Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          d37P3Sz9YFH0d8eP/+8YzfjG53ZVsAd9QWPt8rlOm6s=
Subject key identifier:   44:E7:82:DA:6D:D9:2F:AE:B2:B4:A3:39:96:DE:06:58:98:C9:B0:A4
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       0197B70E7F652911704760EB2DF2E43F5ED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          1541
Signing time:             Sat 28 Jun 2025 15:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:09 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: mcZVBiiWnxnzkBgtx0Zht1OZrGFUJN2h09iN53HeQsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:7f:65:29:11:70:47:60:eb:2d:f2:e4:3f:5e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Jun 28 15:01:09 2025 GMT
            Not After : Jun 29 15:01:09 2025 GMT
        Subject: CN=44e782da6dd92faeb2b4a33996de065898c9b0a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d7:94:c4:34:90:e5:63:5b:1b:cc:ab:7d:0b:
                    d9:8f:cd:86:9a:51:22:60:e0:f4:4f:42:27:45:47:
                    f3:3b:8a:86:cd:e1:8e:91:50:44:b1:6f:5e:82:62:
                    cc:b6:86:cc:bd:f6:56:e1:a7:5b:81:9c:d5:5f:ca:
                    c4:ee:5d:d6:a5:05:fd:7d:fc:0e:ab:5e:f3:dd:43:
                    8d:0e:1c:1c:e1:be:3b:6c:61:9b:69:fe:14:d7:ff:
                    e2:39:5e:cd:40:04:53:43:46:50:97:b1:4b:4d:a4:
                    93:f7:a3:01:01:ba:ba:5e:16:18:22:72:c0:bb:5f:
                    bb:f0:45:c8:f2:08:b1:3d:03:0b:3f:cb:35:84:f1:
                    c6:5f:53:44:c5:f6:37:9a:6a:8e:a5:e5:ca:d6:3a:
                    5b:08:05:d8:46:4a:30:a2:97:59:f9:40:44:44:54:
                    62:56:ff:f3:70:6a:1f:57:15:a3:7b:aa:a8:d7:52:
                    e5:15:10:fa:9f:28:90:89:21:b9:2f:d7:ce:dc:d0:
                    3d:17:2a:27:b8:61:f4:79:b4:59:25:f1:1a:4c:02:
                    05:b8:d6:42:90:9a:be:99:c2:c9:4c:40:fd:95:a3:
                    1b:e5:a8:2a:f4:fc:d8:3e:05:47:20:ee:b4:55:a0:
                    93:2c:d8:17:7d:c0:ce:fa:63:ea:fb:af:f1:fb:8e:
                    c7:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E7:82:DA:6D:D9:2F:AE:B2:B4:A3:39:96:DE:06:58:98:C9:B0:A4
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:f5:11:8c:00:7d:73:6c:36:7f:4b:2c:d5:83:b4:58:a7:ab:
         25:4c:71:b2:12:55:1b:6e:cd:d2:3d:75:63:0e:89:d0:b0:19:
         13:45:3d:a4:28:54:a6:54:d1:57:8c:fe:32:50:0b:c1:60:30:
         62:e2:60:a5:a1:d0:fa:33:b7:dc:31:e6:b5:03:a6:4c:fa:88:
         fb:65:d1:8c:32:17:1f:20:47:fd:78:8a:12:99:ce:b7:56:8b:
         de:cb:86:c1:6e:a0:f5:f0:a7:c0:ad:0b:5e:fe:63:88:3f:c7:
         95:36:8e:17:ad:6d:04:a8:83:5b:37:ed:0e:12:4a:10:ea:2e:
         e5:22:19:d5:e7:91:6a:8d:98:86:d3:98:d1:e2:e1:b9:88:ee:
         86:b9:c2:54:24:8d:b6:7f:76:55:2c:62:16:8f:d9:0e:3d:aa:
         71:ad:b6:ab:d1:35:41:75:ce:e8:02:63:4e:30:70:f6:6e:db:
         24:72:04:fd:4d:75:c5:c3:36:82:31:a6:05:52:06:18:d0:49:
         b2:40:20:56:d0:6f:b2:18:c6:0c:4a:da:2e:ed:37:67:14:b1:
         6d:eb:14:56:da:59:47:b4:45:44:8b:11:9f:1b:87:e4:e6:85:
         b0:41:0a:2f:e5:c3:0c:16:2b:a5:6a:03:9b:78:7b:fc:74:f1:
         04:45:15:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dn9lKRFwR2DrLfLkP17ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjUwNjI4MTUwMTA5WhcNMjUwNjI5MTUwMTA5WjAzMTEwLwYDVQQD
Eyg0NGU3ODJkYTZkZDkyZmFlYjJiNGEzMzk5NmRlMDY1ODk4YzliMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9eUxDSQ5WNbG8yrfQvZj82GmlEi
YOD0T0InRUfzO4qGzeGOkVBEsW9egmLMtobMvfZW4adbgZzVX8rE7l3WpQX9ffwO
q17z3UONDhwc4b47bGGbaf4U1//iOV7NQARTQ0ZQl7FLTaST96MBAbq6XhYYInLA
u1+78EXI8gixPQMLP8s1hPHGX1NExfY3mmqOpeXK1jpbCAXYRkowopdZ+UBERFRi
Vv/zcGofVxWje6qo11LlFRD6nyiQiSG5L9fO3NA9FyonuGH0ebRZJfEaTAIFuNZC
kJq+mcLJTED9laMb5agq9PzYPgVHIO60VaCTLNgXfcDO+mPq+6/x+47H9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETngtpt2S+usrSjOZbeBliYybCkMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbfURjAB9
c2w2f0ss1YO0WKerJUxxshJVG27N0j11Yw6J0LAZE0U9pChUplTRV4z+MlALwWAw
YuJgpaHQ+jO33DHmtQOmTPqI+2XRjDIXHyBH/XiKEpnOt1aL3suGwW6g9fCnwK0L
Xv5jiD/HlTaOF61tBKiDWzftDhJKEOou5SIZ1eeRao2YhtOY0eLhuYjuhrnCVCSN
tn92VSxiFo/ZDj2qca22q9E1QXXO6AJjTjBw9m7bJHIE/U11xcM2gjGmBVIGGNBJ
skAgVtBvshjGDEraLu03ZxSxbesUVtpZR7RFRIsRnxuH5OaFsEEKL+XDDBYrpWoD
m3h7/HTxBEUVmw==
-----END CERTIFICATE-----