Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          XrC4kf93C5++FqJAAURGQIM7bx7srHQTT8pqMznpuM0=
Subject key identifier:   70:B7:E6:FC:FE:96:57:C4:DC:2F:53:F6:34:9F:35:6E:47:DE:AF:54
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       0197B6A1AE8034975B2437A7212EAE6233BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:02:18 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:18 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:18 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: 02vxzNTgy3YkXwRXzuHIouCRtuPSs7xUtAGDO+qSjvA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:ae:80:34:97:5b:24:37:a7:21:2e:ae:62:33:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Jun 28 13:02:18 2025 GMT
            Not After : Jun 29 13:02:18 2025 GMT
        Subject: CN=70b7e6fcfe9657c4dc2f53f6349f356e47deaf54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b6:ed:d4:ab:16:15:54:31:32:9d:67:c6:a6:
                    9c:e1:a6:ae:e9:8c:ef:e1:29:7c:eb:68:02:bf:7c:
                    7a:9b:17:aa:8f:a0:bf:7a:27:3f:be:7c:d4:0c:b4:
                    06:70:72:b1:02:a4:45:0e:42:ed:57:d2:d6:ef:fe:
                    03:e6:ef:4c:49:40:e9:49:7d:35:68:7c:39:d9:e5:
                    d0:9e:f6:1f:03:20:ec:05:9c:c1:b6:66:40:0e:1c:
                    88:ca:5e:c7:cd:41:c6:5c:1e:f2:7d:50:cd:4c:bc:
                    ea:a3:3c:f1:5d:e9:42:7d:05:91:11:1b:69:31:f2:
                    41:14:68:b5:17:e8:9a:c9:1a:db:d9:a6:c2:f1:0c:
                    1a:6b:b7:e7:61:ad:78:f6:d2:8c:f9:f0:74:2a:2d:
                    5c:70:d8:31:f8:df:fa:b3:6a:e5:92:03:af:d8:7a:
                    f7:fb:0a:3e:69:a0:cc:62:62:18:06:f8:5c:9d:94:
                    a5:f2:e0:5f:b9:81:f2:25:c7:9d:d6:ee:3c:c0:89:
                    ad:41:f8:67:3b:89:69:17:1e:b7:17:46:35:31:03:
                    21:75:a9:e8:2f:23:5d:48:aa:7a:e7:49:f9:4e:7c:
                    0c:b0:0e:1a:b9:76:df:38:60:76:58:6d:70:d0:3e:
                    81:61:ec:6c:d6:3c:ef:2a:b6:6e:7e:b7:7a:fc:b8:
                    c0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:B7:E6:FC:FE:96:57:C4:DC:2F:53:F6:34:9F:35:6E:47:DE:AF:54
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a7:a8:26:70:db:b0:91:1e:3e:c8:19:a9:00:ee:60:e8:a8:
         e2:4e:5f:bc:f9:28:e4:4c:eb:3f:61:c5:f9:4c:b6:d0:bb:a8:
         c0:48:30:8c:16:45:3f:02:eb:81:27:c7:0e:ac:0c:ef:5d:5c:
         80:2f:ec:44:1a:83:c8:5d:93:c0:5d:e5:f9:e4:40:c6:0b:33:
         08:8e:4d:c7:4a:ba:d4:27:3c:27:18:24:50:03:6c:0a:58:2a:
         38:fe:5a:99:8a:c4:9f:ba:a7:3f:1d:10:ef:48:b4:ed:d5:4d:
         a9:fa:e6:11:06:f2:25:31:ae:7a:fa:a8:46:2f:48:fe:79:b5:
         13:aa:0f:05:e6:08:53:fc:1b:10:7c:3f:41:82:f8:a1:0d:fc:
         0b:50:e6:26:cd:09:10:2f:c1:8c:6b:b5:1e:47:51:88:02:d8:
         04:d5:4e:d6:7b:c0:4c:cf:74:82:bf:28:c6:89:b0:41:87:b6:
         f0:45:7b:e3:63:1f:6a:32:76:72:54:e3:4d:37:48:ec:dc:31:
         e1:9c:1a:8c:1c:78:f2:15:bd:cc:62:22:89:37:eb:ff:32:cd:
         69:61:69:48:56:cb:4a:bc:65:c7:46:9b:e7:3f:0b:0e:e6:cd:
         dd:12:83:cc:25:9a:da:b3:8d:78:b8:94:a1:43:bc:44:55:2a:
         f0:6b:7e:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oa6ANJdbJDenIS6uYjO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjUwNjI4MTMwMjE4WhcNMjUwNjI5MTMwMjE4WjAzMTEwLwYDVQQD
Eyg3MGI3ZTZmY2ZlOTY1N2M0ZGMyZjUzZjYzNDlmMzU2ZTQ3ZGVhZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrbt1KsWFVQxMp1nxqac4aau6Yzv
4Sl862gCv3x6mxeqj6C/eic/vnzUDLQGcHKxAqRFDkLtV9LW7/4D5u9MSUDpSX01
aHw52eXQnvYfAyDsBZzBtmZADhyIyl7HzUHGXB7yfVDNTLzqozzxXelCfQWRERtp
MfJBFGi1F+iayRrb2abC8Qwaa7fnYa149tKM+fB0Ki1ccNgx+N/6s2rlkgOv2Hr3
+wo+aaDMYmIYBvhcnZSl8uBfuYHyJced1u48wImtQfhnO4lpFx63F0Y1MQMhdano
LyNdSKp650n5TnwMsA4auXbfOGB2WG1w0D6BYexs1jzvKrZufrd6/LjA/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHC35vz+llfE3C9T9jSfNW5H3q9UMB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6eoJnDb
sJEePsgZqQDuYOio4k5fvPko5EzrP2HF+Uy20LuowEgwjBZFPwLrgSfHDqwM711c
gC/sRBqDyF2TwF3l+eRAxgszCI5Nx0q61Cc8JxgkUANsClgqOP5amYrEn7qnPx0Q
70i07dVNqfrmEQbyJTGuevqoRi9I/nm1E6oPBeYIU/wbEHw/QYL4oQ38C1DmJs0J
EC/BjGu1HkdRiALYBNVO1nvATM90gr8oxomwQYe28EV742MfajJ2clTjTTdI7Nwx
4ZwajBx48hW9zGIiiTfr/zLNaWFpSFbLSrxlx0ab5z8LDubN3RKDzCWa2rONeLiU
oUO8RFUq8Gt+uA==
-----END CERTIFICATE-----