Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
File:                     4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft (raw, json)
Hash identifier:          pgr0iU+aT7VQno/OJSmRKMBz+WorzYvS/51pz37umSY=
Subject key identifier:   39:DC:82:1C:62:A9:65:B7:75:C3:B6:58:9B:53:1F:35:F8:52:B3:E5
Authority key identifier: E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89
Certificate issuer:       /CN=e039649faa8f9de3dae91be799a27e2ca6628789
Certificate serial:       01974A7B2B2FF74148ABAD4D0F24EDDCB805
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 13:01:15 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:15 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:15 +0000
Files and hashes:         1: 4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl (hash: uU5dRMnIqpIwj8It5V2N6TZKgOfl/wcGOuMchwocIwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:2b:2f:f7:41:48:ab:ad:4d:0f:24:ed:dc:b8:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e039649faa8f9de3dae91be799a27e2ca6628789
        Validity
            Not Before: Jun  7 13:01:15 2025 GMT
            Not After : Jun  8 13:01:15 2025 GMT
        Subject: CN=39dc821c62a965b775c3b6589b531f35f852b3e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b8:33:95:28:20:60:bd:06:1e:d4:a3:74:2e:
                    9a:18:47:60:e5:75:ed:13:2c:37:c8:23:19:ff:58:
                    ee:c8:be:5b:67:3a:15:09:a8:aa:2f:d6:cc:fb:b7:
                    4a:4f:c7:80:39:50:e6:e8:2b:98:f4:98:85:6a:09:
                    2d:ed:48:be:96:a3:69:d8:c4:ff:0f:78:92:33:05:
                    75:9a:0c:c4:9f:a7:ba:3a:20:1e:c8:bf:68:ab:db:
                    07:76:dd:d7:25:29:89:1b:d4:aa:36:46:cf:9f:48:
                    17:2d:87:dd:32:53:83:a6:ad:84:a5:2b:b6:83:a7:
                    b5:f5:f5:93:89:31:ab:b4:b8:9e:0d:27:ac:f3:a7:
                    5b:a3:75:94:b1:85:05:6a:36:72:e0:42:08:d1:5b:
                    4e:74:47:0d:0c:3b:33:f3:1a:6f:2e:0d:3d:50:a3:
                    81:6b:c5:3e:13:d7:cf:0c:25:75:16:fb:ce:83:8f:
                    e7:2f:0b:1b:47:72:46:39:5c:0c:ef:fb:2a:b8:d0:
                    f9:47:81:c2:c6:ed:1b:65:08:ef:35:04:e5:9a:a9:
                    0a:96:12:a9:85:b1:c3:85:c4:84:a5:a7:3b:0a:1d:
                    1c:eb:33:03:bb:b6:0b:63:3c:0c:72:07:23:10:75:
                    f9:fe:19:7f:21:40:c0:2a:61:ec:49:99:cf:28:4e:
                    dd:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:DC:82:1C:62:A9:65:B7:75:C3:B6:58:9B:53:1F:35:F8:52:B3:E5
            X509v3 Authority Key Identifier:
                keyid:E0:39:64:9F:AA:8F:9D:E3:DA:E9:1B:E7:99:A2:7E:2C:A6:62:87:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Dlkn6qPnePa6RvnmaJ-LKZih4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/2eface-d0a3-4339-8068-d7678a0787d1/1/4Dlkn6qPnePa6RvnmaJ-LKZih4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:7f:04:fd:6c:d5:27:01:44:bb:cf:4a:4e:73:b7:36:c3:d0:
         1d:81:0a:d5:c5:ef:9a:c0:c6:48:9a:ce:9e:71:ad:72:2e:3f:
         f3:da:ad:39:e7:78:c8:f4:b8:d1:f3:82:41:29:81:dd:7a:a3:
         00:84:9a:03:60:89:07:68:f9:a2:92:ab:79:15:5c:86:b8:3d:
         ea:1c:ec:51:cc:ff:c4:a7:4f:0f:b1:ee:40:a1:d0:b6:02:1a:
         21:1f:51:93:2c:8b:76:92:30:41:84:e8:8f:ce:f5:12:b2:5c:
         30:a1:b8:21:92:99:42:ea:e9:f2:df:97:5c:41:08:43:bf:b8:
         5a:b9:90:c7:31:3b:cc:2b:ca:08:00:19:fd:ff:07:f4:d8:0e:
         ec:2a:89:9c:5a:f1:d0:42:8d:8f:d0:6c:3b:46:b5:13:28:fb:
         ce:52:a5:7c:69:4d:ae:cb:69:19:9c:94:41:14:2d:58:92:d1:
         a4:4f:45:c5:a3:4e:94:92:84:f0:56:0d:4a:42:7f:8f:f3:ce:
         8f:5a:7a:8b:9c:cf:73:06:fc:8e:cb:61:17:e6:fd:d5:5a:aa:
         7d:3b:b1:61:90:70:59:e2:14:7c:90:9b:ac:53:00:cf:e3:11:
         58:60:fb:05:33:93:cd:a0:22:18:a0:fa:09:e4:e8:76:da:81:
         a8:21:ea:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeysv90FIq61NDyTt3LgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMzk2NDlmYWE4ZjlkZTNkYWU5MWJlNzk5YTI3ZTJjYTY2
Mjg3ODkwHhcNMjUwNjA3MTMwMTE1WhcNMjUwNjA4MTMwMTE1WjAzMTEwLwYDVQQD
EygzOWRjODIxYzYyYTk2NWI3NzVjM2I2NTg5YjUzMWYzNWY4NTJiM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrgzlSggYL0GHtSjdC6aGEdg5XXt
Eyw3yCMZ/1juyL5bZzoVCaiqL9bM+7dKT8eAOVDm6CuY9JiFagkt7Ui+lqNp2MT/
D3iSMwV1mgzEn6e6OiAeyL9oq9sHdt3XJSmJG9SqNkbPn0gXLYfdMlODpq2EpSu2
g6e19fWTiTGrtLieDSes86dbo3WUsYUFajZy4EII0VtOdEcNDDsz8xpvLg09UKOB
a8U+E9fPDCV1FvvOg4/nLwsbR3JGOVwM7/squND5R4HCxu0bZQjvNQTlmqkKlhKp
hbHDhcSEpac7Ch0c6zMDu7YLYzwMcgcjEHX5/hl/IUDAKmHsSZnPKE7dvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDncghxiqWW3dcO2WJtTHzX4UrPlMB8GA1UdIwQY
MBaAFOA5ZJ+qj53j2ukb55mifiymYoeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgt
ZDc2NzhhMDc4N2QxLzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8yZWZhY2UtZDBhMy00MzM5LTgwNjgtZDc2NzhhMDc4N2Qx
LzEvNERsa242cVBuZVBhNlJ2bm1hSi1MS1ppaDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD38E/WzV
JwFEu89KTnO3NsPQHYEK1cXvmsDGSJrOnnGtci4/89qtOed4yPS40fOCQSmB3Xqj
AISaA2CJB2j5opKreRVchrg96hzsUcz/xKdPD7HuQKHQtgIaIR9RkyyLdpIwQYTo
j871ErJcMKG4IZKZQurp8t+XXEEIQ7+4WrmQxzE7zCvKCAAZ/f8H9NgO7CqJnFrx
0EKNj9BsO0a1Eyj7zlKlfGlNrstpGZyUQRQtWJLRpE9FxaNOlJKE8FYNSkJ/j/PO
j1p6i5zPcwb8jsthF+b91VqqfTuxYZBwWeIUfJCbrFMAz+MRWGD7BTOTzaAiGKD6
CeTodtqBqCHqBg==
-----END CERTIFICATE-----