o/qJVhIpUK5n+1pzRr43L5
ScDAgxfQXlb4RT5wVKiuvWUy/FNZP1dR3Oa2e7amMMV4xS0Qgw4alb8MBmwDFOn7
W+ksZsUKaa5NnSzrHYyu16vfNlbFzspQEZcyA3vJYKoCQDCj/KvgS+PVdnkPW7lO
fbsS3nbf9qzflArOqkwFAmsxPJLYhnbN+RENt82nGT75OyVR+mkjllDgWn2Sc9ZS
xjC6SUmYnqShqCEhxYwfV5r9r7Tj+/Eeq9/HY1obinrvklyzAXOPJgKwv5Qcr9EL
u6EwrjI+EUvhug==
-----END CERTIFICATE-----