Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
File:                     MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft (raw, json)
Hash identifier:          SXQlp3XskbxQ6mLN4VAqVN6XTjIedU980WlQwo5faMw=
Subject key identifier:   0A:ED:C8:E8:F8:84:A4:D7:FC:43:73:E3:39:FC:47:F8:EB:C9:1C:C7
Authority key identifier: 30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F
Certificate issuer:       /CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
Certificate serial:       01975235000B895AF43D9A3525D31AEF704F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
Manifest number:          0908
Signing time:             Mon 09 Jun 2025 01:01:34 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:34 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:34 +0000
Files and hashes:         1: MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl (hash: opKpGRiwTzOlAoptSBb0Kb8zOc6jLS9ft0xeyKXcycU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:35:00:0b:89:5a:f4:3d:9a:35:25:d3:1a:ef:70:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
        Validity
            Not Before: Jun  9 01:01:34 2025 GMT
            Not After : Jun 10 01:01:34 2025 GMT
        Subject: CN=0aedc8e8f884a4d7fc4373e339fc47f8ebc91cc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:86:54:99:17:21:b0:54:f8:ea:7d:f8:da:7d:
                    75:51:18:4e:5b:df:62:b7:ad:a0:bb:4f:ad:4f:83:
                    04:05:21:c9:2d:71:ec:4f:0a:7b:ad:c2:0b:80:b0:
                    c5:33:cb:d9:19:26:b6:ad:39:26:2d:c0:7a:78:4e:
                    38:39:46:80:72:32:9e:e9:0e:06:a6:6c:8e:f8:22:
                    e7:93:09:ef:1d:9b:7e:c2:e0:9e:c4:c5:93:00:be:
                    fb:a4:ec:db:fc:a2:66:a3:02:3b:bb:ab:48:23:40:
                    ac:b5:f1:43:a9:06:d7:3b:cb:ad:86:31:da:72:7a:
                    d6:ed:7e:92:2f:72:b9:82:a5:d5:35:15:8c:55:a0:
                    8c:53:67:0f:c9:43:5a:a6:92:15:eb:f7:11:41:c1:
                    84:1f:a0:94:12:20:3b:d6:d0:99:ad:93:f5:14:39:
                    ba:e2:c1:90:1f:98:92:5a:51:97:e3:a3:a2:38:4c:
                    2e:2d:a6:72:61:61:5b:c4:51:35:ec:d1:d2:d8:46:
                    4b:c9:8c:58:18:d6:fb:48:6f:1a:0c:05:06:56:f9:
                    cd:37:a2:a3:90:78:17:24:2b:26:b4:58:f6:f8:e0:
                    91:c1:83:90:e3:54:0f:05:85:17:2b:87:f7:01:38:
                    10:59:10:e2:c9:06:04:6a:1c:16:02:dd:64:99:92:
                    8a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:ED:C8:E8:F8:84:A4:D7:FC:43:73:E3:39:FC:47:F8:EB:C9:1C:C7
            X509v3 Authority Key Identifier:
                keyid:30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:ee:78:e4:7d:dc:3e:ed:c3:67:21:6c:d5:b4:46:25:47:8b:
         c5:8e:d1:78:39:9d:2a:1b:7a:a5:2f:40:c3:03:2e:69:c4:3d:
         09:61:17:dc:0a:c3:57:24:94:77:19:36:f5:8f:60:68:8c:f5:
         4c:11:45:7f:0f:2c:28:e7:9b:ce:b1:d7:37:1f:60:ba:eb:80:
         ee:f8:3d:5f:5d:46:28:15:66:f1:52:fd:73:ef:ab:91:94:d4:
         02:0a:56:fd:17:ab:9a:80:cd:2c:8f:51:a1:31:34:05:5e:7f:
         81:cb:5a:35:47:ca:c0:0c:68:5e:05:d0:e6:3b:63:10:c1:aa:
         2b:00:d6:e5:14:ff:97:e6:9e:12:fb:76:d5:06:ae:d9:cb:a3:
         a8:8f:0e:e8:60:3f:93:f5:0b:31:4e:52:4b:89:b9:e8:80:f9:
         6b:0f:cf:62:88:56:37:66:a8:61:16:db:e3:91:a9:20:fd:fd:
         cf:08:5a:be:84:9e:36:d7:69:cb:b3:e5:5c:44:61:18:21:74:
         83:04:43:60:c2:9f:a6:b5:9a:25:2d:3c:02:87:ff:75:92:1e:
         d1:18:91:b1:73:ed:ae:cf:af:47:1e:4f:b8:07:ef:0b:02:d5:
         26:3e:a6:3a:c4:91:40:f4:19:71:43:8c:b8:81:bb:02:03:a8:
         be:4b:ce:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNQALiVr0PZo1JdMa73BPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI0MmNmNmMxNTI5YWFhMDY5MzM2N2U0NGM4NGEwN2Q4
YjBjOWYwHhcNMjUwNjA5MDEwMTM0WhcNMjUwNjEwMDEwMTM0WjAzMTEwLwYDVQQD
EygwYWVkYzhlOGY4ODRhNGQ3ZmM0MzczZTMzOWZjNDdmOGViYzkxY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24ZUmRchsFT46n342n11URhOW99i
t62gu0+tT4MEBSHJLXHsTwp7rcILgLDFM8vZGSa2rTkmLcB6eE44OUaAcjKe6Q4G
pmyO+CLnkwnvHZt+wuCexMWTAL77pOzb/KJmowI7u6tII0CstfFDqQbXO8uthjHa
cnrW7X6SL3K5gqXVNRWMVaCMU2cPyUNappIV6/cRQcGEH6CUEiA71tCZrZP1FDm6
4sGQH5iSWlGX46OiOEwuLaZyYWFbxFE17NHS2EZLyYxYGNb7SG8aDAUGVvnNN6Kj
kHgXJCsmtFj2+OCRwYOQ41QPBYUXK4f3ATgQWRDiyQYEahwWAt1kmZKKfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArtyOj4hKTX/ENz4zn8R/jryRzHMB8GA1UdIwQY
MBaAFDCiQs9sFSmqoGkzZ+RMhKB9iwyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMt
ZmEyNjc2ZmUzOGZkLzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMtZmEyNjc2ZmUzOGZk
LzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfe545H3c
Pu3DZyFs1bRGJUeLxY7ReDmdKht6pS9AwwMuacQ9CWEX3ArDVySUdxk29Y9gaIz1
TBFFfw8sKOebzrHXNx9guuuA7vg9X11GKBVm8VL9c++rkZTUAgpW/RermoDNLI9R
oTE0BV5/gctaNUfKwAxoXgXQ5jtjEMGqKwDW5RT/l+aeEvt21Qau2cujqI8O6GA/
k/ULMU5SS4m56ID5aw/PYohWN2aoYRbb45GpIP39zwhavoSeNtdpy7PlXERhGCF0
gwRDYMKfprWaJS08Aof/dZIe0RiRsXPtrs+vRx5PuAfvCwLVJj6mOsSRQPQZcUOM
uIG7AgOovkvOrg==
-----END CERTIFICATE-----