Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          0JtJaNotPcg9ONMq4O29zQn8v6DrtDryePeIlru98QM=
Subject key identifier:   34:AA:DB:94:0C:04:2D:D6:58:CE:21:53:E1:3E:99:07:E0:07:A8:2C
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       01974A7B6D280548A5C832A93AE80484F9A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0A9A
Signing time:             Sat 07 Jun 2025 13:01:32 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:32 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:32 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: MO9uBQfmGfLWDafz7/dlwfQ9fBdYSm0M/d7Tt3CjdSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:6d:28:05:48:a5:c8:32:a9:3a:e8:04:84:f9:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Jun  7 13:01:32 2025 GMT
            Not After : Jun  8 13:01:32 2025 GMT
        Subject: CN=34aadb940c042dd658ce2153e13e9907e007a82c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e6:d4:67:f1:b6:03:db:ae:bb:3d:0f:06:c1:
                    28:c1:14:a4:64:e1:8d:13:4b:b1:db:b0:0d:b6:cf:
                    5f:09:5f:83:bd:7b:ce:17:65:0e:9f:49:17:28:81:
                    49:c7:69:50:78:f8:aa:54:b6:e5:ff:a8:cf:99:54:
                    9e:1f:2a:ed:e8:d5:45:8f:23:e2:e2:63:be:13:95:
                    95:cb:67:e1:54:9a:d7:4d:33:45:0c:17:df:cf:7f:
                    31:c0:bd:f9:38:9a:4f:be:3c:74:ba:cb:8d:68:3f:
                    f0:c8:97:6d:f9:fd:89:59:64:b9:44:08:b3:f8:6c:
                    2a:35:56:d6:23:fd:72:2c:f3:b6:d8:c2:a5:59:c0:
                    62:89:e9:f4:85:bf:59:e3:be:a8:f6:b2:f4:86:8a:
                    0e:5d:74:c7:ec:2e:1a:95:52:88:aa:0e:1c:95:4f:
                    44:90:1f:f6:be:a3:2d:3c:0f:31:71:af:1a:2d:16:
                    ec:65:86:b8:b4:82:c5:2b:be:67:f7:e5:43:8a:9e:
                    21:72:1e:1d:d8:75:5d:77:1e:7e:54:29:f7:d8:cc:
                    1c:28:91:0b:6a:c8:85:a3:cd:a6:e6:f6:1b:af:c8:
                    d6:67:d9:a0:80:e1:ec:59:20:a5:a3:92:b9:ca:e3:
                    32:aa:36:66:d2:79:eb:74:c1:13:88:2a:dd:c3:0a:
                    ce:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:AA:DB:94:0C:04:2D:D6:58:CE:21:53:E1:3E:99:07:E0:07:A8:2C
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:3b:e1:56:3f:90:c3:40:50:4b:89:86:a5:8e:4d:d0:15:16:
         8c:c0:42:92:58:1a:ae:66:73:aa:25:3a:3a:f2:7c:85:94:c3:
         33:46:6e:2e:fe:31:0f:1e:c4:2c:ec:f2:21:be:82:69:05:95:
         24:e1:d3:d8:0d:40:e7:a9:ab:76:c0:55:55:39:85:1a:27:4b:
         fd:45:81:4e:64:44:c5:cf:5d:bb:0f:dc:01:9e:7b:27:a7:34:
         b1:37:f4:9e:10:b8:bb:62:2e:66:98:83:be:4e:28:ed:c9:4e:
         60:1d:c9:9a:29:11:e7:89:50:da:4c:0c:3e:97:15:9c:0b:07:
         b9:61:1b:53:d0:b4:50:c5:9d:90:2f:06:cd:74:c4:ac:47:ea:
         89:b8:10:5c:f7:de:1f:85:cd:f1:0f:c8:b0:3a:90:4d:20:c0:
         ce:12:e5:e6:56:58:11:61:c5:e1:bb:67:28:67:26:f5:a5:a5:
         78:fc:b9:c0:51:46:35:39:1a:fe:56:11:3b:11:00:99:10:c2:
         ca:b2:32:17:a1:37:b1:6e:ac:15:db:85:10:b3:7f:a7:88:f4:
         a8:11:11:26:28:5b:e1:bf:a6:a2:02:1d:1f:76:f9:38:21:f7:
         b5:1b:ab:e4:08:83:c7:7e:93:8b:77:46:fc:31:72:8b:8e:d2:
         96:0c:c7:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe20oBUilyDKpOugEhPmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjUwNjA3MTMwMTMyWhcNMjUwNjA4MTMwMTMyWjAzMTEwLwYDVQQD
EygzNGFhZGI5NDBjMDQyZGQ2NThjZTIxNTNlMTNlOTkwN2UwMDdhODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsubUZ/G2A9uuuz0PBsEowRSkZOGN
E0ux27ANts9fCV+DvXvOF2UOn0kXKIFJx2lQePiqVLbl/6jPmVSeHyrt6NVFjyPi
4mO+E5WVy2fhVJrXTTNFDBffz38xwL35OJpPvjx0usuNaD/wyJdt+f2JWWS5RAiz
+GwqNVbWI/1yLPO22MKlWcBiien0hb9Z476o9rL0hooOXXTH7C4alVKIqg4clU9E
kB/2vqMtPA8xca8aLRbsZYa4tILFK75n9+VDip4hch4d2HVddx5+VCn32MwcKJEL
asiFo82m5vYbr8jWZ9mggOHsWSClo5K5yuMyqjZm0nnrdMETiCrdwwrOdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSq25QMBC3WWM4hU+E+mQfgB6gsMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtDvhVj+Q
w0BQS4mGpY5N0BUWjMBCklgarmZzqiU6OvJ8hZTDM0ZuLv4xDx7ELOzyIb6CaQWV
JOHT2A1A56mrdsBVVTmFGidL/UWBTmRExc9duw/cAZ57J6c0sTf0nhC4u2IuZpiD
vk4o7clOYB3JmikR54lQ2kwMPpcVnAsHuWEbU9C0UMWdkC8GzXTErEfqibgQXPfe
H4XN8Q/IsDqQTSDAzhLl5lZYEWHF4btnKGcm9aWlePy5wFFGNTka/lYROxEAmRDC
yrIyF6E3sW6sFduFELN/p4j0qBERJihb4b+mogIdH3b5OCH3tRur5AiDx36Ti3dG
/DFyi47SlgzHxw==
-----END CERTIFICATE-----