Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          CDHXq+JMmWIDr98OMp2PU+1rU2PyjHFzME/LrinbvZ4=
Subject key identifier:   E2:CA:8F:B7:B1:3B:32:6A:43:E7:2B:27:28:8F:18:04:EE:C7:0A:8C
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       01974EC5A609EBEB24DEDCB7991C51DE3C47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0806
Signing time:             Sun 08 Jun 2025 09:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 09:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 09:01:05 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: +K1PcBfGzQHvOYtgnp136yIESnayO91cmAdu8TNt+3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 09:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:c5:a6:09:eb:eb:24:de:dc:b7:99:1c:51:de:3c:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Jun  8 09:01:05 2025 GMT
            Not After : Jun  9 09:01:05 2025 GMT
        Subject: CN=e2ca8fb7b13b326a43e72b27288f1804eec70a8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:28:2c:3f:e8:ec:26:7a:90:37:f6:60:eb:db:
                    a8:53:1e:c0:1e:49:cd:9b:96:01:44:0b:96:18:31:
                    27:21:50:73:ef:15:87:4d:41:79:ac:36:3b:8e:99:
                    f1:b1:91:20:fa:88:ac:b5:a8:8e:1e:8c:50:33:bc:
                    91:64:be:55:08:c4:cb:17:8b:35:a0:f4:64:d9:fc:
                    03:72:a0:60:e6:5f:09:9e:5d:6f:f9:4c:b2:d3:1f:
                    54:76:81:58:9c:27:a8:dd:ac:73:81:7d:64:ed:a9:
                    fe:5d:17:07:bf:64:67:ea:6e:16:e3:fb:47:56:10:
                    b7:a5:d7:b0:62:10:48:ee:a5:1f:65:a4:a4:e6:a0:
                    cf:21:af:4e:c9:70:44:3c:bb:65:ec:e3:34:56:2d:
                    62:c5:8b:57:0b:3c:f4:48:0f:fd:67:cd:42:84:14:
                    74:a6:75:d8:e5:19:80:6e:65:86:f0:19:24:4d:b4:
                    11:52:90:be:fa:00:36:d5:e3:5b:68:d3:58:27:93:
                    a0:e9:9e:58:99:40:e7:5c:25:a7:a1:0d:2a:d0:37:
                    3e:c9:c7:63:1d:a5:35:34:17:e7:29:ed:74:e1:c8:
                    e5:78:04:cd:01:08:6f:38:6c:63:48:be:f3:95:60:
                    4c:61:6d:96:d0:a7:cd:47:6a:e8:a7:b1:44:d2:d0:
                    9c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:CA:8F:B7:B1:3B:32:6A:43:E7:2B:27:28:8F:18:04:EE:C7:0A:8C
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:92:e3:70:14:65:63:ec:27:02:2b:74:59:4e:27:44:58:1e:
         f9:7b:75:92:38:cd:a1:7a:66:76:72:99:10:06:f1:87:3d:b7:
         40:33:4d:77:02:f1:4b:fc:0b:69:5f:97:e6:06:ff:ad:b4:e6:
         fe:9b:2b:a6:b2:57:5e:61:4d:c4:e3:50:83:dc:f7:c1:a4:07:
         5c:b5:63:4e:2a:3f:4e:c4:5c:54:89:33:48:29:d8:1f:cd:cf:
         29:10:74:66:de:bd:32:7d:0d:02:5e:c9:78:80:19:00:38:58:
         96:31:b8:1a:51:6f:75:6b:41:49:b0:11:76:36:aa:52:e0:9b:
         e4:3d:07:c4:5b:b1:d0:9c:db:76:23:ec:e4:6a:7f:bb:a5:13:
         f2:95:7d:cd:03:16:b5:6b:78:bb:9b:1d:5b:77:47:d3:e5:20:
         2f:ad:2b:b3:ab:93:a2:f3:45:84:b0:2d:9e:60:58:a0:75:94:
         fc:b8:bc:f0:e0:27:a5:a6:bf:63:4f:31:ea:23:87:ac:e4:41:
         28:48:36:a0:f5:9b:5d:c8:9a:7c:6c:39:3c:a0:4a:36:85:2e:
         4b:f9:72:5d:c3:68:8b:36:40:52:12:12:a7:67:25:fc:02:95:
         37:62:64:da:c0:fb:ff:66:a9:3b:61:56:1d:f1:e4:c4:05:8a:
         44:7b:ff:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOxaYJ6+sk3ty3mRxR3jxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUwNjA4MDkwMTA1WhcNMjUwNjA5MDkwMTA1WjAzMTEwLwYDVQQD
EyhlMmNhOGZiN2IxM2IzMjZhNDNlNzJiMjcyODhmMTgwNGVlYzcwYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnygsP+jsJnqQN/Zg69uoUx7AHknN
m5YBRAuWGDEnIVBz7xWHTUF5rDY7jpnxsZEg+oistaiOHoxQM7yRZL5VCMTLF4s1
oPRk2fwDcqBg5l8Jnl1v+Uyy0x9UdoFYnCeo3axzgX1k7an+XRcHv2Rn6m4W4/tH
VhC3pdewYhBI7qUfZaSk5qDPIa9OyXBEPLtl7OM0Vi1ixYtXCzz0SA/9Z81ChBR0
pnXY5RmAbmWG8BkkTbQRUpC++gA21eNbaNNYJ5Og6Z5YmUDnXCWnoQ0q0Dc+ycdj
HaU1NBfnKe104cjleATNAQhvOGxjSL7zlWBMYW2W0KfNR2rop7FE0tCcAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOLKj7exOzJqQ+crJyiPGATuxwqMMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJLjcBRl
Y+wnAit0WU4nRFge+Xt1kjjNoXpmdnKZEAbxhz23QDNNdwLxS/wLaV+X5gb/rbTm
/psrprJXXmFNxONQg9z3waQHXLVjTio/TsRcVIkzSCnYH83PKRB0Zt69Mn0NAl7J
eIAZADhYljG4GlFvdWtBSbARdjaqUuCb5D0HxFux0JzbdiPs5Gp/u6UT8pV9zQMW
tWt4u5sdW3dH0+UgL60rs6uTovNFhLAtnmBYoHWU/Li88OAnpaa/Y08x6iOHrORB
KEg2oPWbXciafGw5PKBKNoUuS/lyXcNoizZAUhISp2cl/AKVN2Jk2sD7/2apO2FW
HfHkxAWKRHv/pA==
-----END CERTIFICATE-----