Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          Y/SF1KkAoxxsv7DbZvnFRs5t6j4u6xkuVAcQaGVvqqU=
Subject key identifier:   B8:1D:41:79:EE:83:A6:AF:A0:ED:12:43:4F:7C:70:AE:30:15:74:3A
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0197B6A1A54C5B9FEA7E1CA5A81FA35DE5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:16 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: /orGk0weJp5Z0tXkbCr8EXYd7wn6NWTtR8/XTqklJFg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a5:4c:5b:9f:ea:7e:1c:a5:a8:1f:a3:5d:e5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Jun 28 13:02:16 2025 GMT
            Not After : Jun 29 13:02:16 2025 GMT
        Subject: CN=b81d4179ee83a6afa0ed12434f7c70ae3015743a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ae:5c:0d:f0:8e:b0:86:98:e0:7d:30:dd:9e:
                    60:e7:05:de:ae:dd:65:dc:c4:fe:dc:fa:57:8e:58:
                    80:3d:58:dd:a6:54:b9:70:b2:f7:81:06:34:bc:f0:
                    e0:ea:03:84:02:5c:ca:11:b9:d0:6b:d4:3b:5f:57:
                    b1:ba:ab:32:8d:73:37:1c:02:cb:30:fb:e9:a0:1b:
                    e0:eb:86:7f:12:74:52:ac:8a:a1:cb:5d:ba:69:10:
                    57:06:ff:ca:08:c5:00:2a:88:20:b7:d8:ca:78:48:
                    3b:8f:02:7a:44:86:37:ab:48:92:f3:bb:b7:21:24:
                    3d:0a:28:63:97:a7:ae:19:2b:ed:7f:4f:d6:3f:35:
                    13:40:11:92:50:19:09:cd:2f:28:a5:da:3d:25:c8:
                    fd:48:0b:1e:f1:b4:e9:8d:db:b1:f1:53:eb:49:ee:
                    2c:49:59:94:92:1f:0e:fb:fd:f1:0a:72:64:44:be:
                    48:fc:53:30:ec:68:aa:e6:bf:0e:fb:2f:15:7d:15:
                    d9:15:0a:a8:5f:33:e9:eb:a7:ab:2c:2f:c7:ee:46:
                    78:93:c0:8a:3d:2e:e9:6d:3d:02:21:2b:83:61:9a:
                    18:62:38:34:89:58:1d:d2:42:5a:ed:8f:b5:55:0a:
                    dc:bb:0b:99:ae:25:ca:9a:b7:fe:76:3e:41:fd:8e:
                    55:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:1D:41:79:EE:83:A6:AF:A0:ED:12:43:4F:7C:70:AE:30:15:74:3A
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:8c:28:c9:f4:44:55:50:89:66:30:8c:10:47:90:c3:01:b1:
         f6:4c:9d:19:a2:49:3c:d9:ac:d0:3e:13:79:2d:8a:8f:b6:99:
         29:11:c9:22:a1:19:cf:90:3f:e2:ff:56:57:6a:78:a0:00:04:
         57:27:3a:bb:d4:70:3f:c4:c1:c5:26:ca:9b:c9:1e:b4:2e:86:
         b3:fa:a5:74:66:44:46:8e:91:42:97:13:53:40:89:ba:44:cf:
         23:4d:29:22:69:0a:a0:75:a4:c3:ea:6b:af:ec:ff:ee:06:cd:
         dd:6d:57:d8:5d:f6:fc:76:52:d6:fc:03:3f:ca:9b:55:b1:01:
         ac:82:11:97:c4:f4:6f:a3:3e:cb:10:48:8a:45:46:72:f8:44:
         5d:b6:bb:83:41:de:e9:8e:23:bd:ca:7e:56:68:76:03:bc:ca:
         1b:d3:5e:fd:bd:3b:06:a7:4b:20:75:ba:a8:05:2f:fc:95:a4:
         12:ae:6f:3c:9c:b1:40:cf:67:7f:f7:a9:64:cc:39:8f:0f:34:
         cb:3a:13:9a:94:91:47:6a:ed:98:34:41:b4:95:52:8c:a2:22:
         79:32:a8:02:32:06:75:f0:22:93:68:84:3e:c3:4c:1d:30:ac:
         b2:d6:dc:ca:e8:19:43:8e:80:5b:72:af:a6:e6:d3:e3:1d:0f:
         79:e0:bf:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oaVMW5/qfhylqB+jXeX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwNjI4MTMwMjE2WhcNMjUwNjI5MTMwMjE2WjAzMTEwLwYDVQQD
EyhiODFkNDE3OWVlODNhNmFmYTBlZDEyNDM0ZjdjNzBhZTMwMTU3NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza5cDfCOsIaY4H0w3Z5g5wXert1l
3MT+3PpXjliAPVjdplS5cLL3gQY0vPDg6gOEAlzKEbnQa9Q7X1exuqsyjXM3HALL
MPvpoBvg64Z/EnRSrIqhy126aRBXBv/KCMUAKoggt9jKeEg7jwJ6RIY3q0iS87u3
ISQ9Cihjl6euGSvtf0/WPzUTQBGSUBkJzS8opdo9Jcj9SAse8bTpjdux8VPrSe4s
SVmUkh8O+/3xCnJkRL5I/FMw7Giq5r8O+y8VfRXZFQqoXzPp66erLC/H7kZ4k8CK
PS7pbT0CISuDYZoYYjg0iVgd0kJa7Y+1VQrcuwuZriXKmrf+dj5B/Y5VAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgdQXnug6avoO0SQ098cK4wFXQ6MB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4woyfRE
VVCJZjCMEEeQwwGx9kydGaJJPNms0D4TeS2Kj7aZKRHJIqEZz5A/4v9WV2p4oAAE
Vyc6u9RwP8TBxSbKm8ketC6Gs/qldGZERo6RQpcTU0CJukTPI00pImkKoHWkw+pr
r+z/7gbN3W1X2F32/HZS1vwDP8qbVbEBrIIRl8T0b6M+yxBIikVGcvhEXba7g0He
6Y4jvcp+Vmh2A7zKG9Ne/b07BqdLIHW6qAUv/JWkEq5vPJyxQM9nf/epZMw5jw80
yzoTmpSRR2rtmDRBtJVSjKIieTKoAjIGdfAik2iEPsNMHTCsstbcyugZQ46AW3Kv
pubT4x0PeeC/eA==
-----END CERTIFICATE-----