Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
File:                     RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft (raw, json)
Hash identifier:          e1Gv8IoWA26u6hLkc51KMVnqsJ/hc2qgkDxWUpIMIf8=
Subject key identifier:   F4:28:35:3C:4A:A3:6F:E4:62:FF:C9:7C:36:2B:FC:9B:19:E6:10:8B
Authority key identifier: 46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4
Certificate issuer:       /CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
Certificate serial:       01976094759ECABEA004C6031799D7725785
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
Manifest number:          06CF
Signing time:             Wed 11 Jun 2025 20:00:31 +0000
Manifest this update:     Wed 11 Jun 2025 20:00:31 +0000
Manifest next update:     Thu 12 Jun 2025 20:00:31 +0000
Files and hashes:         1: RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl (hash: RxPNWQ6XMz3z+uPvDOc1ftLMd5wpFoRV1+q99nxh0aY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 20:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:94:75:9e:ca:be:a0:04:c6:03:17:99:d7:72:57:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
        Validity
            Not Before: Jun 11 20:00:31 2025 GMT
            Not After : Jun 12 20:00:31 2025 GMT
        Subject: CN=f428353c4aa36fe462ffc97c362bfc9b19e6108b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d8:91:f4:90:0e:ce:11:2c:94:5f:cd:7b:e8:
                    73:54:c7:de:35:d0:e6:dc:98:f4:8e:02:60:f0:13:
                    8e:74:82:39:32:0a:99:81:b2:15:13:13:af:a1:af:
                    01:69:b0:bd:af:35:64:c0:9c:16:c5:17:4a:4c:20:
                    e9:dd:94:2f:d0:d8:17:d1:19:91:de:69:b0:14:d6:
                    50:9c:81:09:36:e2:c0:2e:6f:fa:d6:8d:0a:fc:c3:
                    64:3f:48:3d:b2:f6:29:17:5f:05:6f:04:67:9c:18:
                    2c:d5:53:85:11:56:d4:95:38:32:05:83:9e:60:54:
                    04:0a:10:78:ad:ee:32:04:0d:e0:41:39:93:c9:4c:
                    17:af:5d:3e:1c:7f:3b:22:4c:7b:d7:7e:26:79:b9:
                    6b:54:35:3d:f6:50:9b:0c:32:fb:6c:91:87:2f:3a:
                    2a:c2:8e:ab:c0:50:10:a1:53:66:75:7a:0c:e8:d1:
                    3f:60:14:a7:de:65:24:ce:1c:8f:36:2d:e6:dd:78:
                    c0:83:d9:2c:e7:1e:5b:f3:41:11:4c:89:c4:37:9a:
                    a7:0b:c2:fd:9b:25:17:fe:5c:e1:f9:9e:43:63:6a:
                    32:09:6a:b7:91:b5:83:e4:f9:27:ba:fa:ef:df:f8:
                    a6:20:32:55:e1:03:67:a2:35:e5:48:0c:fe:b0:44:
                    23:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:28:35:3C:4A:A3:6F:E4:62:FF:C9:7C:36:2B:FC:9B:19:E6:10:8B
            X509v3 Authority Key Identifier:
                keyid:46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:4d:e7:2d:b9:a3:d8:d1:94:52:22:81:28:b2:05:31:19:f3:
         63:2d:7b:87:c6:3e:08:73:34:24:e0:22:13:e6:e4:e0:45:63:
         17:90:cf:a8:1d:ce:92:2a:40:1e:7a:4f:bd:d7:03:03:aa:b6:
         a1:e1:a9:d1:d4:31:d5:b3:ab:ee:8d:af:62:d4:b0:4a:9b:e1:
         6e:55:0f:15:68:c4:f0:6f:9c:7f:78:55:e5:17:4d:74:a2:4c:
         fe:c5:90:b7:6e:19:3d:19:f6:fc:ef:63:b7:a0:df:0b:4b:9f:
         b2:ef:e2:e4:bd:47:82:23:98:5d:c3:e6:95:f3:e5:83:a0:b4:
         76:52:0d:bd:fa:0d:4a:09:c8:01:e5:db:34:9f:9d:92:30:51:
         db:0a:c8:13:d5:f0:0c:17:4f:b9:83:0a:74:4f:bf:70:5b:a4:
         ba:cf:84:e2:fa:11:ce:1c:e4:c0:f3:2e:0b:3d:6f:9f:88:21:
         60:82:f0:02:3e:2e:90:10:8d:b5:f3:5a:bc:14:9b:50:dd:88:
         7d:55:cd:c9:43:35:a8:aa:ca:12:1b:fd:7f:ac:06:ef:c1:5e:
         b8:4a:8e:b0:52:36:87:79:4b:84:d3:15:8d:1d:c1:fd:2d:bc:
         71:ed:83:67:58:10:2c:6f:78:dd:64:e8:3a:7b:79:f8:66:17:
         93:46:ad:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdglHWeyr6gBMYDF5nXcleFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTRmM2U2OTI3ZWM0YzdjOTdkMGYyMzZhOGMyNDUzNGE3
ZmNkZDQwHhcNMjUwNjExMjAwMDMxWhcNMjUwNjEyMjAwMDMxWjAzMTEwLwYDVQQD
EyhmNDI4MzUzYzRhYTM2ZmU0NjJmZmM5N2MzNjJiZmM5YjE5ZTYxMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9iR9JAOzhEslF/Ne+hzVMfeNdDm
3Jj0jgJg8BOOdII5MgqZgbIVExOvoa8BabC9rzVkwJwWxRdKTCDp3ZQv0NgX0RmR
3mmwFNZQnIEJNuLALm/61o0K/MNkP0g9svYpF18FbwRnnBgs1VOFEVbUlTgyBYOe
YFQEChB4re4yBA3gQTmTyUwXr10+HH87Ikx7134meblrVDU99lCbDDL7bJGHLzoq
wo6rwFAQoVNmdXoM6NE/YBSn3mUkzhyPNi3m3XjAg9ks5x5b80ERTInEN5qnC8L9
myUX/lzh+Z5DY2oyCWq3kbWD5Pknuvrv3/imIDJV4QNnojXlSAz+sEQjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQoNTxKo2/kYv/JfDYr/JsZ5hCLMB8GA1UdIwQY
MBaAFEZU8+aSfsTHyX0PI2qMJFNKf83UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEt
YjgwNTA2MjJhYTk2LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEtYjgwNTA2MjJhYTk2
LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMk3nLbmj
2NGUUiKBKLIFMRnzYy17h8Y+CHM0JOAiE+bk4EVjF5DPqB3OkipAHnpPvdcDA6q2
oeGp0dQx1bOr7o2vYtSwSpvhblUPFWjE8G+cf3hV5RdNdKJM/sWQt24ZPRn2/O9j
t6DfC0ufsu/i5L1HgiOYXcPmlfPlg6C0dlINvfoNSgnIAeXbNJ+dkjBR2wrIE9Xw
DBdPuYMKdE+/cFukus+E4voRzhzkwPMuCz1vn4ghYILwAj4ukBCNtfNavBSbUN2I
fVXNyUM1qKrKEhv9f6wG78FeuEqOsFI2h3lLhNMVjR3B/S28ce2DZ1gQLG943WTo
Ont5+GYXk0ataQ==
-----END CERTIFICATE-----