Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
File:                     mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json)
Hash identifier:          CzgCYISGzjaeYH0i+/HIv2i3lbv2wZ4/Ou67HumDNGo=
Subject key identifier:   60:0D:A1:86:3E:2E:BD:FF:35:58:48:DE:1F:BF:A5:A7:1F:1D:43:5A
Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59
Certificate issuer:       /CN=993150308061dcdac5d8465cf884c67a3bb19159
Certificate serial:       019745F97E2D53A196512E45D8FE73215EC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
Manifest number:          066F
Signing time:             Fri 06 Jun 2025 16:01:08 +0000
Manifest this update:     Fri 06 Jun 2025 16:01:08 +0000
Manifest next update:     Sat 07 Jun 2025 16:01:08 +0000
Files and hashes:         1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: Y84KR4ZN0VioGC+tIF/dSSNa1lzjz34rNBiTOZB4+DU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:f9:7e:2d:53:a1:96:51:2e:45:d8:fe:73:21:5e:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159
        Validity
            Not Before: Jun  6 16:01:08 2025 GMT
            Not After : Jun  7 16:01:08 2025 GMT
        Subject: CN=600da1863e2ebdff355848de1fbfa5a71f1d435a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:60:ce:8d:2f:51:a0:3c:51:2f:22:fe:c0:ed:
                    1c:83:12:44:f7:9c:5a:d2:7c:f5:22:fb:be:c4:ec:
                    1a:d1:74:1c:03:08:23:db:ed:34:78:0a:e7:ec:6e:
                    a3:b4:fb:73:0f:8c:30:17:75:c2:ae:7c:61:d4:e9:
                    33:e6:a2:7f:88:2e:fa:e6:72:77:95:77:8d:1b:02:
                    ad:7e:59:bf:29:1a:44:fe:31:78:7b:f5:17:65:60:
                    ca:10:8c:1b:1f:27:fc:5d:94:8a:73:8d:4e:b8:bd:
                    5b:d7:58:c1:1c:fa:e7:7d:a1:1d:8a:82:85:39:a6:
                    1e:02:86:36:56:8c:9d:56:41:e1:bd:e2:bd:ae:6c:
                    71:40:0c:30:07:9f:97:81:4e:cf:d9:75:94:5b:8a:
                    b6:65:4e:64:3e:b9:ed:37:36:e0:40:ed:5c:42:db:
                    2b:d6:27:6d:08:07:21:98:a7:23:f8:0e:5d:de:ff:
                    c0:53:86:d7:a9:ad:2e:e4:55:97:a1:56:1c:57:c0:
                    d0:2b:81:e3:aa:a9:8e:b8:27:d4:ae:58:06:0d:69:
                    5b:9c:3d:ef:c7:74:92:4b:d9:13:44:3e:5c:28:07:
                    88:c0:7c:cf:1c:99:4e:90:21:97:01:4b:66:1f:2d:
                    32:f9:dd:33:39:1e:f6:71:b7:92:7d:d2:f9:21:66:
                    59:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:0D:A1:86:3E:2E:BD:FF:35:58:48:DE:1F:BF:A5:A7:1F:1D:43:5A
            X509v3 Authority Key Identifier:
                keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:cf:9a:05:38:e6:f4:90:29:bc:ae:fa:61:32:41:f1:86:0e:
         10:bd:af:1b:3f:a0:a4:07:ae:e6:36:9c:66:f9:48:68:84:0e:
         40:e0:15:db:ce:8a:62:b1:54:ea:d7:5d:a4:4c:0d:94:e0:1a:
         ae:74:91:74:32:bc:bb:bb:3f:19:33:05:1d:4c:34:d5:03:30:
         1b:c3:d0:1a:1f:4a:33:63:25:b5:7b:4c:23:f5:b5:18:a7:04:
         29:d6:29:c2:ba:64:30:32:08:68:f6:05:1b:1e:1b:2d:a4:0d:
         50:e1:1d:e5:7f:92:e5:55:f0:1e:06:c2:9a:a6:fa:83:6e:e3:
         64:aa:c6:18:fa:48:fe:c0:da:70:00:cd:31:5a:af:19:e9:1f:
         37:46:bc:5f:ea:cf:8b:d1:ec:69:83:44:d4:94:86:20:25:fb:
         62:74:88:24:26:c8:f1:0b:52:72:89:0a:bb:d5:80:02:cf:cd:
         e1:73:90:f2:29:c7:25:61:cd:0c:35:d1:29:c8:8e:3b:ab:c6:
         8b:37:12:ba:e7:19:92:ff:bd:e1:9f:b8:ea:71:4d:0f:9e:05:
         e2:da:77:c5:de:f9:dc:16:9d:be:f8:83:3d:ba:7c:28:db:ab:
         84:8e:36:0a:79:6a:19:19:aa:01:7c:e0:ca:02:56:37:7a:14:
         e5:1d:11:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+X4tU6GWUS5F2P5zIV7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji
MTkxNTkwHhcNMjUwNjA2MTYwMTA4WhcNMjUwNjA3MTYwMTA4WjAzMTEwLwYDVQQD
Eyg2MDBkYTE4NjNlMmViZGZmMzU1ODQ4ZGUxZmJmYTVhNzFmMWQ0MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWDOjS9RoDxRLyL+wO0cgxJE95xa
0nz1Ivu+xOwa0XQcAwgj2+00eArn7G6jtPtzD4wwF3XCrnxh1Okz5qJ/iC765nJ3
lXeNGwKtflm/KRpE/jF4e/UXZWDKEIwbHyf8XZSKc41OuL1b11jBHPrnfaEdioKF
OaYeAoY2VoydVkHhveK9rmxxQAwwB5+XgU7P2XWUW4q2ZU5kPrntNzbgQO1cQtsr
1idtCAchmKcj+A5d3v/AU4bXqa0u5FWXoVYcV8DQK4HjqqmOuCfUrlgGDWlbnD3v
x3SSS9kTRD5cKAeIwHzPHJlOkCGXAUtmHy0y+d0zOR72cbeSfdL5IWZZ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGANoYY+Lr3/NVhI3h+/pacfHUNaMB8GA1UdIwQY
MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt
NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl
LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYM+aBTjm
9JApvK76YTJB8YYOEL2vGz+gpAeu5jacZvlIaIQOQOAV286KYrFU6tddpEwNlOAa
rnSRdDK8u7s/GTMFHUw01QMwG8PQGh9KM2MltXtMI/W1GKcEKdYpwrpkMDIIaPYF
Gx4bLaQNUOEd5X+S5VXwHgbCmqb6g27jZKrGGPpI/sDacADNMVqvGekfN0a8X+rP
i9HsaYNE1JSGICX7YnSIJCbI8QtScokKu9WAAs/N4XOQ8inHJWHNDDXRKciOO6vG
izcSuucZkv+94Z+46nFND54F4tp3xd753BadvviDPbp8KNurhI42CnlqGRmqAXzg
ygJWN3oU5R0RTg==
-----END CERTIFICATE-----