Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          HWyrPFJ++kn5Gg7izinlnrzh7jg8zjZe7QKRBmj5Ty8=
Subject key identifier:   CF:C1:D1:20:51:35:3D:68:51:3B:C4:7D:F9:48:B1:52:22:E3:22:B0
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019748F9E476EA4279905EF133ABF8BC80BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          06CE
Signing time:             Sat 07 Jun 2025 06:00:25 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:25 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:25 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: Iqjw7PIJq/kq4r6LwrC9C3+3ix8e2J5xfyBxAszIKeA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:f9:e4:76:ea:42:79:90:5e:f1:33:ab:f8:bc:80:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Jun  7 06:00:25 2025 GMT
            Not After : Jun  8 06:00:25 2025 GMT
        Subject: CN=cfc1d12051353d68513bc47df948b15222e322b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7d:c3:ca:a8:75:d3:fb:01:f5:85:a7:1b:a2:
                    1b:2b:29:4d:45:ce:9b:ea:86:d7:b4:4e:d2:ab:7e:
                    ad:8d:12:4b:12:cd:0b:cd:3a:07:b4:53:6a:29:f3:
                    1e:e2:fc:11:10:40:5a:79:56:85:b7:b3:e1:0a:a1:
                    7a:e2:11:1d:de:6c:4d:38:6d:4b:38:10:5b:b8:0e:
                    59:cd:35:b3:9f:de:c0:52:c4:db:8f:7d:78:a0:b2:
                    4f:9a:1c:ce:7c:c0:b2:a5:cb:10:e4:d4:16:f8:ef:
                    ee:84:2b:2c:dd:c3:01:97:ab:d7:8f:97:75:04:6a:
                    ba:30:0e:f4:b3:5b:10:7f:b7:9f:2d:b8:b5:cd:b4:
                    e2:7a:dd:0f:da:ac:3e:8a:59:a7:da:94:20:5d:15:
                    35:5e:63:1e:ea:a0:ae:a5:0e:d4:0a:a6:6f:86:cd:
                    27:1a:eb:69:09:ed:a2:ef:79:8f:15:d0:5a:82:61:
                    37:ad:01:39:c9:8e:47:12:fb:d6:31:8e:bc:33:82:
                    be:3f:2a:d1:93:2c:5a:b1:6e:bc:4d:d8:2d:51:aa:
                    86:5b:42:6c:5c:17:bb:5b:80:2f:45:6e:0e:7a:a3:
                    22:e1:e5:84:bf:8e:5c:6a:9c:da:dc:c9:ef:d4:a1:
                    5d:a3:a2:1d:30:aa:6f:70:c1:85:2f:8f:fd:ca:a9:
                    ef:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:C1:D1:20:51:35:3D:68:51:3B:C4:7D:F9:48:B1:52:22:E3:22:B0
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:3a:c3:d7:51:7e:c7:16:2c:e1:34:31:22:de:a6:10:aa:4a:
         b4:c7:2d:3a:5a:2a:fb:f8:50:9d:3d:88:cb:4d:bd:ee:ed:9b:
         9a:d1:b4:25:41:7d:d2:21:b0:58:46:b0:a4:1f:f0:7f:62:74:
         50:78:7d:af:a6:97:e0:2b:1a:4c:4c:15:b3:d2:c1:84:ee:f4:
         c8:4f:89:a3:79:78:57:e6:50:2c:a8:12:ca:53:4a:39:30:c7:
         3d:60:d3:4d:86:a0:5a:e6:8a:d2:61:4f:42:4a:61:3e:98:7e:
         e4:3c:1e:40:d1:18:b8:84:6d:a7:00:a0:9c:e9:aa:cb:85:6e:
         f0:6c:4f:e9:66:1a:a8:31:b4:7e:a9:96:bc:01:c9:f5:94:5d:
         ae:7b:c2:1d:90:d7:a2:9b:eb:b9:a4:37:96:d3:fd:05:af:79:
         5d:4a:1a:f4:72:23:49:a5:c4:46:8c:40:cc:53:c0:e3:e0:91:
         7f:52:f2:4c:3d:89:91:dd:1f:43:5b:64:e4:31:0d:7b:f2:d2:
         f4:d1:3f:7f:14:0c:ae:f0:0e:8a:d6:47:78:f5:aa:62:cb:43:
         21:d7:ec:95:94:22:52:1c:c0:40:7a:4d:0b:c3:a2:e5:d5:25:
         2c:8c:c4:fd:d7:95:ce:5c:36:57:6a:5d:fb:cd:53:4c:da:06:
         5c:cf:a9:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+eR26kJ5kF7xM6v4vIC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUwNjA3MDYwMDI1WhcNMjUwNjA4MDYwMDI1WjAzMTEwLwYDVQQD
EyhjZmMxZDEyMDUxMzUzZDY4NTEzYmM0N2RmOTQ4YjE1MjIyZTMyMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs33Dyqh10/sB9YWnG6IbKylNRc6b
6obXtE7Sq36tjRJLEs0LzToHtFNqKfMe4vwREEBaeVaFt7PhCqF64hEd3mxNOG1L
OBBbuA5ZzTWzn97AUsTbj314oLJPmhzOfMCypcsQ5NQW+O/uhCss3cMBl6vXj5d1
BGq6MA70s1sQf7efLbi1zbTiet0P2qw+ilmn2pQgXRU1XmMe6qCupQ7UCqZvhs0n
GutpCe2i73mPFdBagmE3rQE5yY5HEvvWMY68M4K+PyrRkyxasW68TdgtUaqGW0Js
XBe7W4AvRW4OeqMi4eWEv45capza3Mnv1KFdo6IdMKpvcMGFL4/9yqnv0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/B0SBRNT1oUTvEfflIsVIi4yKwMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczrD11F+
xxYs4TQxIt6mEKpKtMctOloq+/hQnT2Iy0297u2bmtG0JUF90iGwWEawpB/wf2J0
UHh9r6aX4CsaTEwVs9LBhO70yE+Jo3l4V+ZQLKgSylNKOTDHPWDTTYagWuaK0mFP
QkphPph+5DweQNEYuIRtpwCgnOmqy4Vu8GxP6WYaqDG0fqmWvAHJ9ZRdrnvCHZDX
opvruaQ3ltP9Ba95XUoa9HIjSaXERoxAzFPA4+CRf1LyTD2Jkd0fQ1tk5DENe/LS
9NE/fxQMrvAOitZHePWqYstDIdfslZQiUhzAQHpNC8Oi5dUlLIzE/deVzlw2V2pd
+81TTNoGXM+pqw==
-----END CERTIFICATE-----