Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File:                     H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier:          LdmtRa4O2w6V2+ZeJK8EEAfxCeO8tedpVscCdauGHc0=
Subject key identifier:   0B:AC:64:8B:EA:63:EA:3B:4A:2C:B3:6B:E4:DE:1F:5D:C6:2E:8F:7B
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer:       /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial:       01976584893D8DE513BB9DE89EBE27DBDFDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number:          016C
Signing time:             Thu 12 Jun 2025 19:01:14 +0000
Manifest this update:     Thu 12 Jun 2025 19:01:14 +0000
Manifest next update:     Fri 13 Jun 2025 19:01:14 +0000
Files and hashes:         1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: jNPpLWP6e0tgX5TFQgw9FJK16nZWTzN2zJYwQpFD1Tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 15:17:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:84:89:3d:8d:e5:13:bb:9d:e8:9e:be:27:db:df:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
        Validity
            Not Before: Jun 12 19:01:14 2025 GMT
            Not After : Jun 13 19:01:14 2025 GMT
        Subject: CN=0bac648bea63ea3b4a2cb36be4de1f5dc62e8f7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:91:2c:06:f0:e1:79:2a:8c:a2:b6:51:c3:55:
                    12:6e:3c:93:90:f3:a0:04:7d:c5:91:60:73:1b:ec:
                    43:8b:64:a7:df:09:12:21:68:ef:e2:8f:c8:30:54:
                    92:5e:1a:8b:9f:d3:a4:c4:32:72:2c:b1:6d:86:64:
                    18:2e:39:29:cc:60:7b:0f:a8:d7:dc:a1:36:78:3c:
                    59:16:3e:a1:99:21:1f:0a:a1:2e:b5:67:c4:e2:f7:
                    7d:66:08:0a:9a:57:8a:a5:c1:23:ec:e6:41:50:92:
                    3d:26:e9:ae:a6:b5:8b:b2:36:fa:72:c1:45:b5:ac:
                    03:ee:d4:6b:78:9c:f2:03:9c:1b:a4:d8:2f:3d:0b:
                    35:25:ef:8f:b5:fd:37:9e:80:c8:86:2b:58:04:b1:
                    30:50:63:05:8c:49:b0:f7:61:d2:1f:c1:55:b3:47:
                    ae:89:5a:f7:3a:c9:36:1e:36:32:d4:f7:d3:27:86:
                    d1:65:ac:68:24:a6:b8:c8:c0:d1:a7:48:6f:bb:1a:
                    fd:7f:0d:b9:9b:8d:a9:fb:bf:ab:de:0c:ae:77:d4:
                    19:40:b6:e9:e6:f1:a4:ed:81:dc:d6:17:0f:ac:d5:
                    5b:7d:f8:15:ac:ef:43:ed:36:9a:da:44:0b:70:32:
                    ff:63:38:fd:a5:b8:e1:6e:5c:01:4f:ef:11:5e:0a:
                    cb:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AC:64:8B:EA:63:EA:3B:4A:2C:B3:6B:E4:DE:1F:5D:C6:2E:8F:7B
            X509v3 Authority Key Identifier:
                keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:7b:1f:8b:3d:79:20:d0:15:b0:8c:37:af:30:64:12:74:a7:
         5d:53:ba:0f:b3:e3:00:18:f7:82:4b:b0:2b:f0:f4:1b:79:3a:
         43:c1:5f:52:5c:9f:d9:45:b5:07:c3:90:43:40:f4:40:b3:54:
         c9:39:e5:85:70:b3:ff:3f:40:ef:be:10:20:34:c9:02:b4:b2:
         59:09:b4:e5:57:a3:45:d8:2d:d4:9c:94:7b:a5:48:44:5a:dd:
         d4:6a:b8:93:4c:d2:65:cc:8b:62:20:14:9e:d1:57:a0:b7:12:
         69:39:be:4f:f3:5e:f5:5b:f4:67:c9:b1:f3:5a:32:0a:21:cb:
         91:9c:46:9a:c2:4b:28:36:18:5b:a0:07:96:27:a7:60:03:e1:
         4a:07:9d:34:b3:e2:bc:14:3f:27:2f:37:12:88:6c:c3:fe:49:
         1b:38:3c:d6:8f:bc:22:08:3d:c8:25:d0:15:0c:53:1d:21:33:
         7f:39:69:99:3b:31:b9:7e:61:d5:30:61:16:f3:c5:f0:79:03:
         4d:ec:65:21:d0:5c:73:e2:90:59:5f:05:86:e7:09:38:ec:8c:
         44:4f:55:a2:3b:cb:62:66:bf:db:84:7e:16:c5:35:fa:37:13:
         ac:e8:a6:5e:30:e9:62:b2:69:1e:e8:48:2d:6a:3b:08:46:46:
         47:9f:14:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlhIk9jeUTu53onr4n29/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjUwNjEyMTkwMTE0WhcNMjUwNjEzMTkwMTE0WjAzMTEwLwYDVQQD
EygwYmFjNjQ4YmVhNjNlYTNiNGEyY2IzNmJlNGRlMWY1ZGM2MmU4ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZEsBvDheSqMorZRw1USbjyTkPOg
BH3FkWBzG+xDi2Sn3wkSIWjv4o/IMFSSXhqLn9OkxDJyLLFthmQYLjkpzGB7D6jX
3KE2eDxZFj6hmSEfCqEutWfE4vd9ZggKmleKpcEj7OZBUJI9JumuprWLsjb6csFF
tawD7tRreJzyA5wbpNgvPQs1Je+Ptf03noDIhitYBLEwUGMFjEmw92HSH8FVs0eu
iVr3Osk2HjYy1PfTJ4bRZaxoJKa4yMDRp0hvuxr9fw25m42p+7+r3gyud9QZQLbp
5vGk7YHc1hcPrNVbffgVrO9D7Taa2kQLcDL/Yzj9pbjhblwBT+8RXgrLlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAusZIvqY+o7Siyza+TeH13GLo97MB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHsfiz15
INAVsIw3rzBkEnSnXVO6D7PjABj3gkuwK/D0G3k6Q8FfUlyf2UW1B8OQQ0D0QLNU
yTnlhXCz/z9A774QIDTJArSyWQm05VejRdgt1JyUe6VIRFrd1Gq4k0zSZcyLYiAU
ntFXoLcSaTm+T/Ne9Vv0Z8mx81oyCiHLkZxGmsJLKDYYW6AHlienYAPhSgedNLPi
vBQ/Jy83Eohsw/5JGzg81o+8Igg9yCXQFQxTHSEzfzlpmTsxuX5h1TBhFvPF8HkD
TexlIdBcc+KQWV8FhucJOOyMRE9VojvLYma/24R+FsU1+jcTrOimXjDpYrJpHuhI
LWo7CEZGR58UYg==
-----END CERTIFICATE-----