Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
File:                     P9WU69efjdhbR5LpUzvkaBaohgY.mft (raw, json)
Hash identifier:          xOwR/7+ABrM5NHdd8fkqaiJ6Cju8hxMoIJZYIAIqCkU=
Subject key identifier:   57:80:D8:5A:CA:EF:8A:44:53:7C:11:9F:C2:57:DF:9D:7F:83:D0:68
Authority key identifier: 3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06
Certificate issuer:       /CN=3fd594ebd79f8dd85b4792e9533be46816a88606
Certificate serial:       019749D5D625E4B437FD2E4D65F39CC4240B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
Manifest number:          10FB
Signing time:             Sat 07 Jun 2025 10:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:40 +0000
Files and hashes:         1: P9WU69efjdhbR5LpUzvkaBaohgY.crl (hash: K6peuLBhwH9HojsUB5QI7vJ0Zol5boTr5Zd81qPAf6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:d6:25:e4:b4:37:fd:2e:4d:65:f3:9c:c4:24:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd594ebd79f8dd85b4792e9533be46816a88606
        Validity
            Not Before: Jun  7 10:00:40 2025 GMT
            Not After : Jun  8 10:00:40 2025 GMT
        Subject: CN=5780d85acaef8a44537c119fc257df9d7f83d068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c1:37:99:3e:0d:3f:2d:09:0a:91:30:6e:c5:
                    92:ab:bb:64:88:68:e4:13:49:1a:5d:c9:a3:a2:d0:
                    44:0b:bf:6c:53:e1:34:58:de:35:85:e7:ca:a7:d3:
                    6a:34:64:da:4b:e4:9a:23:b3:9f:01:c8:52:c7:f0:
                    0c:79:24:e9:9a:c5:33:6f:19:75:9e:02:d5:b2:b3:
                    54:14:3d:d4:8c:15:9e:13:0a:b4:28:e5:b4:9c:64:
                    8f:7b:7d:0f:7e:2d:fd:3e:f1:fa:a1:83:e8:b6:40:
                    74:dd:a2:6c:58:4c:a2:2e:79:c3:3d:cd:73:89:43:
                    42:0e:5a:fd:60:27:2e:94:82:c5:27:fc:9e:cd:4e:
                    44:55:0a:03:23:b1:af:01:c1:0c:12:72:41:89:a0:
                    85:eb:d3:3f:4b:c9:f5:21:28:3f:41:bb:6c:d8:01:
                    a0:83:5a:f6:cd:02:ac:8e:59:94:bf:64:dc:e2:be:
                    f0:38:5f:5f:49:66:b9:f7:0c:7c:c5:cf:67:61:e5:
                    e5:f7:a1:58:5c:c2:bc:da:0e:46:ab:77:2b:a3:0b:
                    4e:46:c0:28:68:ac:2e:7e:09:14:22:30:60:5f:55:
                    d7:c2:bb:3c:9e:c8:2f:34:43:8b:76:d6:14:97:64:
                    1f:73:86:25:c6:06:30:78:85:6c:a8:87:3b:5d:11:
                    4f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:80:D8:5A:CA:EF:8A:44:53:7C:11:9F:C2:57:DF:9D:7F:83:D0:68
            X509v3 Authority Key Identifier:
                keyid:3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:60:62:9d:ca:db:4a:b9:7c:6a:4e:91:f8:97:b0:65:7c:40:
         a0:d9:b1:5f:56:dd:7f:44:4a:41:4c:4e:cb:d3:a0:4b:ac:ef:
         f4:da:35:27:4f:b5:f2:9e:bb:f3:48:58:e2:62:78:19:fb:00:
         92:60:31:13:8f:31:b0:78:55:d9:97:e8:1c:6b:c4:19:bf:ae:
         05:03:35:65:9d:fc:ba:04:e2:b2:1c:40:4c:47:95:15:9e:d2:
         98:6d:3a:75:c8:0b:ce:ee:90:f3:28:08:63:ee:e4:04:51:67:
         77:fa:dc:95:ee:c7:58:fb:3b:bb:b1:f6:18:c9:80:3a:5c:d9:
         36:ff:9f:f6:da:cc:73:e4:9a:0c:81:91:f5:4a:f8:b1:86:0a:
         43:3a:89:b2:99:d0:08:9b:c6:21:55:ae:b3:75:a5:a4:59:20:
         85:f5:ac:9e:ef:eb:dc:52:dc:17:6f:df:8a:d4:7a:60:68:e7:
         e1:0b:bf:3f:2d:7b:48:c4:6d:b9:21:8d:46:eb:cf:94:80:48:
         b1:3b:d0:dd:7d:e1:9c:77:e3:a3:20:8e:f1:e9:78:2e:a2:9e:
         e4:b3:0f:2c:96:76:9a:4e:fa:3f:59:72:bf:40:52:d5:13:ce:
         43:f4:23:8f:c9:80:8a:43:bb:06:43:82:40:3a:a7:b8:84:37:
         3f:3c:96:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1dYl5LQ3/S5NZfOcxCQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDU5NGViZDc5ZjhkZDg1YjQ3OTJlOTUzM2JlNDY4MTZh
ODg2MDYwHhcNMjUwNjA3MTAwMDQwWhcNMjUwNjA4MTAwMDQwWjAzMTEwLwYDVQQD
Eyg1NzgwZDg1YWNhZWY4YTQ0NTM3YzExOWZjMjU3ZGY5ZDdmODNkMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnME3mT4NPy0JCpEwbsWSq7tkiGjk
E0kaXcmjotBEC79sU+E0WN41hefKp9NqNGTaS+SaI7OfAchSx/AMeSTpmsUzbxl1
ngLVsrNUFD3UjBWeEwq0KOW0nGSPe30Pfi39PvH6oYPotkB03aJsWEyiLnnDPc1z
iUNCDlr9YCculILFJ/yezU5EVQoDI7GvAcEMEnJBiaCF69M/S8n1ISg/Qbts2AGg
g1r2zQKsjlmUv2Tc4r7wOF9fSWa59wx8xc9nYeXl96FYXMK82g5Gq3crowtORsAo
aKwufgkUIjBgX1XXwrs8nsgvNEOLdtYUl2Qfc4YlxgYweIVsqIc7XRFPawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeA2FrK74pEU3wRn8JX351/g9BoMB8GA1UdIwQY
MBaAFD/VlOvXn43YW0eS6VM75GgWqIYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEt
NjYyNDY5MWY2ZjEzLzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEtNjYyNDY5MWY2ZjEz
LzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASWBincrb
Srl8ak6R+JewZXxAoNmxX1bdf0RKQUxOy9OgS6zv9No1J0+18p6780hY4mJ4GfsA
kmAxE48xsHhV2ZfoHGvEGb+uBQM1ZZ38ugTishxATEeVFZ7SmG06dcgLzu6Q8ygI
Y+7kBFFnd/rcle7HWPs7u7H2GMmAOlzZNv+f9trMc+SaDIGR9Ur4sYYKQzqJspnQ
CJvGIVWus3WlpFkghfWsnu/r3FLcF2/fitR6YGjn4Qu/Py17SMRtuSGNRuvPlIBI
sTvQ3X3hnHfjoyCO8el4LqKe5LMPLJZ2mk76P1lyv0BS1RPOQ/Qjj8mAikO7BkOC
QDqnuIQ3PzyWHw==
-----END CERTIFICATE-----