Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          Mzs4T8VpV1pS9uP7QxPoE45nzkNrfQodxfAGL/zz6I8=
Subject key identifier:   EF:A4:51:CA:16:C3:B7:BB:CB:5F:76:BA:60:07:41:93:C1:BE:45:DE
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       01975490B156667C6197F7A98C4E01275EB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          08B2
Signing time:             Mon 09 Jun 2025 12:00:58 +0000
Manifest this update:     Mon 09 Jun 2025 12:00:58 +0000
Manifest next update:     Tue 10 Jun 2025 12:00:58 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: pNBcGpoHbj5/ZtU0BolDnEQLME2gBRzL8cKpUnOMjQE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:90:b1:56:66:7c:61:97:f7:a9:8c:4e:01:27:5e:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Jun  9 12:00:58 2025 GMT
            Not After : Jun 10 12:00:58 2025 GMT
        Subject: CN=efa451ca16c3b7bbcb5f76ba60074193c1be45de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:88:29:22:8d:9c:5a:af:3b:3e:f9:f0:18:47:
                    e3:18:c0:11:36:c0:63:e0:11:a1:b2:71:73:fa:63:
                    4c:09:94:01:72:b4:cb:1d:25:5b:39:d1:d0:8b:cb:
                    04:b0:6c:2e:f2:71:8b:a0:26:54:2a:04:11:91:14:
                    4f:00:d5:8e:bc:b1:4b:08:90:d0:25:d5:0a:50:1e:
                    7e:cf:95:3b:51:51:6a:22:1e:59:b0:b1:cc:cd:32:
                    0c:69:b2:5f:4d:fd:d9:bd:4c:88:ef:d0:a4:9f:6e:
                    31:e7:a6:16:db:5d:45:28:49:a8:f6:00:3a:29:58:
                    7c:8b:cc:9b:25:b8:0d:b5:8c:5f:f4:95:e8:c6:3f:
                    27:ff:a0:31:c3:f5:d0:c9:24:c7:45:97:a7:b0:4b:
                    12:d0:ba:b2:80:29:46:6d:c2:4d:f7:83:85:a1:53:
                    21:eb:e7:c6:e7:44:86:ec:46:eb:59:81:b3:27:8e:
                    b9:e7:a3:d0:24:7f:c6:b6:ad:e1:b7:cd:a7:ae:3f:
                    dc:0b:25:46:0c:31:26:1a:20:84:62:dd:a3:f3:44:
                    fd:ed:17:86:17:ee:1c:04:be:f0:be:3f:29:f7:57:
                    f6:57:90:41:46:fe:46:01:19:1e:07:e1:c4:c4:06:
                    82:d6:a4:97:44:00:a1:26:ee:f8:48:9e:59:89:56:
                    1e:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A4:51:CA:16:C3:B7:BB:CB:5F:76:BA:60:07:41:93:C1:BE:45:DE
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:d7:f6:64:61:44:6c:66:ff:ca:f5:ca:f0:5e:e4:a0:86:d9:
         1b:1d:66:09:e7:a0:c8:5b:19:48:12:53:19:d9:14:0e:0a:9d:
         ce:5b:cd:97:b6:9a:1e:8d:a8:f6:85:27:22:f4:7f:df:49:fa:
         e6:b8:29:b9:f6:a0:6c:fb:c7:6d:0e:55:0a:6f:6f:80:1b:fa:
         69:1c:91:aa:36:98:35:e6:23:83:16:ff:4b:d8:9b:d3:2a:11:
         a9:ba:aa:ea:be:05:01:d5:55:32:ad:1c:6d:5d:f0:7a:6d:f2:
         33:e4:bc:b5:14:d1:4a:f1:f8:50:dd:8b:85:12:c6:ec:ee:f3:
         9d:6f:07:25:df:a9:10:a0:ec:75:13:2a:90:6f:71:a4:c8:fc:
         8c:29:00:7c:51:76:e9:b4:86:23:37:6d:2d:51:58:ad:e5:3d:
         d5:55:07:31:93:87:bc:e6:f2:93:21:f9:d9:69:c5:a3:41:6c:
         2f:14:26:ec:e2:29:a1:bc:d8:57:e8:1b:f9:8a:e2:40:2b:3b:
         ce:93:0c:8d:24:d3:c3:38:1b:91:8e:8b:e1:b8:99:68:3c:4b:
         5d:02:7f:fd:a4:90:67:30:62:75:f6:31:3a:b5:8a:b0:1c:4f:
         ff:a9:b5:ac:37:9b:5a:9d:10:d8:49:81:8e:c2:89:f4:0f:bd:
         5d:c3:cc:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUkLFWZnxhl/epjE4BJ160MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjUwNjA5MTIwMDU4WhcNMjUwNjEwMTIwMDU4WjAzMTEwLwYDVQQD
EyhlZmE0NTFjYTE2YzNiN2JiY2I1Zjc2YmE2MDA3NDE5M2MxYmU0NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnogpIo2cWq87PvnwGEfjGMARNsBj
4BGhsnFz+mNMCZQBcrTLHSVbOdHQi8sEsGwu8nGLoCZUKgQRkRRPANWOvLFLCJDQ
JdUKUB5+z5U7UVFqIh5ZsLHMzTIMabJfTf3ZvUyI79Ckn24x56YW211FKEmo9gA6
KVh8i8ybJbgNtYxf9JXoxj8n/6Axw/XQySTHRZensEsS0LqygClGbcJN94OFoVMh
6+fG50SG7EbrWYGzJ46556PQJH/Gtq3ht82nrj/cCyVGDDEmGiCEYt2j80T97ReG
F+4cBL7wvj8p91f2V5BBRv5GARkeB+HExAaC1qSXRAChJu74SJ5ZiVYezQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+kUcoWw7e7y192umAHQZPBvkXeMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzNf2ZGFE
bGb/yvXK8F7koIbZGx1mCeegyFsZSBJTGdkUDgqdzlvNl7aaHo2o9oUnIvR/30n6
5rgpufagbPvHbQ5VCm9vgBv6aRyRqjaYNeYjgxb/S9ib0yoRqbqq6r4FAdVVMq0c
bV3wem3yM+S8tRTRSvH4UN2LhRLG7O7znW8HJd+pEKDsdRMqkG9xpMj8jCkAfFF2
6bSGIzdtLVFYreU91VUHMZOHvObykyH52WnFo0FsLxQm7OIpobzYV+gb+YriQCs7
zpMMjSTTwzgbkY6L4biZaDxLXQJ//aSQZzBidfYxOrWKsBxP/6m1rDebWp0Q2EmB
jsKJ9A+9XcPMbw==
-----END CERTIFICATE-----