Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          7dlgdYufz/2UHw2Lr2Gax8vBDkAzfiAXJlct9xr2wEo=
Subject key identifier:   83:23:85:EB:90:EA:A9:4F:42:ED:62:F4:18:2B:C5:66:61:CA:B0:FA
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       01974AB1B016DDD066ECE51F64BEB2DAA7F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0DFD
Signing time:             Sat 07 Jun 2025 14:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 14:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 14:00:48 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: E39V13gqoL90Bs+2YXhP/btelUbtzDpFoDwHAv4ZwsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:b1:b0:16:dd:d0:66:ec:e5:1f:64:be:b2:da:a7:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Jun  7 14:00:48 2025 GMT
            Not After : Jun  8 14:00:48 2025 GMT
        Subject: CN=832385eb90eaa94f42ed62f4182bc56661cab0fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7f:c7:07:47:c3:fb:dc:2d:ed:26:c2:a4:bb:
                    e7:29:20:2d:73:52:e0:d3:6f:87:2b:cc:46:f5:b2:
                    8c:c8:79:57:8b:a9:38:64:ad:95:10:99:76:aa:41:
                    cf:b6:c8:a7:b2:82:6b:ba:10:ae:06:c8:88:75:89:
                    df:90:b1:54:89:ba:a8:73:ce:05:49:25:9a:c9:80:
                    53:e5:a4:76:df:a4:26:3f:89:7e:2b:43:23:d8:f0:
                    f1:2d:84:d5:02:74:5e:53:6f:0d:fa:a0:a4:b4:d4:
                    5d:44:31:ca:57:77:75:86:12:b8:1c:95:0e:fa:58:
                    d3:cd:bb:84:74:fc:68:64:81:f1:a3:59:8a:8b:4f:
                    91:46:41:7e:8b:09:d7:c2:ff:5e:ac:5e:da:6d:7a:
                    83:e2:a9:2b:60:8b:f6:ec:b2:d9:e4:5a:c3:c8:a6:
                    c1:63:f2:9c:b0:08:4a:50:f7:7f:3b:e2:f8:ea:67:
                    99:0c:25:9a:49:6e:56:a6:09:5e:64:9a:37:2e:e1:
                    af:cf:f9:45:89:28:a5:5f:78:2f:8d:ab:b8:24:bb:
                    7d:ac:b3:34:50:06:21:61:74:42:64:28:a6:c6:ba:
                    48:8b:8e:3a:7f:a6:f5:c7:0a:9d:92:a6:0f:3d:0d:
                    91:be:57:6d:c9:bc:aa:36:67:3e:1e:87:ce:94:4c:
                    9c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:23:85:EB:90:EA:A9:4F:42:ED:62:F4:18:2B:C5:66:61:CA:B0:FA
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:c1:b4:70:9b:91:80:8c:c6:b5:b5:68:72:4a:90:ea:d5:a0:
         ab:92:42:8d:bc:48:ed:6a:80:79:21:22:45:3f:7a:3c:45:f3:
         1b:83:ab:33:3c:1e:a6:c2:5c:47:27:2e:de:75:94:37:96:93:
         86:b0:6c:7d:86:5d:6b:94:70:83:61:e1:a7:14:88:c3:af:43:
         25:4b:5b:c6:85:16:0e:db:17:d3:fb:ff:4c:dd:13:c5:aa:0a:
         ac:ef:eb:66:11:20:c6:50:72:b4:3a:e6:7a:0d:ff:41:e0:6e:
         49:74:f9:87:96:71:0d:d9:10:fe:ad:92:68:ac:0a:63:c4:6d:
         6e:44:db:da:90:a0:24:94:78:25:c9:11:63:db:0b:cb:b9:b9:
         6e:84:f5:d0:07:d7:39:ec:a4:0a:e0:49:ad:5b:80:40:50:ab:
         8e:67:e1:46:65:af:d7:8f:b6:7f:44:61:de:d3:3e:b7:db:f5:
         49:72:b0:ca:5e:43:ad:3f:ed:7b:b2:04:51:10:3b:6e:05:c6:
         c5:20:40:a0:d6:c0:3a:27:80:8d:03:df:13:09:71:e0:c9:15:
         92:6f:35:0c:6d:86:b0:31:e7:1b:a5:21:8b:58:01:19:48:af:
         fd:03:1c:5c:1b:87:a5:b8:e6:88:dc:68:3b:8a:da:28:70:39:
         1d:26:b5:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsbAW3dBm7OUfZL6y2qfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwNjA3MTQwMDQ4WhcNMjUwNjA4MTQwMDQ4WjAzMTEwLwYDVQQD
Eyg4MzIzODVlYjkwZWFhOTRmNDJlZDYyZjQxODJiYzU2NjYxY2FiMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun/HB0fD+9wt7SbCpLvnKSAtc1Lg
02+HK8xG9bKMyHlXi6k4ZK2VEJl2qkHPtsinsoJruhCuBsiIdYnfkLFUibqoc84F
SSWayYBT5aR236QmP4l+K0Mj2PDxLYTVAnReU28N+qCktNRdRDHKV3d1hhK4HJUO
+ljTzbuEdPxoZIHxo1mKi0+RRkF+iwnXwv9erF7abXqD4qkrYIv27LLZ5FrDyKbB
Y/KcsAhKUPd/O+L46meZDCWaSW5WpgleZJo3LuGvz/lFiSilX3gvjau4JLt9rLM0
UAYhYXRCZCimxrpIi446f6b1xwqdkqYPPQ2RvldtybyqNmc+HofOlEyctQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIMjheuQ6qlPQu1i9BgrxWZhyrD6MB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHMG0cJuR
gIzGtbVockqQ6tWgq5JCjbxI7WqAeSEiRT96PEXzG4OrMzwepsJcRycu3nWUN5aT
hrBsfYZda5Rwg2HhpxSIw69DJUtbxoUWDtsX0/v/TN0TxaoKrO/rZhEgxlBytDrm
eg3/QeBuSXT5h5ZxDdkQ/q2SaKwKY8RtbkTb2pCgJJR4JckRY9sLy7m5boT10AfX
OeykCuBJrVuAQFCrjmfhRmWv14+2f0Rh3tM+t9v1SXKwyl5DrT/te7IEURA7bgXG
xSBAoNbAOieAjQPfEwlx4MkVkm81DG2GsDHnG6Uhi1gBGUiv/QMcXBuHpbjmiNxo
O4raKHA5HSa1Vw==
-----END CERTIFICATE-----