Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          bN8czzY0eh4nOBSBwSCJ/CXovsOGO9UOt0pkE/3EnlU=
Subject key identifier:   9F:70:00:72:56:51:0D:22:DC:5E:D4:83:67:BD:EE:66:FD:AD:0F:56
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       01974CD78A7FE34386FBA6CE984D635C038C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0C23
Signing time:             Sun 08 Jun 2025 00:01:23 +0000
Manifest this update:     Sun 08 Jun 2025 00:01:23 +0000
Manifest next update:     Mon 09 Jun 2025 00:01:23 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: 3tHwKYJ+gk42nYusopxnfhKTAdkIhYyueurQdoGebL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 00:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:8a:7f:e3:43:86:fb:a6:ce:98:4d:63:5c:03:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Jun  8 00:01:23 2025 GMT
            Not After : Jun  9 00:01:23 2025 GMT
        Subject: CN=9f70007256510d22dc5ed48367bdee66fdad0f56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:44:f5:86:1c:a2:2f:e0:2d:1a:c9:17:cb:b3:
                    a1:c3:a0:9c:63:27:36:68:fa:15:94:15:3d:79:ff:
                    47:cb:a4:b6:5b:a3:13:d6:70:45:44:7b:00:bc:50:
                    aa:de:50:d6:e6:83:3b:8b:09:2b:bf:06:9c:58:9b:
                    a5:f5:b1:8a:74:79:7d:49:cc:37:24:88:eb:e2:a1:
                    ea:90:22:34:b8:38:94:7b:b4:9f:b5:94:27:ac:1f:
                    5d:40:bd:f6:80:a9:b9:15:d6:71:66:27:07:b6:10:
                    fc:36:02:c0:26:d8:9a:bd:36:f7:92:51:f7:0e:b7:
                    7e:7d:a8:d5:43:80:c9:3e:e1:51:32:35:90:5c:58:
                    d5:c9:f9:c5:f1:90:27:58:88:07:05:6b:3c:45:38:
                    51:e7:b7:3a:53:4b:97:b9:9f:fb:92:32:31:6d:74:
                    9c:f4:bc:72:12:94:61:65:a4:2f:e8:90:ff:9a:cb:
                    2d:f6:8f:8a:0f:19:fe:67:a0:41:c2:eb:b1:07:f8:
                    7d:5f:44:de:bd:fe:f6:c8:40:fe:e6:05:71:ea:da:
                    d4:5e:b4:37:29:0a:8b:fb:87:bb:03:eb:40:86:b4:
                    72:f7:79:96:d2:e5:fd:6d:3d:1e:08:2f:b5:e4:81:
                    2e:d4:3d:81:90:d1:bf:84:f7:64:c7:a9:ff:41:9f:
                    fd:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:70:00:72:56:51:0D:22:DC:5E:D4:83:67:BD:EE:66:FD:AD:0F:56
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:14:dd:b0:73:98:b8:47:86:53:b0:4b:97:fd:1e:20:86:c2:
         b7:8c:e8:c0:5e:6c:eb:5d:5f:bb:49:ac:8a:d6:27:b1:c8:99:
         8e:ce:b2:be:1f:14:f3:6b:b1:da:d2:70:4a:17:a0:32:d5:14:
         8d:97:17:c9:6a:a3:4c:7e:c7:fe:3c:32:f2:fd:12:b7:a9:42:
         0d:41:28:d8:86:d5:04:1c:2f:8a:3e:97:f6:74:be:b7:d2:4c:
         3d:6c:21:72:73:0d:19:20:56:a4:c9:fb:23:2e:b1:7e:52:0a:
         03:54:41:4b:45:77:d6:91:65:2e:49:de:aa:7b:e0:8a:5e:85:
         f5:02:3b:54:17:b3:51:3e:85:18:2c:32:e1:2c:cf:2c:6a:75:
         f4:18:b8:7a:8e:76:32:c9:65:60:65:d6:a7:70:61:53:b2:e2:
         62:7b:d8:57:0c:ba:48:87:5a:46:68:c8:2f:0d:e8:b0:70:ff:
         50:88:43:a2:f4:87:ee:65:bc:df:e4:ce:43:2b:12:1a:be:7f:
         09:f0:1d:14:23:db:69:db:a5:9e:63:b7:09:7c:e9:07:e2:a3:
         44:d5:10:79:38:06:c1:57:1c:75:7f:04:17:ab:b2:d6:b2:21:
         6a:9f:34:97:8d:ef:48:f7:53:83:d3:17:44:1c:29:97:36:64:
         2b:77:20:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM14p/40OG+6bOmE1jXAOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwNjA4MDAwMTIzWhcNMjUwNjA5MDAwMTIzWjAzMTEwLwYDVQQD
Eyg5ZjcwMDA3MjU2NTEwZDIyZGM1ZWQ0ODM2N2JkZWU2NmZkYWQwZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkT1hhyiL+AtGskXy7Ohw6CcYyc2
aPoVlBU9ef9Hy6S2W6MT1nBFRHsAvFCq3lDW5oM7iwkrvwacWJul9bGKdHl9Scw3
JIjr4qHqkCI0uDiUe7SftZQnrB9dQL32gKm5FdZxZicHthD8NgLAJtiavTb3klH3
Drd+fajVQ4DJPuFRMjWQXFjVyfnF8ZAnWIgHBWs8RThR57c6U0uXuZ/7kjIxbXSc
9LxyEpRhZaQv6JD/msst9o+KDxn+Z6BBwuuxB/h9X0Tevf72yED+5gVx6trUXrQ3
KQqL+4e7A+tAhrRy93mW0uX9bT0eCC+15IEu1D2BkNG/hPdkx6n/QZ/9ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9wAHJWUQ0i3F7Ug2e97mb9rQ9WMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIxTdsHOY
uEeGU7BLl/0eIIbCt4zowF5s611fu0msitYnsciZjs6yvh8U82ux2tJwShegMtUU
jZcXyWqjTH7H/jwy8v0St6lCDUEo2IbVBBwvij6X9nS+t9JMPWwhcnMNGSBWpMn7
Iy6xflIKA1RBS0V31pFlLkneqnvgil6F9QI7VBezUT6FGCwy4SzPLGp19Bi4eo52
MsllYGXWp3BhU7LiYnvYVwy6SIdaRmjILw3osHD/UIhDovSH7mW83+TOQysSGr5/
CfAdFCPbadulnmO3CXzpB+KjRNUQeTgGwVccdX8EF6uy1rIhap80l43vSPdTg9MX
RBwplzZkK3cg/A==
-----END CERTIFICATE-----