Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          JXlWpfO7ghRhBhBWCa5pyPw4lFIhwCp7tNu+rWo7PSg=
Subject key identifier:   23:B0:23:9C:1C:78:BB:2F:5A:C6:83:D5:A6:AB:84:BF:0B:86:7C:B2
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       01974A7A92AF87D3AE3C8963807A521DF080
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0C15
Signing time:             Sat 07 Jun 2025 13:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:36 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: aIEGj0mTkFdRhgWNCiDAai7WAragzHyiQZopW27ouso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:92:af:87:d3:ae:3c:89:63:80:7a:52:1d:f0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Jun  7 13:00:36 2025 GMT
            Not After : Jun  8 13:00:36 2025 GMT
        Subject: CN=23b0239c1c78bb2f5ac683d5a6ab84bf0b867cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:95:5d:2c:0d:37:68:8f:71:38:cb:1a:20:7c:
                    6d:f5:3b:fd:5e:ac:9e:6e:9b:f7:fe:c6:87:57:f5:
                    7d:53:76:3c:ac:30:e1:a0:ee:f2:17:12:43:05:17:
                    6a:65:8d:5d:17:b5:38:28:54:46:3e:03:d8:4b:a6:
                    3a:d8:ba:9e:60:f6:18:69:f7:cd:7c:38:ab:19:4c:
                    0b:07:e5:1e:81:55:9d:59:1e:0a:d8:71:58:bd:1b:
                    05:98:d5:d2:6c:ba:01:e7:ab:cf:7e:c6:8b:f1:24:
                    2d:12:19:b2:a8:d5:3f:31:6b:02:76:6d:04:a9:62:
                    64:73:a8:b4:0c:15:90:18:c3:e2:4c:be:3e:ee:7f:
                    7b:00:25:f1:f6:f2:97:d7:6c:fa:3a:cc:18:61:b2:
                    90:f6:a0:01:cc:ea:7e:3f:4b:12:bb:61:0b:19:ef:
                    05:61:f0:8e:f7:a6:7e:3c:40:aa:f9:6f:f5:6a:cb:
                    54:84:72:5c:4b:36:b1:c0:dd:eb:2d:9d:fe:3f:b3:
                    e8:5b:3a:4f:52:21:98:de:37:ea:a2:b9:55:e5:57:
                    64:cc:90:bc:b4:e9:aa:9f:d1:36:e5:49:b1:26:79:
                    c9:b6:bb:67:54:f4:ae:76:32:9b:dc:b8:a1:2e:2b:
                    ca:83:e1:e8:b5:b2:ca:b5:c5:bd:92:d3:34:68:77:
                    06:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B0:23:9C:1C:78:BB:2F:5A:C6:83:D5:A6:AB:84:BF:0B:86:7C:B2
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:10:56:a7:d1:ec:dd:5b:8a:af:06:45:be:28:48:61:23:10:
         55:cd:4e:6a:66:9f:93:c0:ce:c5:de:2d:ce:43:a2:3e:30:1b:
         54:d9:da:25:f4:b4:7b:cf:04:c3:66:e2:2d:1e:ec:9c:4c:97:
         2f:35:e6:be:65:19:52:02:04:05:c4:68:f9:fb:a7:67:d5:7d:
         d4:6b:2b:f5:5a:b1:24:04:25:b7:12:c2:44:4d:e8:41:51:dd:
         56:1b:c0:71:0b:4b:7a:9e:f6:df:5c:bd:ea:f9:8e:fc:c4:d6:
         c4:ea:82:fa:86:23:9f:96:37:83:82:21:9a:00:aa:49:99:3a:
         98:3b:d1:f9:24:32:59:fe:78:cb:12:b2:d8:92:44:95:cb:80:
         ff:f1:2b:07:45:45:5a:41:b8:25:9c:31:48:62:6c:61:5c:68:
         29:02:6c:63:77:91:82:1f:69:33:6d:43:ce:bc:83:fe:34:7a:
         4b:0a:87:4d:4f:83:34:76:5a:ea:ce:de:7a:67:41:9d:cd:cc:
         61:33:03:b3:83:08:48:57:8c:d9:f9:d9:97:fa:6f:d4:11:f6:
         b0:78:e9:98:b7:64:94:f8:2d:f8:d7:0c:eb:30:26:18:32:82:
         a0:3f:e1:e1:f7:72:67:5f:07:58:75:83:47:94:11:cd:0f:d9:
         94:38:b7:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKepKvh9OuPIljgHpSHfCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjUwNjA3MTMwMDM2WhcNMjUwNjA4MTMwMDM2WjAzMTEwLwYDVQQD
EygyM2IwMjM5YzFjNzhiYjJmNWFjNjgzZDVhNmFiODRiZjBiODY3Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZVdLA03aI9xOMsaIHxt9Tv9Xqye
bpv3/saHV/V9U3Y8rDDhoO7yFxJDBRdqZY1dF7U4KFRGPgPYS6Y62LqeYPYYaffN
fDirGUwLB+UegVWdWR4K2HFYvRsFmNXSbLoB56vPfsaL8SQtEhmyqNU/MWsCdm0E
qWJkc6i0DBWQGMPiTL4+7n97ACXx9vKX12z6OswYYbKQ9qABzOp+P0sSu2ELGe8F
YfCO96Z+PECq+W/1astUhHJcSzaxwN3rLZ3+P7PoWzpPUiGY3jfqorlV5VdkzJC8
tOmqn9E25UmxJnnJtrtnVPSudjKb3LihLivKg+HotbLKtcW9ktM0aHcGVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOwI5wceLsvWsaD1aarhL8LhnyyMB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVxBWp9Hs
3VuKrwZFvihIYSMQVc1Oamafk8DOxd4tzkOiPjAbVNnaJfS0e88Ew2biLR7snEyX
LzXmvmUZUgIEBcRo+funZ9V91Gsr9VqxJAQltxLCRE3oQVHdVhvAcQtLep7231y9
6vmO/MTWxOqC+oYjn5Y3g4IhmgCqSZk6mDvR+SQyWf54yxKy2JJElcuA//ErB0VF
WkG4JZwxSGJsYVxoKQJsY3eRgh9pM21DzryD/jR6SwqHTU+DNHZa6s7eemdBnc3M
YTMDs4MISFeM2fnZl/pv1BH2sHjpmLdklPgt+NcM6zAmGDKCoD/h4fdyZ18HWHWD
R5QRzQ/ZlDi3Jg==
-----END CERTIFICATE-----