Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          Or5nkZyzZVS1AN0+ZRuu3g8NNW/N0Jy1Mj1uP8UMOiE=
Subject key identifier:   16:6D:02:B1:9F:C4:B5:E8:5D:E2:BF:8E:AF:75:33:20:AD:86:B5:61
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       01974A7B1373227EFCD33878BA6F7657CC0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          0FE1
Signing time:             Sat 07 Jun 2025 13:01:09 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:09 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:09 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: z4l6DCsSRV96ugH2POotrMCqRxgPZi1HhSmbG0fvyuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:13:73:22:7e:fc:d3:38:78:ba:6f:76:57:cc:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Jun  7 13:01:09 2025 GMT
            Not After : Jun  8 13:01:09 2025 GMT
        Subject: CN=166d02b19fc4b5e85de2bf8eaf753320ad86b561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fa:f5:3a:c3:30:2e:bf:38:3c:ad:c0:1c:06:
                    9a:51:9c:15:8e:81:17:59:e2:b1:08:9b:df:7b:4f:
                    a3:f2:d8:61:cf:c9:38:e9:49:84:30:81:a6:16:c5:
                    c5:0f:94:91:ce:db:28:a7:ed:af:d6:6c:b5:45:9f:
                    43:aa:a4:00:0f:1d:cd:8a:4d:3a:14:14:86:15:72:
                    54:b0:75:9e:2d:47:17:30:50:bb:8b:3a:fd:b2:3b:
                    2f:3a:63:23:0b:76:e3:54:5d:3b:7d:47:75:ce:96:
                    83:80:4c:b3:c0:09:9c:92:3b:ab:e6:b2:7f:03:b6:
                    6f:a9:4d:32:bd:18:07:db:17:89:59:6b:6f:18:90:
                    ef:09:ab:b9:0d:81:ea:f7:57:43:62:68:28:02:7e:
                    27:f1:c5:89:be:f5:2e:ab:3e:a0:7d:ff:aa:61:e4:
                    84:9a:00:95:ed:8e:3b:aa:a3:02:7b:41:3d:fc:e4:
                    9a:45:07:4d:62:fd:ed:89:40:eb:70:e4:59:88:17:
                    ac:b9:6d:d7:7b:7d:5e:8f:5f:a0:cb:3a:c1:60:78:
                    f3:4e:f6:a4:68:70:c6:45:66:3d:1b:ae:e3:5a:a4:
                    e0:ed:3f:0a:c8:b6:ed:07:ed:86:b4:08:73:2b:e3:
                    f8:9f:a0:72:10:30:2a:73:dc:8a:9c:dc:e1:d4:f7:
                    27:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6D:02:B1:9F:C4:B5:E8:5D:E2:BF:8E:AF:75:33:20:AD:86:B5:61
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:f5:61:00:85:c9:c9:cd:3d:f3:84:d2:e7:02:f8:b9:39:95:
         8e:71:cf:4d:18:cb:8c:96:a2:17:21:24:d1:2b:10:2b:92:e2:
         fc:7a:6d:3d:88:2f:f3:c3:a3:ab:42:06:20:79:93:3b:19:00:
         14:b9:a9:5a:e9:4f:61:c6:d2:00:b9:f4:e0:2c:05:42:f6:b0:
         d5:6e:05:f1:0e:95:31:a2:c6:9e:d4:bb:2e:f3:f8:ca:be:17:
         f1:32:8b:3a:75:7d:17:fd:42:09:57:bb:ed:15:9e:e5:2d:ed:
         3f:e6:85:43:1c:be:77:24:11:22:34:01:bb:20:e3:cb:40:12:
         82:42:10:98:00:f6:0a:f2:36:36:ea:93:3d:07:45:cf:22:11:
         be:ab:de:7a:7f:03:4f:42:6e:e5:53:c7:c3:ea:c0:a6:38:bd:
         3c:ee:05:fa:00:30:62:9e:f9:21:68:39:dc:50:04:dd:0d:8b:
         43:42:a4:a0:e5:e7:20:89:31:4c:d2:ae:4a:b6:f2:65:dc:06:
         69:07:13:62:4d:2b:28:94:e4:8c:71:0e:01:34:b7:ba:f2:9a:
         37:dd:13:f4:79:54:24:8d:2d:3a:6e:67:72:fb:96:76:fd:3f:
         1f:98:07:f2:00:fb:dc:9d:10:ba:95:f8:9e:d5:f4:d9:41:b3:
         39:3f:3b:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKexNzIn780zh4um92V8wLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjUwNjA3MTMwMTA5WhcNMjUwNjA4MTMwMTA5WjAzMTEwLwYDVQQD
EygxNjZkMDJiMTlmYzRiNWU4NWRlMmJmOGVhZjc1MzMyMGFkODZiNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPr1OsMwLr84PK3AHAaaUZwVjoEX
WeKxCJvfe0+j8thhz8k46UmEMIGmFsXFD5SRztsop+2v1my1RZ9DqqQADx3Nik06
FBSGFXJUsHWeLUcXMFC7izr9sjsvOmMjC3bjVF07fUd1zpaDgEyzwAmckjur5rJ/
A7ZvqU0yvRgH2xeJWWtvGJDvCau5DYHq91dDYmgoAn4n8cWJvvUuqz6gff+qYeSE
mgCV7Y47qqMCe0E9/OSaRQdNYv3tiUDrcORZiBesuW3Xe31ej1+gyzrBYHjzTvak
aHDGRWY9G67jWqTg7T8KyLbtB+2GtAhzK+P4n6ByEDAqc9yKnNzh1Pcn0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZtArGfxLXoXeK/jq91MyCthrVhMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvPVhAIXJ
yc0984TS5wL4uTmVjnHPTRjLjJaiFyEk0SsQK5Li/HptPYgv88Ojq0IGIHmTOxkA
FLmpWulPYcbSALn04CwFQvaw1W4F8Q6VMaLGntS7LvP4yr4X8TKLOnV9F/1CCVe7
7RWe5S3tP+aFQxy+dyQRIjQBuyDjy0ASgkIQmAD2CvI2NuqTPQdFzyIRvqveen8D
T0Ju5VPHw+rApji9PO4F+gAwYp75IWg53FAE3Q2LQ0KkoOXnIIkxTNKuSrbyZdwG
aQcTYk0rKJTkjHEOATS3uvKaN90T9HlUJI0tOm5ncvuWdv0/H5gH8gD73J0QupX4
ntX02UGzOT873g==
-----END CERTIFICATE-----