Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
File:                     u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json)
Hash identifier:          IeOhI4nGLLtm9vmmrVtcEALc4hoq0y+QsPsBsJdXt/c=
Subject key identifier:   66:EF:D6:9B:4A:6C:37:02:9C:4A:DB:27:7C:01:3F:64:39:78:49:9A
Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE
Certificate issuer:       /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
Certificate serial:       01974C68AD25B12918F0DD274C9E06FCC0E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
Manifest number:          0FBE
Signing time:             Sat 07 Jun 2025 22:00:17 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:17 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:17 +0000
Files and hashes:         1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: F80rT9iTJfETfTbVM4AmqxMfalt9hFHQYc4mJm5HVR4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:ad:25:b1:29:18:f0:dd:27:4c:9e:06:fc:c0:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
        Validity
            Not Before: Jun  7 22:00:17 2025 GMT
            Not After : Jun  8 22:00:17 2025 GMT
        Subject: CN=66efd69b4a6c37029c4adb277c013f643978499a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:fb:2b:ea:3d:6e:77:56:55:64:89:52:0b:e2:
                    0d:ce:b5:b0:89:26:fd:7c:9c:b1:fe:db:23:ea:3e:
                    43:cd:05:90:a4:6d:da:a9:39:08:43:53:35:8d:ad:
                    3c:c3:34:68:d1:96:e4:2d:ec:46:d8:fa:e0:b4:02:
                    24:fb:e1:bf:e3:45:0c:ff:e5:14:4d:6d:99:18:6f:
                    47:9d:01:9d:51:87:6b:8c:a8:10:19:36:b8:2b:66:
                    f1:8f:63:3e:4f:50:cf:b4:bb:f6:2e:1c:8d:21:08:
                    cc:5b:a3:71:e6:56:28:49:39:33:df:fb:42:09:50:
                    8f:37:31:9c:2c:a9:a1:ab:e0:9e:92:0d:82:0f:89:
                    70:12:cd:38:3c:fc:b6:bd:6b:53:19:77:2e:93:d6:
                    2a:69:dd:f9:d0:5c:05:a6:1f:3c:a2:fd:58:3b:73:
                    14:52:0f:50:66:15:91:a6:84:8a:a6:10:24:8e:4b:
                    d2:1b:ff:d6:8e:46:d4:92:b3:d3:7d:e8:c7:71:42:
                    1a:92:95:af:a3:a0:86:8d:ce:0c:ef:ed:46:a0:3a:
                    cd:17:29:2f:11:92:65:ad:20:4e:db:01:e5:bd:7c:
                    1a:c4:fe:41:29:6e:a9:8e:ae:f0:9b:99:99:3b:94:
                    76:6e:fb:df:81:58:31:15:10:fc:ec:5e:0f:a4:6b:
                    ca:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:EF:D6:9B:4A:6C:37:02:9C:4A:DB:27:7C:01:3F:64:39:78:49:9A
            X509v3 Authority Key Identifier:
                keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:48:5a:41:ce:4a:af:5a:c5:51:40:ec:d9:f3:77:3f:f9:ca:
         89:a1:16:01:f5:e1:2d:b7:51:b0:1b:9c:e3:b3:e0:c8:58:3b:
         83:91:7c:07:bb:93:55:85:0c:4b:bb:d6:5a:bb:ce:aa:30:99:
         28:d7:2c:ff:3a:a1:47:4e:7f:06:f4:74:30:24:04:e0:71:84:
         56:09:46:e5:cc:bc:64:c7:6d:22:23:03:e6:5b:79:a6:2e:44:
         22:8a:69:99:5c:7c:b6:ba:3c:57:0b:aa:0b:83:53:2e:c4:b6:
         0a:96:40:f7:ba:08:b1:46:48:5a:bf:20:20:0c:01:04:b9:f6:
         2b:6b:a2:22:d3:d5:60:56:93:df:6c:7b:9c:a1:88:b7:b0:41:
         97:21:1d:b5:65:17:21:c3:48:b0:24:cb:99:b8:fc:2d:19:6c:
         88:99:ab:1a:fa:6b:2e:0f:70:ce:fe:36:8e:a6:89:71:ef:ea:
         b1:53:15:4a:04:f8:3c:58:5a:9f:be:e3:65:c0:4d:c7:61:1d:
         c2:1c:2e:70:d9:94:84:e0:80:ba:56:fa:f7:0a:03:e7:36:bb:
         7b:c0:c6:71:24:57:45:c5:8e:46:c7:36:5a:35:08:42:2c:3d:
         f0:51:79:0a:c2:f1:74:8d:19:8b:82:6c:9d:e9:a4:7d:0a:78:
         03:13:98:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaK0lsSkY8N0nTJ4G/MDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy
ZDlmYWUwHhcNMjUwNjA3MjIwMDE3WhcNMjUwNjA4MjIwMDE3WjAzMTEwLwYDVQQD
Eyg2NmVmZDY5YjRhNmMzNzAyOWM0YWRiMjc3YzAxM2Y2NDM5Nzg0OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vsr6j1ud1ZVZIlSC+INzrWwiSb9
fJyx/tsj6j5DzQWQpG3aqTkIQ1M1ja08wzRo0ZbkLexG2PrgtAIk++G/40UM/+UU
TW2ZGG9HnQGdUYdrjKgQGTa4K2bxj2M+T1DPtLv2LhyNIQjMW6Nx5lYoSTkz3/tC
CVCPNzGcLKmhq+Cekg2CD4lwEs04PPy2vWtTGXcuk9Yqad350FwFph88ov1YO3MU
Ug9QZhWRpoSKphAkjkvSG//WjkbUkrPTfejHcUIakpWvo6CGjc4M7+1GoDrNFykv
EZJlrSBO2wHlvXwaxP5BKW6pjq7wm5mZO5R2bvvfgVgxFRD87F4PpGvK/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbv1ptKbDcCnErbJ3wBP2Q5eEmaMB8GA1UdIwQY
MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct
NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3
LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoUhaQc5K
r1rFUUDs2fN3P/nKiaEWAfXhLbdRsBuc47PgyFg7g5F8B7uTVYUMS7vWWrvOqjCZ
KNcs/zqhR05/BvR0MCQE4HGEVglG5cy8ZMdtIiMD5lt5pi5EIoppmVx8tro8Vwuq
C4NTLsS2CpZA97oIsUZIWr8gIAwBBLn2K2uiItPVYFaT32x7nKGIt7BBlyEdtWUX
IcNIsCTLmbj8LRlsiJmrGvprLg9wzv42jqaJce/qsVMVSgT4PFhan77jZcBNx2Ed
whwucNmUhOCAulb69woD5za7e8DGcSRXRcWORsc2WjUIQiw98FF5CsLxdI0Zi4Js
nemkfQp4AxOYZQ==
-----END CERTIFICATE-----