Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          Y4D1pugxdCGn6uSe3vaQXhaRlCh7m6YJtYa0K264qkA=
Subject key identifier:   A3:B5:AA:F8:60:EF:4A:62:1C:A2:DB:73:FA:7A:D1:64:78:29:8A:A4
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       0197469DA6F952D854956E510523C46B9B12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          0D1C
Signing time:             Fri 06 Jun 2025 19:00:26 +0000
Manifest this update:     Fri 06 Jun 2025 19:00:26 +0000
Manifest next update:     Sat 07 Jun 2025 19:00:26 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: z/sELoIUUtSyKS379/eqwiYNZTcTts6dzVqAMVSio/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 19:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9d:a6:f9:52:d8:54:95:6e:51:05:23:c4:6b:9b:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: Jun  6 19:00:26 2025 GMT
            Not After : Jun  7 19:00:26 2025 GMT
        Subject: CN=a3b5aaf860ef4a621ca2db73fa7ad16478298aa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8d:63:88:4b:e4:15:18:87:9b:e5:0c:ad:52:
                    42:aa:bc:53:dc:96:24:83:f1:f7:75:59:66:de:22:
                    ad:05:21:08:4f:4a:16:7f:26:fa:b5:54:fb:81:cd:
                    5a:aa:89:c5:72:d8:7e:70:64:13:34:03:90:86:36:
                    77:e0:99:32:90:f6:f2:b3:bb:e2:47:09:87:9b:f7:
                    4b:51:7a:b2:46:2f:87:81:e7:7c:fc:85:71:8d:bf:
                    3d:63:23:4f:74:f6:f5:c7:6f:7e:30:4e:8e:95:f4:
                    a6:1a:8b:d0:89:a0:b5:b6:97:38:42:8d:86:7b:c2:
                    58:f9:72:e9:e6:8b:3b:92:57:d6:c9:7b:2b:9c:89:
                    7d:f9:46:59:2f:b3:89:3b:f1:a4:bf:3d:35:52:87:
                    27:b4:09:33:58:d4:ab:15:3b:64:63:ae:3c:18:e1:
                    b6:b9:ed:94:a4:ae:ee:e5:f0:65:e1:4a:0a:4d:64:
                    7c:f8:4e:7f:fa:71:72:c0:2b:33:a0:60:c6:01:55:
                    3e:50:cf:c2:8f:8a:47:69:03:f0:24:9f:4c:d0:9a:
                    89:74:19:65:60:29:48:09:3a:9d:e5:c1:20:30:20:
                    9a:a9:55:53:3a:ef:c7:01:aa:aa:f7:6a:d6:b9:9f:
                    af:f2:f8:e9:29:42:82:24:b1:0a:a4:cb:11:8f:37:
                    ce:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:B5:AA:F8:60:EF:4A:62:1C:A2:DB:73:FA:7A:D1:64:78:29:8A:A4
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:ef:8a:f1:e9:10:aa:da:c9:a5:3d:f7:03:67:6d:03:ab:b3:
         a6:7f:c6:78:e7:71:e1:45:db:75:02:ce:5f:18:bf:cc:99:82:
         14:10:3f:f9:27:f3:2a:76:0a:27:98:a5:85:10:5d:19:47:ca:
         cf:25:fc:f1:3d:cb:e8:3e:d4:2e:13:bb:1e:e9:e1:af:85:04:
         3d:63:68:b7:9f:ef:2d:94:b6:d8:cd:e2:41:7c:a8:6c:ca:3b:
         e0:8f:a7:80:04:6a:d8:17:e7:c8:47:35:7e:30:e4:a8:84:97:
         46:bf:d2:ed:3e:cb:92:6f:0d:d1:4c:f9:6c:dd:60:e0:ef:5d:
         8c:81:b9:20:fe:a7:ca:78:ab:84:7b:5d:6c:ff:fe:5d:26:78:
         ce:45:34:70:0d:f0:d8:1e:99:9f:41:e2:bf:55:da:56:e3:ed:
         90:36:f9:4b:29:01:7e:41:46:79:d7:a8:b5:6b:79:f2:72:dc:
         28:80:53:10:31:f8:af:9e:3b:cb:f6:58:d2:c3:31:fa:d5:1b:
         a1:33:c0:8e:70:e3:f0:2a:c8:e3:47:3b:66:46:b2:2b:64:57:
         a3:3f:7c:91:91:34:de:ab:48:1e:26:ea:54:4f:82:a6:bf:f4:
         2e:19:e0:10:d1:29:c1:06:99:e9:4b:a0:d8:2b:40:30:b4:a8:
         98:27:8d:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnab5UthUlW5RBSPEa5sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjUwNjA2MTkwMDI2WhcNMjUwNjA3MTkwMDI2WjAzMTEwLwYDVQQD
EyhhM2I1YWFmODYwZWY0YTYyMWNhMmRiNzNmYTdhZDE2NDc4Mjk4YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI1jiEvkFRiHm+UMrVJCqrxT3JYk
g/H3dVlm3iKtBSEIT0oWfyb6tVT7gc1aqonFcth+cGQTNAOQhjZ34JkykPbys7vi
RwmHm/dLUXqyRi+Hged8/IVxjb89YyNPdPb1x29+ME6OlfSmGovQiaC1tpc4Qo2G
e8JY+XLp5os7klfWyXsrnIl9+UZZL7OJO/Gkvz01UocntAkzWNSrFTtkY648GOG2
ue2UpK7u5fBl4UoKTWR8+E5/+nFywCszoGDGAVU+UM/Cj4pHaQPwJJ9M0JqJdBll
YClICTqd5cEgMCCaqVVTOu/HAaqq92rWuZ+v8vjpKUKCJLEKpMsRjzfOGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKO1qvhg70piHKLbc/p60WR4KYqkMB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm++K8ekQ
qtrJpT33A2dtA6uzpn/GeOdx4UXbdQLOXxi/zJmCFBA/+SfzKnYKJ5ilhRBdGUfK
zyX88T3L6D7ULhO7Hunhr4UEPWNot5/vLZS22M3iQXyobMo74I+ngARq2BfnyEc1
fjDkqISXRr/S7T7Lkm8N0Uz5bN1g4O9djIG5IP6nynirhHtdbP/+XSZ4zkU0cA3w
2B6Zn0Hiv1XaVuPtkDb5SykBfkFGedeotWt58nLcKIBTEDH4r547y/ZY0sMx+tUb
oTPAjnDj8CrI40c7ZkayK2RXoz98kZE03qtIHibqVE+Cpr/0LhngENEpwQaZ6Uug
2CtAMLSomCeNxw==
-----END CERTIFICATE-----