Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
File:                     ET9u8WzirCilmQYD0folvUl1lN0.mft (raw, json)
Hash identifier:          6PSJq1aO0ATJuP/W8PrNAdOS1dosknkw9EDP9fLGqBM=
Subject key identifier:   16:AC:3C:7E:0B:75:25:F9:AB:D3:52:84:1E:33:41:D8:D6:1D:E4:14
Authority key identifier: 11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD
Certificate issuer:       /CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
Certificate serial:       01974D44925892D378B824DF8967E4CDA979
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
Manifest number:          0432
Signing time:             Sun 08 Jun 2025 02:00:28 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:28 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:28 +0000
Files and hashes:         1: ET9u8WzirCilmQYD0folvUl1lN0.crl (hash: EhhRS3V1UId75sQvyY518H/r3wZf8Cgu5CqTN7aRTN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:44:92:58:92:d3:78:b8:24:df:89:67:e4:cd:a9:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
        Validity
            Not Before: Jun  8 02:00:28 2025 GMT
            Not After : Jun  9 02:00:28 2025 GMT
        Subject: CN=16ac3c7e0b7525f9abd352841e3341d8d61de414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e5:5c:c4:28:a0:e4:8c:d2:66:bf:23:86:e6:
                    38:17:9b:de:9b:fd:19:c9:b3:5a:08:31:7b:ce:16:
                    f8:3b:f3:b0:8e:bf:7a:1f:b8:73:6c:71:eb:b3:0e:
                    aa:d1:a7:5e:c3:4f:b9:49:04:44:9e:d6:fd:62:75:
                    a2:1d:f8:6e:90:f8:a0:8d:c3:26:a7:07:c3:6d:e6:
                    a2:88:ae:68:19:ca:21:9f:92:7b:ab:5c:f4:7c:d1:
                    c3:b5:9a:43:4f:4f:8a:e6:18:96:a7:22:d3:ef:82:
                    69:69:f7:71:05:cb:4e:6b:57:e5:0e:d2:82:94:db:
                    c7:64:f8:38:a6:da:1a:19:51:5f:45:68:80:95:97:
                    7c:78:09:80:a4:1b:52:7b:f1:ed:f7:d2:d2:8a:5d:
                    81:30:0c:de:b9:51:e0:99:6a:f3:a5:a7:33:9c:be:
                    59:03:ab:76:02:5a:0f:0c:85:3b:0a:11:23:e3:2b:
                    b9:15:49:2b:7c:c1:d7:fd:8d:59:55:dd:98:3a:73:
                    39:f5:b1:c4:ac:41:5a:91:ce:1a:a4:29:62:85:0d:
                    20:04:6a:a3:2b:f4:ee:54:db:a1:d8:5c:a1:2e:52:
                    6d:19:15:b1:32:2f:a0:61:91:9e:49:aa:cb:8c:b7:
                    4e:20:87:8c:c5:a5:39:1d:53:7d:c1:43:1b:e9:98:
                    5a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:AC:3C:7E:0B:75:25:F9:AB:D3:52:84:1E:33:41:D8:D6:1D:E4:14
            X509v3 Authority Key Identifier:
                keyid:11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:87:d0:ba:e8:d2:16:8f:46:f7:7c:aa:79:5f:15:1c:63:25:
         9c:68:90:62:7d:da:08:68:b5:ca:22:fc:60:6b:c7:6a:18:23:
         74:d5:d6:66:ba:90:88:50:ca:5b:14:82:c2:da:3a:46:8d:b2:
         35:9c:1a:a9:cd:34:b8:43:50:c7:6f:0d:fc:48:a6:fb:74:ea:
         dd:db:ba:7a:59:3d:97:f0:38:b5:a6:08:64:e8:78:41:b5:4d:
         07:a0:21:7b:29:38:4c:fa:a3:b7:7d:c1:81:76:17:fc:be:6d:
         78:e6:7c:20:d1:16:18:d2:d8:de:56:0b:6d:5d:5c:e9:80:60:
         18:00:f4:60:74:8c:ca:20:50:86:ad:8e:0a:e4:76:72:c7:c5:
         c3:36:a1:36:46:a9:5f:1e:82:9f:98:b4:a6:54:b6:11:f5:a0:
         28:4e:b3:ba:e1:40:5c:c3:54:64:de:d7:47:08:f0:79:b9:cf:
         53:bc:f5:b5:8e:68:e9:fa:b5:75:1f:36:0e:a3:5c:c9:fe:96:
         d6:e1:1d:4a:9a:dc:ac:aa:de:44:3d:7e:73:22:f2:9a:ed:09:
         91:ae:7f:9a:93:6e:0a:f7:84:af:1e:aa:f0:52:dd:03:63:68:
         59:4d:ca:53:74:17:62:dc:d2:03:ba:25:dd:8e:13:41:71:af:
         e5:e7:10:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRJJYktN4uCTfiWfkzal5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExM2Y2ZWYxNmNlMmFjMjhhNTk5MDYwM2QxZmEyNWJkNDk3
NTk0ZGQwHhcNMjUwNjA4MDIwMDI4WhcNMjUwNjA5MDIwMDI4WjAzMTEwLwYDVQQD
EygxNmFjM2M3ZTBiNzUyNWY5YWJkMzUyODQxZTMzNDFkOGQ2MWRlNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteVcxCig5IzSZr8jhuY4F5vem/0Z
ybNaCDF7zhb4O/Owjr96H7hzbHHrsw6q0adew0+5SQREntb9YnWiHfhukPigjcMm
pwfDbeaiiK5oGcohn5J7q1z0fNHDtZpDT0+K5hiWpyLT74JpafdxBctOa1flDtKC
lNvHZPg4ptoaGVFfRWiAlZd8eAmApBtSe/Ht99LSil2BMAzeuVHgmWrzpacznL5Z
A6t2AloPDIU7ChEj4yu5FUkrfMHX/Y1ZVd2YOnM59bHErEFakc4apClihQ0gBGqj
K/TuVNuh2FyhLlJtGRWxMi+gYZGeSarLjLdOIIeMxaU5HVN9wUMb6ZhaSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBasPH4LdSX5q9NShB4zQdjWHeQUMB8GA1UdIwQY
MBaAFBE/bvFs4qwopZkGA9H6Jb1JdZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQt
OTA1ZGJhYjhiZDU3LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQtOTA1ZGJhYjhiZDU3
LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIIfQuujS
Fo9G93yqeV8VHGMlnGiQYn3aCGi1yiL8YGvHahgjdNXWZrqQiFDKWxSCwto6Ro2y
NZwaqc00uENQx28N/Eim+3Tq3du6elk9l/A4taYIZOh4QbVNB6Aheyk4TPqjt33B
gXYX/L5teOZ8INEWGNLY3lYLbV1c6YBgGAD0YHSMyiBQhq2OCuR2csfFwzahNkap
Xx6Cn5i0plS2EfWgKE6zuuFAXMNUZN7XRwjwebnPU7z1tY5o6fq1dR82DqNcyf6W
1uEdSprcrKreRD1+cyLymu0Jka5/mpNuCveErx6q8FLdA2NoWU3KU3QXYtzSA7ol
3Y4TQXGv5ecQTA==
-----END CERTIFICATE-----