Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          RFV/0pa5koSXxewBqqRZRa2smthMJQJuDxUKDF3OhTY=
Subject key identifier:   9D:D2:35:DC:9E:03:1B:12:0D:7B:59:72:CF:48:47:4D:0E:5A:CB:7A
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       0197488D5806612F8ED898482C8338680CAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0DD8
Signing time:             Sat 07 Jun 2025 04:01:52 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:52 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:52 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: IQpI+O/xhRcK6UpVRHVe4lHnCGgL77AKGGldmDvkU5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:58:06:61:2f:8e:d8:98:48:2c:83:38:68:0c:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Jun  7 04:01:52 2025 GMT
            Not After : Jun  8 04:01:52 2025 GMT
        Subject: CN=9dd235dc9e031b120d7b5972cf48474d0e5acb7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0b:c3:72:07:99:99:d4:78:11:c0:47:e0:78:
                    f4:fb:c7:5c:9b:ee:02:5f:97:80:b4:c8:b8:4a:32:
                    eb:07:17:bd:c9:8e:22:fc:a9:3e:24:07:2c:8f:ad:
                    09:ad:d8:8f:9e:8b:34:70:d8:ec:a8:1f:f9:67:52:
                    38:52:8f:cc:70:bc:34:65:59:d9:e2:5c:e0:00:39:
                    fe:ab:43:66:24:11:6e:76:80:7c:41:8f:f1:4e:2b:
                    c8:e8:a4:c8:d2:6e:5f:3d:c0:21:88:28:12:a9:fd:
                    f7:8a:0a:d4:bc:6c:4e:74:6e:f9:73:2b:df:e4:10:
                    d6:51:5d:49:b4:2d:60:8c:c4:3a:3d:c8:54:ea:3f:
                    bf:81:9d:26:4f:57:a0:24:52:fd:a7:53:3e:e2:b3:
                    34:ca:f0:1a:79:08:97:21:c8:9a:da:e2:29:3f:c7:
                    6c:5f:af:4f:7e:9a:f2:36:2f:84:a9:b5:f8:d2:d6:
                    b0:8e:cc:56:af:ac:68:1a:cf:82:b6:b9:61:8b:3c:
                    56:b1:f9:53:a2:9d:df:53:a7:9e:2c:1e:1e:1c:fe:
                    53:97:81:a1:ef:9e:55:a2:75:49:72:93:58:99:01:
                    6a:3d:6a:a2:29:30:d3:1d:f5:0c:32:e2:f3:91:5b:
                    27:e7:67:97:99:a6:dd:4b:94:9b:80:cb:49:59:48:
                    b9:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D2:35:DC:9E:03:1B:12:0D:7B:59:72:CF:48:47:4D:0E:5A:CB:7A
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:2b:10:c4:ef:df:55:48:d5:f7:52:a0:f8:a3:20:4a:11:e0:
         fe:bc:b5:92:d3:a5:73:52:20:6c:a6:8a:bb:7a:cc:b7:ee:25:
         94:8b:6a:27:ad:9a:9a:41:90:d2:d0:f9:50:1c:fe:d3:18:f5:
         8b:6c:fb:d3:e3:d0:49:31:2b:0d:fa:bc:d1:d1:09:54:95:61:
         8e:8c:22:4d:77:cf:85:b1:cb:77:27:51:d3:90:a8:93:5a:cf:
         90:9d:eb:94:9a:b2:11:54:27:b2:cc:c7:7d:0b:c1:ea:12:86:
         ac:a6:30:32:87:94:43:8d:8e:ae:24:97:5a:8e:47:23:ee:da:
         68:70:5e:00:8d:63:aa:8c:b3:69:c4:83:21:e1:62:ab:24:fa:
         0a:c6:b8:0e:f1:c2:10:f0:23:5c:45:1c:ac:02:3f:64:99:d0:
         97:25:5e:90:b7:9c:5a:c4:ce:f1:dc:8f:59:ca:53:d1:76:b6:
         64:df:f7:39:ec:90:fa:30:6f:d4:a6:76:e6:28:2e:8c:84:f6:
         aa:3c:25:ca:2f:aa:48:61:4b:88:d5:0a:5a:5f:15:71:55:3d:
         07:d3:a9:70:10:f8:6d:de:48:ce:df:d4:3d:26:70:33:70:a9:
         f6:c5:85:34:27:94:07:57:05:55:ed:ba:13:bf:cc:4e:91:da:
         11:97:4a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjVgGYS+O2JhILIM4aAyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwNjA3MDQwMTUyWhcNMjUwNjA4MDQwMTUyWjAzMTEwLwYDVQQD
Eyg5ZGQyMzVkYzllMDMxYjEyMGQ3YjU5NzJjZjQ4NDc0ZDBlNWFjYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQvDcgeZmdR4EcBH4Hj0+8dcm+4C
X5eAtMi4SjLrBxe9yY4i/Kk+JAcsj60JrdiPnos0cNjsqB/5Z1I4Uo/McLw0ZVnZ
4lzgADn+q0NmJBFudoB8QY/xTivI6KTI0m5fPcAhiCgSqf33igrUvGxOdG75cyvf
5BDWUV1JtC1gjMQ6PchU6j+/gZ0mT1egJFL9p1M+4rM0yvAaeQiXIcia2uIpP8ds
X69PfpryNi+EqbX40tawjsxWr6xoGs+CtrlhizxWsflTop3fU6eeLB4eHP5Tl4Gh
755VonVJcpNYmQFqPWqiKTDTHfUMMuLzkVsn52eXmabdS5SbgMtJWUi5SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3SNdyeAxsSDXtZcs9IR00OWst6MB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCsQxO/f
VUjV91Kg+KMgShHg/ry1ktOlc1IgbKaKu3rMt+4llItqJ62amkGQ0tD5UBz+0xj1
i2z70+PQSTErDfq80dEJVJVhjowiTXfPhbHLdydR05Cok1rPkJ3rlJqyEVQnsszH
fQvB6hKGrKYwMoeUQ42OriSXWo5HI+7aaHBeAI1jqoyzacSDIeFiqyT6Csa4DvHC
EPAjXEUcrAI/ZJnQlyVekLecWsTO8dyPWcpT0Xa2ZN/3OeyQ+jBv1KZ25igujIT2
qjwlyi+qSGFLiNUKWl8VcVU9B9OpcBD4bd5Izt/UPSZwM3Cp9sWFNCeUB1cFVe26
E7/MTpHaEZdKYg==
-----END CERTIFICATE-----