Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
File:                     pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft (raw, json)
Hash identifier:          D9ydpfk4As2dTWXhKTTE3ghjuDvbRdMofnVwxc+ZAVM=
Subject key identifier:   6B:25:90:F5:B4:7B:92:80:FE:BE:47:D9:EC:5F:20:62:88:67:A2:00
Authority key identifier: A4:3E:2B:9F:BC:8B:47:72:CF:80:00:74:8C:47:DD:43:7B:3C:59:8F
Certificate issuer:       /CN=a43e2b9fbc8b4772cf8000748c47dd437b3c598f
Certificate serial:       0197493123190D6540C4609F1CC4F85D49F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
Manifest number:          01D4
Signing time:             Sat 07 Jun 2025 07:00:46 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:46 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:46 +0000
Files and hashes:         1: pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl (hash: jKeFxkGEAOoJE760kat4UHqQ9XmvOAVLQdhyOQrXc+c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:23:19:0d:65:40:c4:60:9f:1c:c4:f8:5d:49:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a43e2b9fbc8b4772cf8000748c47dd437b3c598f
        Validity
            Not Before: Jun  7 07:00:46 2025 GMT
            Not After : Jun  8 07:00:46 2025 GMT
        Subject: CN=6b2590f5b47b9280febe47d9ec5f20628867a200
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:d3:5b:f0:71:55:ac:cd:8e:92:dc:94:d7:6b:
                    e8:fb:31:e3:27:25:4b:52:09:0b:3d:ed:f9:8b:c1:
                    d8:68:67:22:20:11:0e:ac:8c:09:01:17:1a:44:59:
                    c0:16:d3:91:10:70:0a:cf:49:e7:4f:5a:c4:b7:73:
                    de:7d:67:0f:22:06:10:45:8a:c7:cf:c9:38:8d:f7:
                    82:aa:1e:1f:1c:6f:12:50:bb:a2:d8:d2:65:0e:c8:
                    87:c3:7a:df:74:1d:80:8b:e9:14:b5:04:61:6f:e4:
                    ee:a4:84:49:6d:42:a9:a4:48:8a:34:39:c6:ce:ac:
                    71:07:0b:18:f5:b2:d5:f8:95:e6:d5:b0:e3:7e:3d:
                    d4:d7:ff:2f:46:22:0c:6d:51:0f:19:b6:99:8a:11:
                    5e:e3:34:c9:4c:9d:86:1b:c5:75:87:7f:65:1e:47:
                    1a:fc:8d:58:9f:f2:5b:7b:f8:39:5c:d8:a0:a8:50:
                    bc:f6:e4:72:26:ef:ea:a8:fe:b6:67:cc:40:87:0d:
                    65:e2:e2:53:c9:99:e3:71:08:82:50:9e:5d:f3:31:
                    b1:13:0e:b5:65:da:f3:df:20:9c:d4:aa:03:80:39:
                    fb:e2:3d:78:b6:6d:5c:0b:3b:c1:c0:b5:fd:5f:c4:
                    58:2a:8c:4a:d6:50:cb:9d:c1:59:d2:2f:42:38:65:
                    a4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:25:90:F5:B4:7B:92:80:FE:BE:47:D9:EC:5F:20:62:88:67:A2:00
            X509v3 Authority Key Identifier:
                keyid:A4:3E:2B:9F:BC:8B:47:72:CF:80:00:74:8C:47:DD:43:7B:3C:59:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:c0:d4:42:c2:43:9c:94:09:e1:54:b1:c9:4e:3e:ee:6b:2c:
         1d:25:10:a1:70:fe:e6:bd:16:c6:51:cd:9c:0d:81:a9:d1:ec:
         17:da:15:13:d8:9f:52:13:b4:53:fa:4b:9d:12:c1:d4:36:39:
         8f:7e:c5:2a:d2:c2:67:fe:f0:88:b0:83:22:3c:c5:15:a6:74:
         a5:4d:ac:cc:e0:13:93:cd:89:ae:0f:d9:6e:a0:5a:54:9e:7d:
         0a:e6:32:66:69:8e:b6:b1:85:c4:17:ef:16:ad:f3:68:a2:88:
         4a:83:45:82:42:20:ba:7e:4c:f6:16:be:e6:c9:74:94:7d:94:
         2a:47:7a:be:0a:88:ab:7b:1b:c5:3b:2d:dd:2b:6f:0b:52:d4:
         eb:6f:a3:0f:4f:46:46:30:0a:13:7b:56:55:d3:14:73:4d:db:
         3f:2e:00:37:28:42:b1:e9:84:b5:46:a2:db:4a:b4:b7:cd:a6:
         da:b6:d1:6d:71:87:d6:34:a0:72:56:e5:cf:fa:8b:e1:7b:a0:
         51:9b:01:b7:d1:cc:ef:33:19:7c:83:75:44:6d:d9:92:0e:6c:
         f9:bc:9c:21:06:a5:f1:d2:ce:51:5e:c9:f4:1d:85:d4:68:83:
         9f:c9:f8:c0:19:96:0f:10:b0:1a:b3:a8:0b:11:2e:84:2f:78:
         50:45:d3:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMSMZDWVAxGCfHMT4XUn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0M2UyYjlmYmM4YjQ3NzJjZjgwMDA3NDhjNDdkZDQzN2Iz
YzU5OGYwHhcNMjUwNjA3MDcwMDQ2WhcNMjUwNjA4MDcwMDQ2WjAzMTEwLwYDVQQD
Eyg2YjI1OTBmNWI0N2I5MjgwZmViZTQ3ZDllYzVmMjA2Mjg4NjdhMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NNb8HFVrM2OktyU12vo+zHjJyVL
UgkLPe35i8HYaGciIBEOrIwJARcaRFnAFtOREHAKz0nnT1rEt3PefWcPIgYQRYrH
z8k4jfeCqh4fHG8SULui2NJlDsiHw3rfdB2Ai+kUtQRhb+TupIRJbUKppEiKNDnG
zqxxBwsY9bLV+JXm1bDjfj3U1/8vRiIMbVEPGbaZihFe4zTJTJ2GG8V1h39lHkca
/I1Yn/Jbe/g5XNigqFC89uRyJu/qqP62Z8xAhw1l4uJTyZnjcQiCUJ5d8zGxEw61
Zdrz3yCc1KoDgDn74j14tm1cCzvBwLX9X8RYKoxK1lDLncFZ0i9COGWkGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGslkPW0e5KA/r5H2exfIGKIZ6IAMB8GA1UdIwQY
MBaAFKQ+K5+8i0dyz4AAdIxH3UN7PFmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOGY5ZDktNGYyNS00ODE4LWIzM2Mt
YjAwMWU1YmFkMDE3LzEvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOGY5ZDktNGYyNS00ODE4LWIzM2MtYjAwMWU1YmFkMDE3
LzEvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8DUQsJD
nJQJ4VSxyU4+7mssHSUQoXD+5r0WxlHNnA2BqdHsF9oVE9ifUhO0U/pLnRLB1DY5
j37FKtLCZ/7wiLCDIjzFFaZ0pU2szOATk82Jrg/ZbqBaVJ59CuYyZmmOtrGFxBfv
Fq3zaKKISoNFgkIgun5M9ha+5sl0lH2UKkd6vgqIq3sbxTst3StvC1LU62+jD09G
RjAKE3tWVdMUc03bPy4ANyhCsemEtUai20q0t82m2rbRbXGH1jSgclblz/qL4Xug
UZsBt9HM7zMZfIN1RG3Zkg5s+bycIQal8dLOUV7J9B2F1GiDn8n4wBmWDxCwGrOo
CxEuhC94UEXTFA==
-----END CERTIFICATE-----