Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          LR7GL/y5GNjwxMVPrxRocztQjIuSavyypBgdvA7sOA4=
Subject key identifier:   4D:4E:B7:EB:26:DC:94:A1:2F:68:32:4E:25:49:8C:E7:9C:E9:2F:11
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       01974A7A75F39301C124904B6DC4D005106F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0B07
Signing time:             Sat 07 Jun 2025 13:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:28 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: iOI1361/5BgyQSB5SjDw7zSNHE1h0Ce7sCMFAk+AjhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:75:f3:93:01:c1:24:90:4b:6d:c4:d0:05:10:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Jun  7 13:00:28 2025 GMT
            Not After : Jun  8 13:00:28 2025 GMT
        Subject: CN=4d4eb7eb26dc94a12f68324e25498ce79ce92f11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6b:ed:fc:ac:23:54:0b:73:d6:b5:4a:fe:0a:
                    db:68:ae:44:6b:58:02:bc:f3:4c:94:4f:6a:db:44:
                    f3:d9:15:84:25:4b:68:ae:d2:d2:39:8e:2a:0b:08:
                    7b:e8:3e:dc:d6:34:aa:e4:be:df:23:00:f4:98:c7:
                    bb:f4:51:3b:77:67:40:78:e1:01:23:0f:df:d0:e2:
                    76:41:16:d4:dc:5c:68:cf:6a:ff:02:27:71:9c:56:
                    52:6b:6f:9c:62:44:de:a9:f5:20:6b:ae:bb:a2:d1:
                    96:da:e9:39:2d:c7:89:0c:eb:be:14:d8:24:4b:dc:
                    6b:28:e5:ba:f6:55:27:e8:00:08:cc:d9:88:7c:8c:
                    03:e5:1e:80:a4:5f:9a:79:49:03:7d:0e:a0:d5:e7:
                    23:e7:92:11:30:e8:3a:3b:6c:14:45:bb:be:89:f3:
                    46:a4:4c:17:37:7a:4c:65:47:8b:ca:d1:04:a3:f8:
                    89:37:22:9c:52:9f:4d:55:a8:e4:9c:10:16:67:b2:
                    31:53:bc:d5:d5:6f:c5:fd:2b:61:eb:f8:b7:71:5c:
                    86:30:92:65:ba:54:45:11:e8:35:33:09:c3:db:55:
                    d0:d8:7b:e9:d8:a4:b8:1f:af:c3:4c:e5:66:d2:b3:
                    0f:c2:78:5e:b0:92:b0:57:aa:d6:6e:0b:cc:3b:b2:
                    62:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4E:B7:EB:26:DC:94:A1:2F:68:32:4E:25:49:8C:E7:9C:E9:2F:11
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:8d:8c:ba:ba:92:56:61:8c:28:89:02:21:dd:f3:67:a0:44:
         c5:98:c4:35:5c:71:76:65:ef:3f:1e:94:14:e1:2a:23:70:bf:
         7b:ce:b8:2c:af:f1:82:9f:dd:47:d2:5a:71:f7:7c:b4:09:d9:
         89:ce:c5:04:09:18:47:10:40:2e:62:91:1a:bf:66:ab:40:21:
         63:09:e7:c0:57:4d:34:29:3c:e6:7d:11:f0:2e:61:6b:e8:c5:
         bf:13:33:32:80:39:dd:01:9e:fa:b9:f6:a6:00:7c:17:8c:23:
         38:e8:7b:97:06:c3:c3:a0:a5:da:3f:be:c8:ad:70:20:24:f2:
         9d:53:ec:82:f1:dd:68:38:5e:ce:1c:df:67:78:86:4c:ce:64:
         c3:05:cb:38:2a:4f:aa:9c:2b:ce:f2:f4:58:b2:04:5c:3f:c9:
         b3:d0:73:65:04:a4:1c:e7:4d:8c:ab:22:6d:bc:73:17:a0:1e:
         4f:39:47:44:6e:be:ed:7b:8b:ec:cc:23:3d:b9:14:e0:e3:a5:
         c5:4c:02:ae:85:6b:2d:84:96:30:66:66:27:26:12:35:1e:9f:
         25:6a:9a:8d:32:5d:34:2c:1e:30:d2:42:ba:34:75:fe:db:51:
         8c:09:57:8b:09:dd:ea:11:34:a5:aa:8b:5a:3c:af:5a:4f:7f:
         6d:0f:b3:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKenXzkwHBJJBLbcTQBRBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwNjA3MTMwMDI4WhcNMjUwNjA4MTMwMDI4WjAzMTEwLwYDVQQD
Eyg0ZDRlYjdlYjI2ZGM5NGExMmY2ODMyNGUyNTQ5OGNlNzljZTkyZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGvt/KwjVAtz1rVK/grbaK5Ea1gC
vPNMlE9q20Tz2RWEJUtortLSOY4qCwh76D7c1jSq5L7fIwD0mMe79FE7d2dAeOEB
Iw/f0OJ2QRbU3Fxoz2r/AidxnFZSa2+cYkTeqfUga667otGW2uk5LceJDOu+FNgk
S9xrKOW69lUn6AAIzNmIfIwD5R6ApF+aeUkDfQ6g1ecj55IRMOg6O2wURbu+ifNG
pEwXN3pMZUeLytEEo/iJNyKcUp9NVajknBAWZ7IxU7zV1W/F/Sth6/i3cVyGMJJl
ulRFEeg1MwnD21XQ2Hvp2KS4H6/DTOVm0rMPwnhesJKwV6rWbgvMO7Ji0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1Ot+sm3JShL2gyTiVJjOec6S8RMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANo2MurqS
VmGMKIkCId3zZ6BExZjENVxxdmXvPx6UFOEqI3C/e864LK/xgp/dR9Jacfd8tAnZ
ic7FBAkYRxBALmKRGr9mq0AhYwnnwFdNNCk85n0R8C5ha+jFvxMzMoA53QGe+rn2
pgB8F4wjOOh7lwbDw6Cl2j++yK1wICTynVPsgvHdaDhezhzfZ3iGTM5kwwXLOCpP
qpwrzvL0WLIEXD/Js9BzZQSkHOdNjKsibbxzF6AeTzlHRG6+7XuL7MwjPbkU4OOl
xUwCroVrLYSWMGZmJyYSNR6fJWqajTJdNCweMNJCujR1/ttRjAlXiwnd6hE0paqL
WjyvWk9/bQ+zPA==
-----END CERTIFICATE-----