Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          t13Ywhs50VOWt385BqvP/GigQ5Eteml0l+d5x0bBvcM=
Subject key identifier:   4A:86:AA:6B:41:95:1D:69:A3:F6:3D:15:7C:51:73:5A:1A:05:4B:E0
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       019849D3A3B6D11DBE2189E166D74F440A7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          0170
Signing time:             Sun 27 Jul 2025 03:01:03 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:03 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:03 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: D3wVohRCGryhmUw3xdXsWabrYt1gcPTLwVl+lSvki6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 03:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:a3:b6:d1:1d:be:21:89:e1:66:d7:4f:44:0a:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Jul 27 03:01:03 2025 GMT
            Not After : Jul 28 03:01:03 2025 GMT
        Subject: CN=4a86aa6b41951d69a3f63d157c51735a1a054be0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ea:7d:9b:6e:e4:cd:1c:08:33:a7:c2:27:47:
                    1b:8a:8c:a6:59:62:93:5c:85:df:c5:b4:dc:84:51:
                    f7:c4:9f:a8:14:11:5c:a1:73:73:12:f4:24:fc:2b:
                    b8:88:b7:72:4c:ee:f6:7d:f0:9b:50:4c:f7:80:c0:
                    df:f9:f2:95:48:de:0d:9f:bf:50:45:6f:93:b6:a7:
                    e7:e7:6a:ce:7b:a8:3f:b1:91:e6:2d:e0:a6:9a:f7:
                    b0:58:13:ea:5e:c8:5b:9b:e4:dd:4e:63:04:2f:fb:
                    56:c1:fc:f5:ef:4f:2c:a0:19:f9:2f:92:28:d6:22:
                    da:96:7b:16:a7:0c:d1:39:83:00:01:d8:c8:e1:ec:
                    1a:b7:63:c1:84:0f:0c:50:08:fe:65:54:d3:fc:f9:
                    26:c6:b5:7f:2a:3e:88:64:2c:99:4d:7f:45:c0:6a:
                    50:01:3a:65:2b:d7:1f:d2:9f:e3:38:58:fb:94:a3:
                    03:5f:bb:5d:4b:2a:e9:73:68:48:59:31:ff:a4:ba:
                    a2:ef:77:65:02:0c:f0:23:ce:61:cb:4d:3f:8d:2e:
                    e6:0c:b7:cf:ae:ed:d3:db:6d:d6:c0:51:71:5e:67:
                    32:ac:6d:dc:b3:6c:58:68:bb:21:e7:7b:95:69:ca:
                    08:74:20:15:a5:be:76:8b:7b:ef:fa:ae:c5:34:e3:
                    2d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:86:AA:6B:41:95:1D:69:A3:F6:3D:15:7C:51:73:5A:1A:05:4B:E0
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:5b:38:ab:cc:e1:79:69:62:32:b5:aa:59:8e:10:9b:6e:39:
         9e:67:2f:75:35:ca:44:68:0a:89:32:ca:bf:80:be:d4:e5:82:
         45:bc:dc:76:34:19:bb:f5:d9:80:11:8e:71:39:88:14:e6:c3:
         28:af:96:04:82:81:92:22:a8:f1:c2:65:be:ff:9d:2d:e6:51:
         71:0a:08:f3:bc:29:a4:4f:a5:27:7f:31:f8:e9:66:61:7a:80:
         31:d5:4d:57:0a:bc:9e:f7:f5:8a:78:5d:3b:01:19:03:4b:ec:
         1d:78:4a:af:07:84:66:af:bb:ee:fe:18:b6:c0:c6:f4:59:ff:
         c8:a0:81:35:8c:01:ed:02:3a:d5:a5:ff:28:78:aa:bd:fe:16:
         bc:31:4d:32:09:32:bc:a6:6b:83:38:c0:26:0a:37:65:fe:dc:
         66:f6:f1:ad:74:fb:9d:77:e7:7e:f9:a8:2b:55:5a:71:95:f2:
         42:66:27:4e:e2:e1:ff:f8:ae:d3:0b:25:85:59:bb:68:86:0d:
         29:6d:0d:d9:63:08:72:04:4c:b2:ed:c7:65:83:9d:e1:f8:d0:
         a1:21:05:59:d2:60:45:f8:74:09:5b:eb:6d:03:a6:eb:12:0e:
         a4:05:bc:74:25:3c:21:ee:b7:35:d1:b4:de:af:77:f9:53:5c:
         4b:9a:0b:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ06O20R2+IYnhZtdPRAp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUwNzI3MDMwMTAzWhcNMjUwNzI4MDMwMTAzWjAzMTEwLwYDVQQD
Eyg0YTg2YWE2YjQxOTUxZDY5YTNmNjNkMTU3YzUxNzM1YTFhMDU0YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+p9m27kzRwIM6fCJ0cbioymWWKT
XIXfxbTchFH3xJ+oFBFcoXNzEvQk/Cu4iLdyTO72ffCbUEz3gMDf+fKVSN4Nn79Q
RW+Ttqfn52rOe6g/sZHmLeCmmvewWBPqXshbm+TdTmMEL/tWwfz1708soBn5L5Io
1iLalnsWpwzROYMAAdjI4ewat2PBhA8MUAj+ZVTT/PkmxrV/Kj6IZCyZTX9FwGpQ
ATplK9cf0p/jOFj7lKMDX7tdSyrpc2hIWTH/pLqi73dlAgzwI85hy00/jS7mDLfP
ru3T223WwFFxXmcyrG3cs2xYaLsh53uVacoIdCAVpb52i3vv+q7FNOMt8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqGqmtBlR1po/Y9FXxRc1oaBUvgMB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1s4q8zh
eWliMrWqWY4Qm245nmcvdTXKRGgKiTLKv4C+1OWCRbzcdjQZu/XZgBGOcTmIFObD
KK+WBIKBkiKo8cJlvv+dLeZRcQoI87wppE+lJ38x+OlmYXqAMdVNVwq8nvf1inhd
OwEZA0vsHXhKrweEZq+77v4YtsDG9Fn/yKCBNYwB7QI61aX/KHiqvf4WvDFNMgky
vKZrgzjAJgo3Zf7cZvbxrXT7nXfnfvmoK1VacZXyQmYnTuLh//iu0wslhVm7aIYN
KW0N2WMIcgRMsu3HZYOd4fjQoSEFWdJgRfh0CVvrbQOm6xIOpAW8dCU8Ie63NdG0
3q93+VNcS5oL0w==
-----END CERTIFICATE-----