Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
File:                     fkL5qpHFODs-cnVy67GVWRqHYM4.mft (raw, json)
Hash identifier:          pfAhDrzQ2XcRsYd7HZOFdA5vQpQZU4BA1JAr/+AKd0U=
Subject key identifier:   44:DD:0D:E5:A3:B1:E4:9E:B7:D7:B8:88:85:EC:D6:FD:A2:5A:F2:31
Authority key identifier: 7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE
Certificate issuer:       /CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
Certificate serial:       01974A7AAF5773FA8278D4C2362FF1769CA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
Manifest number:          0614
Signing time:             Sat 07 Jun 2025 13:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:43 +0000
Files and hashes:         1: fkL5qpHFODs-cnVy67GVWRqHYM4.crl (hash: 79nthp+wbRyA/SL0mXSJedBFzXfRf5++KPxXIaaR7rs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:af:57:73:fa:82:78:d4:c2:36:2f:f1:76:9c:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
        Validity
            Not Before: Jun  7 13:00:43 2025 GMT
            Not After : Jun  8 13:00:43 2025 GMT
        Subject: CN=44dd0de5a3b1e49eb7d7b88885ecd6fda25af231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ef:8b:a8:8c:a4:2d:20:f4:b7:7d:ac:36:ba:
                    82:43:14:a6:dd:8e:cd:16:cc:92:cd:d8:e7:fd:5f:
                    ee:35:41:d4:8c:c8:ad:2e:a7:e8:09:3d:a6:76:5f:
                    cf:4d:9d:f7:b1:99:14:40:ec:6b:21:04:95:1a:ac:
                    64:8d:0c:6b:cb:aa:03:65:e7:f8:c1:a0:64:55:65:
                    69:0d:9a:73:c4:e4:fb:5a:9a:94:9e:4c:62:10:eb:
                    c6:84:4a:84:fb:0d:96:de:95:fd:96:27:60:8d:f6:
                    39:ac:c0:cb:71:2a:ab:aa:62:1d:2b:44:28:a5:f2:
                    ef:7e:97:f1:31:b2:8e:c4:dc:cf:34:81:06:e6:26:
                    bc:93:0c:1b:7f:d2:d3:52:ff:28:1d:b0:2d:54:19:
                    04:7f:90:ee:5c:be:bf:16:28:7f:b8:9a:5a:44:d7:
                    10:73:f6:f2:4d:2b:f8:81:f4:49:02:08:a5:ac:f0:
                    33:1f:2e:47:f7:e9:6b:88:1a:d5:3a:03:2d:5e:42:
                    86:df:f1:be:19:9a:92:3f:26:de:aa:b9:c1:12:4d:
                    c0:33:33:15:e2:bf:9f:02:32:14:56:5f:d2:95:0e:
                    31:ac:1f:96:fb:0c:ba:72:35:57:70:61:b7:00:15:
                    fd:c4:fc:96:3b:fe:a0:ec:a6:b1:55:18:7b:13:40:
                    22:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:DD:0D:E5:A3:B1:E4:9E:B7:D7:B8:88:85:EC:D6:FD:A2:5A:F2:31
            X509v3 Authority Key Identifier:
                keyid:7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:6b:59:0b:df:c1:e6:99:c2:8b:5f:e0:69:a2:8a:bb:36:3b:
         ad:89:d8:33:96:14:7b:34:ea:81:7b:fc:20:2c:9f:ad:a5:bb:
         b1:a0:03:73:f3:df:bd:71:9e:8a:a7:d9:e4:f7:8f:6f:4c:64:
         2f:72:a4:9c:ba:a7:8c:0d:63:4e:04:a3:ac:a8:d5:5c:58:80:
         c9:60:64:08:f6:10:cc:14:20:8b:93:07:71:0b:97:a9:e3:94:
         63:3a:a3:ed:7e:69:5c:00:82:28:06:2a:5d:1b:3e:c3:29:88:
         42:ed:23:22:1c:f2:dd:7c:50:2d:51:75:a7:1b:8d:27:f4:9e:
         94:8f:f3:3b:15:86:37:23:c2:0e:2b:cd:8a:cb:96:53:82:c8:
         b1:75:45:89:a4:d1:c4:69:a3:1c:6f:9b:2a:46:c7:3c:9e:d0:
         6c:c1:07:75:a1:b0:33:67:57:9d:df:87:a2:7d:86:65:5e:34:
         ff:ae:6a:a6:87:76:cd:a9:bd:42:86:d8:25:9b:87:79:a4:71:
         aa:3b:e4:76:8c:a5:c9:13:36:2d:84:57:0f:18:e7:d6:19:24:
         3a:83:ff:38:0b:67:be:14:90:68:3d:c0:ec:18:2d:ea:b0:1e:
         13:13:6e:92:64:d3:eb:a0:68:24:92:21:5d:72:c5:f1:7c:9c:
         2e:da:45:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeq9Xc/qCeNTCNi/xdpyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDJmOWFhOTFjNTM4M2IzZTcyNzU3MmViYjE5NTU5MWE4
NzYwY2UwHhcNMjUwNjA3MTMwMDQzWhcNMjUwNjA4MTMwMDQzWjAzMTEwLwYDVQQD
Eyg0NGRkMGRlNWEzYjFlNDllYjdkN2I4ODg4NWVjZDZmZGEyNWFmMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu+LqIykLSD0t32sNrqCQxSm3Y7N
FsySzdjn/V/uNUHUjMitLqfoCT2mdl/PTZ33sZkUQOxrIQSVGqxkjQxry6oDZef4
waBkVWVpDZpzxOT7WpqUnkxiEOvGhEqE+w2W3pX9lidgjfY5rMDLcSqrqmIdK0Qo
pfLvfpfxMbKOxNzPNIEG5ia8kwwbf9LTUv8oHbAtVBkEf5DuXL6/Fih/uJpaRNcQ
c/byTSv4gfRJAgilrPAzHy5H9+lriBrVOgMtXkKG3/G+GZqSPybeqrnBEk3AMzMV
4r+fAjIUVl/SlQ4xrB+W+wy6cjVXcGG3ABX9xPyWO/6g7KaxVRh7E0AiWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETdDeWjseSet9e4iIXs1v2iWvIxMB8GA1UdIwQY
MBaAFH5C+aqRxTg7PnJ1cuuxlVkah2DOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjct
N2NkNDcyODY0YmY4LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjctN2NkNDcyODY0YmY4
LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2tZC9/B
5pnCi1/gaaKKuzY7rYnYM5YUezTqgXv8ICyfraW7saADc/PfvXGeiqfZ5PePb0xk
L3KknLqnjA1jTgSjrKjVXFiAyWBkCPYQzBQgi5MHcQuXqeOUYzqj7X5pXACCKAYq
XRs+wymIQu0jIhzy3XxQLVF1pxuNJ/SelI/zOxWGNyPCDivNisuWU4LIsXVFiaTR
xGmjHG+bKkbHPJ7QbMEHdaGwM2dXnd+Hon2GZV40/65qpod2zam9QobYJZuHeaRx
qjvkdoylyRM2LYRXDxjn1hkkOoP/OAtnvhSQaD3A7Bgt6rAeExNukmTT66BoJJIh
XXLF8XycLtpFIA==
-----END CERTIFICATE-----