Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
File:                     S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json)
Hash identifier:          xBfnQYPh5kIcKGlH2nlQbygIxN06D1jbJ8HDIAsBR0Q=
Subject key identifier:   F6:A6:83:44:93:A2:37:36:01:49:ED:BC:2C:CF:C7:ED:D4:A0:F6:E5
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Certificate issuer:       /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial:       0197488CF965D75FEB07CAF75859F57626C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
Manifest number:          06A6
Signing time:             Sat 07 Jun 2025 04:01:27 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:27 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:27 +0000
Files and hashes:         1: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: p8r3BKMYk6Mzo6ZfBDwLqaBtcGKo9ECS/c7k8jtLvQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:f9:65:d7:5f:eb:07:ca:f7:58:59:f5:76:26:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
        Validity
            Not Before: Jun  7 04:01:27 2025 GMT
            Not After : Jun  8 04:01:27 2025 GMT
        Subject: CN=f6a6834493a237360149edbc2ccfc7edd4a0f6e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2e:fd:67:7b:bf:5b:06:33:d9:67:dd:19:25:
                    88:91:df:f7:41:ab:d5:f7:c2:e4:4b:2b:ac:11:24:
                    7c:c6:21:e8:ff:83:30:ca:47:5f:38:54:48:aa:c2:
                    01:59:d7:a2:7a:1f:86:73:14:cf:88:43:d6:6c:f5:
                    ab:c2:d3:d8:54:ad:df:09:0c:bb:56:94:18:f9:28:
                    e3:02:f3:95:66:ec:0c:96:94:36:06:03:32:e2:c5:
                    0e:77:58:61:00:b0:1a:1a:ab:15:b3:dd:0d:3f:7d:
                    7b:3d:8d:da:a4:16:49:b8:01:d2:69:bc:08:6c:98:
                    e3:3c:f2:cc:1b:b1:23:42:73:c2:7b:54:15:4c:90:
                    63:59:06:25:ce:57:b3:58:15:70:1e:1e:e1:f0:80:
                    8f:a4:b9:36:53:ef:a8:e7:20:6f:4b:3e:53:94:b9:
                    64:0c:c4:34:e1:08:59:08:86:69:2a:20:30:25:d2:
                    1e:85:0e:02:1a:98:0e:92:db:90:d8:ad:f4:55:0b:
                    17:1e:89:5d:11:11:1f:40:66:70:58:0f:ec:c4:77:
                    1f:f3:32:df:a1:48:8f:3a:41:23:03:51:ac:21:c8:
                    c2:bd:dd:87:80:ea:f3:1f:94:59:f8:d0:d2:9a:89:
                    83:90:9b:68:86:4d:c7:d8:65:75:8a:a1:7a:fd:1d:
                    d5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:A6:83:44:93:A2:37:36:01:49:ED:BC:2C:CF:C7:ED:D4:A0:F6:E5
            X509v3 Authority Key Identifier:
                keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:37:dc:61:97:8b:c7:52:0b:80:75:ac:6d:46:3d:39:5b:1a:
         e0:01:df:41:dd:30:cc:0b:f1:69:13:1b:02:28:42:e7:29:95:
         ad:74:92:ec:23:31:fe:fc:a5:92:c7:88:f1:ab:2b:29:8d:e7:
         ff:51:94:83:ce:e4:55:68:12:cf:f4:ce:83:5f:0b:43:59:1e:
         41:59:49:84:72:25:d9:3d:0a:51:99:6a:13:c8:09:9c:38:59:
         11:fc:c8:73:35:73:11:13:cb:ef:95:3e:aa:65:df:1e:e7:fa:
         5d:f8:9b:9d:33:75:9c:81:3a:bb:8b:2e:7f:fd:0c:3b:18:d6:
         db:7f:50:4a:48:bd:99:e6:4c:cd:1e:22:60:c7:be:8c:d1:66:
         54:59:4c:5f:76:6c:d5:93:80:94:83:48:ac:f8:b0:84:c3:0e:
         7f:a3:87:b8:22:05:71:57:1c:10:c7:c3:97:8c:b9:83:8e:dc:
         12:04:8a:ac:33:38:66:0c:5d:a3:b8:f1:4d:8b:f5:19:3f:f5:
         60:86:72:3d:f0:d4:b9:55:bc:1a:e6:1d:d7:f2:ad:95:f5:b5:
         42:25:1f:1a:01:df:ca:4e:81:d6:61:fb:3a:63:14:ca:a4:83:
         40:e6:90:e6:4e:7a:a9:ea:a4:e9:4a:e9:ad:35:5b:ed:99:e8:
         fe:c1:04:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjPll11/rB8r3WFn1dibAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjUwNjA3MDQwMTI3WhcNMjUwNjA4MDQwMTI3WjAzMTEwLwYDVQQD
EyhmNmE2ODM0NDkzYTIzNzM2MDE0OWVkYmMyY2NmYzdlZGQ0YTBmNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS79Z3u/WwYz2WfdGSWIkd/3QavV
98LkSyusESR8xiHo/4MwykdfOFRIqsIBWdeieh+GcxTPiEPWbPWrwtPYVK3fCQy7
VpQY+SjjAvOVZuwMlpQ2BgMy4sUOd1hhALAaGqsVs90NP317PY3apBZJuAHSabwI
bJjjPPLMG7EjQnPCe1QVTJBjWQYlzlezWBVwHh7h8ICPpLk2U++o5yBvSz5TlLlk
DMQ04QhZCIZpKiAwJdIehQ4CGpgOktuQ2K30VQsXHoldEREfQGZwWA/sxHcf8zLf
oUiPOkEjA1GsIcjCvd2HgOrzH5RZ+NDSmomDkJtohk3H2GV1iqF6/R3VAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPamg0STojc2AUntvCzPx+3UoPblMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTfcYZeL
x1ILgHWsbUY9OVsa4AHfQd0wzAvxaRMbAihC5ymVrXSS7CMx/vylkseI8asrKY3n
/1GUg87kVWgSz/TOg18LQ1keQVlJhHIl2T0KUZlqE8gJnDhZEfzIczVzERPL75U+
qmXfHuf6XfibnTN1nIE6u4suf/0MOxjW239QSki9meZMzR4iYMe+jNFmVFlMX3Zs
1ZOAlINIrPiwhMMOf6OHuCIFcVccEMfDl4y5g47cEgSKrDM4Zgxdo7jxTYv1GT/1
YIZyPfDUuVW8GuYd1/KtlfW1QiUfGgHfyk6B1mH7OmMUyqSDQOaQ5k56qeqk6Urp
rTVb7Zno/sEEtQ==
-----END CERTIFICATE-----