Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          rUyqxMt/ZpjXvh3nXXH4S3Ajrr+eDXH1Ya87giqYwMo=
Subject key identifier:   86:38:4C:8D:9D:BB:02:F6:D1:5E:DF:FA:79:55:A2:A6:01:98:3B:E2
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       0197B7EA28FAAF8BD7B1FBF4485A1430CB5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0546
Signing time:             Sat 28 Jun 2025 19:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:05 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: 5SJaziOrSecdn1bm3T/2rGGO6r+7CAEBzneDhilDojw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:28:fa:af:8b:d7:b1:fb:f4:48:5a:14:30:cb:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Jun 28 19:01:05 2025 GMT
            Not After : Jun 29 19:01:05 2025 GMT
        Subject: CN=86384c8d9dbb02f6d15edffa7955a2a601983be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d4:ba:9d:43:b6:a4:19:e8:39:71:7d:9e:7a:
                    12:02:ea:d5:c1:37:6c:cc:e5:0f:49:a5:5d:39:65:
                    60:2f:e0:9b:a9:06:b2:c0:8b:4d:65:24:37:93:44:
                    71:28:c3:e3:03:8e:91:58:f9:c2:12:d3:50:fc:20:
                    89:41:93:e9:e1:04:c4:8c:9f:b5:19:c4:0a:cd:22:
                    1f:e1:64:e6:14:03:b3:05:70:2e:47:73:ac:0d:ec:
                    42:30:cb:48:d3:eb:30:2a:ff:ee:9b:3f:18:70:db:
                    61:3a:f3:bc:ac:05:1a:16:9a:7d:b2:03:8b:b2:fe:
                    a7:b5:bc:36:9f:f7:fa:48:f2:a7:b9:eb:46:32:62:
                    31:68:bf:c8:f6:94:bc:44:01:08:43:72:af:68:bf:
                    72:e3:43:f3:17:70:7b:62:cd:1b:6b:60:58:87:04:
                    3e:7c:fb:72:e2:7d:b1:b5:32:8a:df:77:c5:66:7e:
                    d4:db:0a:d0:92:b2:9a:75:3d:a5:ca:75:c8:2d:e5:
                    eb:29:85:2b:f1:3a:0e:73:ca:1c:34:45:c5:16:d5:
                    23:53:fa:49:14:41:cb:85:aa:40:7f:cd:16:e5:c8:
                    68:43:17:cc:b1:46:41:8d:c9:10:c6:7b:6a:fc:0f:
                    35:6c:81:90:55:db:e8:bc:ee:4b:f0:ad:fe:54:0b:
                    0e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:38:4C:8D:9D:BB:02:F6:D1:5E:DF:FA:79:55:A2:A6:01:98:3B:E2
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:4a:26:9b:50:e4:75:43:15:28:66:ff:ed:77:5c:af:32:56:
         78:39:fe:1f:b5:47:bf:25:9d:49:05:a7:77:fa:88:b9:e8:61:
         26:96:18:61:c4:40:a2:f1:35:4b:51:35:25:23:4b:a7:93:40:
         67:1e:9f:ef:40:36:97:09:91:f6:1b:d7:8d:5c:28:3c:9b:be:
         0a:a9:d5:b3:4a:68:62:52:12:3c:17:93:bd:31:f2:b6:0c:41:
         8f:c3:61:43:d7:7b:74:49:ba:fa:27:3b:c4:9a:27:14:dd:23:
         98:94:20:7c:51:59:71:d3:b7:d1:bf:7c:5a:85:e0:1d:f8:41:
         96:b7:95:55:97:61:e1:05:a1:cc:f6:84:90:99:37:6b:30:1a:
         94:7e:f2:43:c1:9a:c4:34:c7:6c:b8:14:64:39:6a:f9:f9:47:
         be:85:34:ac:bd:cc:9f:4c:6f:50:fa:75:a5:16:33:a5:df:bc:
         13:76:1e:d2:0a:ad:ec:b7:bb:7a:2a:6a:9b:1a:75:e6:53:c9:
         a7:ec:d4:97:05:ab:8c:16:a9:5d:c7:0d:51:11:ff:68:dd:58:
         46:c0:1c:8f:3e:c0:a0:e1:10:fe:c8:90:c4:9d:85:e9:6c:d5:
         43:b0:11:3b:ab:ce:37:4b:fb:a4:f8:66:f8:58:dd:07:52:fe:
         15:88:fd:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36ij6r4vXsfv0SFoUMMteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwNjI4MTkwMTA1WhcNMjUwNjI5MTkwMTA1WjAzMTEwLwYDVQQD
Eyg4NjM4NGM4ZDlkYmIwMmY2ZDE1ZWRmZmE3OTU1YTJhNjAxOTgzYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9S6nUO2pBnoOXF9nnoSAurVwTds
zOUPSaVdOWVgL+CbqQaywItNZSQ3k0RxKMPjA46RWPnCEtNQ/CCJQZPp4QTEjJ+1
GcQKzSIf4WTmFAOzBXAuR3OsDexCMMtI0+swKv/umz8YcNthOvO8rAUaFpp9sgOL
sv6ntbw2n/f6SPKnuetGMmIxaL/I9pS8RAEIQ3KvaL9y40PzF3B7Ys0ba2BYhwQ+
fPty4n2xtTKK33fFZn7U2wrQkrKadT2lynXILeXrKYUr8ToOc8ocNEXFFtUjU/pJ
FEHLhapAf80W5choQxfMsUZBjckQxntq/A81bIGQVdvovO5L8K3+VAsOoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIY4TI2duwL20V7f+nlVoqYBmDviMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk0omm1Dk
dUMVKGb/7XdcrzJWeDn+H7VHvyWdSQWnd/qIuehhJpYYYcRAovE1S1E1JSNLp5NA
Zx6f70A2lwmR9hvXjVwoPJu+CqnVs0poYlISPBeTvTHytgxBj8NhQ9d7dEm6+ic7
xJonFN0jmJQgfFFZcdO30b98WoXgHfhBlreVVZdh4QWhzPaEkJk3azAalH7yQ8Ga
xDTHbLgUZDlq+flHvoU0rL3Mn0xvUPp1pRYzpd+8E3Ye0gqt7Le7eipqmxp15lPJ
p+zUlwWrjBapXccNURH/aN1YRsAcjz7AoOEQ/siQxJ2F6WzVQ7ARO6vON0v7pPhm
+FjdB1L+FYj95Q==
-----END CERTIFICATE-----