Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          /moukD/Jc6wwBXqgmp90PNymjsU8M4fpYUiTLu3RqVU=
Subject key identifier:   8D:6E:0E:2F:90:96:96:F4:CD:8A:61:BF:A4:9C:0A:B8:0C:D2:7C:C4
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       01974C69759B34D882A906D7D1B09BCFB44B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          14CE
Signing time:             Sat 07 Jun 2025 22:01:09 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:09 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:09 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: 1h/GJgVZpEYS26oRr5KfW0RVWjDYHoFEcj3eV7BUSH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:75:9b:34:d8:82:a9:06:d7:d1:b0:9b:cf:b4:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Jun  7 22:01:09 2025 GMT
            Not After : Jun  8 22:01:09 2025 GMT
        Subject: CN=8d6e0e2f909696f4cd8a61bfa49c0ab80cd27cc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:57:f7:46:31:95:f8:72:d2:f6:64:77:90:60:
                    8e:cd:94:00:0d:0e:78:66:45:04:30:ff:0b:d5:90:
                    f2:9b:61:ae:07:2c:b8:a4:11:fd:7c:b2:9c:37:80:
                    8c:92:f9:0f:b0:9b:5c:f6:fb:5b:d3:2a:f5:3e:9b:
                    32:10:7c:94:75:cf:a5:77:96:3a:f0:e6:c4:cb:12:
                    5d:e2:2d:a5:59:4d:1e:e5:56:4b:41:89:59:84:c7:
                    e1:64:aa:35:34:52:86:a4:e7:e5:7d:16:ad:9e:a7:
                    06:d1:6c:a4:d9:4a:ec:74:7a:0b:53:5f:f3:1c:4f:
                    26:23:8e:27:05:78:03:1a:15:cd:8d:de:d7:e6:f8:
                    65:1d:a6:53:df:56:b4:d1:ad:0d:97:7d:fb:ab:86:
                    55:98:b2:91:7b:aa:8d:14:74:25:3c:7c:fe:8a:13:
                    5d:4d:c2:17:fc:90:d2:97:72:6b:40:2a:f2:17:6f:
                    e6:5a:02:71:be:4a:3d:1f:77:b8:d0:ec:18:2c:d4:
                    37:0c:5a:bb:e7:3f:b1:bd:14:60:c2:9f:fd:57:00:
                    df:b0:95:8f:e8:1a:4e:f4:74:65:c1:da:01:79:45:
                    f2:65:c5:90:9c:34:7c:95:e0:95:b4:9b:a3:b5:2d:
                    8c:0c:4a:95:64:fc:0c:13:fb:1a:03:2f:71:07:5f:
                    7f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:6E:0E:2F:90:96:96:F4:CD:8A:61:BF:A4:9C:0A:B8:0C:D2:7C:C4
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:bf:4b:20:96:0c:3f:20:4a:2a:51:86:0e:ce:9c:e9:27:71:
         a2:cb:05:08:50:3a:69:69:ec:6e:e0:03:e6:42:02:61:cc:72:
         71:52:18:55:38:1d:69:18:92:7d:f3:2b:5f:f1:e9:78:e0:52:
         01:88:dc:cc:a8:5f:bd:ba:7f:fd:63:e2:23:a1:66:ef:6e:49:
         0d:35:8e:a3:1f:a8:e2:59:50:a9:68:2c:8c:9d:d1:10:f5:f8:
         b6:47:72:11:36:71:6e:97:cd:20:81:64:36:70:f5:21:2d:7e:
         13:5e:6d:83:3b:35:6c:46:a9:f6:b1:b8:68:79:c1:10:a3:2c:
         81:9c:96:2d:45:a4:6d:bc:dd:85:21:f5:b5:f2:c6:74:2f:66:
         56:3b:ec:ba:3c:23:94:d9:90:23:49:8e:7f:31:09:e8:55:aa:
         7a:69:0f:3c:a8:2b:aa:ee:bf:89:03:4d:d3:7f:f3:2f:c7:92:
         ba:70:f0:0e:9c:4f:66:f1:04:d9:ba:b9:ae:5f:59:62:56:7c:
         97:a3:b1:7c:24:81:5b:cc:84:39:de:34:48:06:22:70:c9:2a:
         4d:a3:3d:c6:3c:cf:8c:7e:4a:a4:ee:db:4f:82:7e:75:4d:ae:
         e9:ea:6c:4e:a1:6e:86:6c:23:48:ff:07:9e:f9:15:8b:e1:21:
         4e:1c:33:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaXWbNNiCqQbX0bCbz7RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwNjA3MjIwMTA5WhcNMjUwNjA4MjIwMTA5WjAzMTEwLwYDVQQD
Eyg4ZDZlMGUyZjkwOTY5NmY0Y2Q4YTYxYmZhNDljMGFiODBjZDI3Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ff3RjGV+HLS9mR3kGCOzZQADQ54
ZkUEMP8L1ZDym2GuByy4pBH9fLKcN4CMkvkPsJtc9vtb0yr1PpsyEHyUdc+ld5Y6
8ObEyxJd4i2lWU0e5VZLQYlZhMfhZKo1NFKGpOflfRatnqcG0Wyk2UrsdHoLU1/z
HE8mI44nBXgDGhXNjd7X5vhlHaZT31a00a0Nl337q4ZVmLKRe6qNFHQlPHz+ihNd
TcIX/JDSl3JrQCryF2/mWgJxvko9H3e40OwYLNQ3DFq75z+xvRRgwp/9VwDfsJWP
6BpO9HRlwdoBeUXyZcWQnDR8leCVtJujtS2MDEqVZPwME/saAy9xB19/dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1uDi+Qlpb0zYphv6ScCrgM0nzEMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZL9LIJYM
PyBKKlGGDs6c6SdxossFCFA6aWnsbuAD5kICYcxycVIYVTgdaRiSffMrX/HpeOBS
AYjczKhfvbp//WPiI6Fm725JDTWOox+o4llQqWgsjJ3REPX4tkdyETZxbpfNIIFk
NnD1IS1+E15tgzs1bEap9rG4aHnBEKMsgZyWLUWkbbzdhSH1tfLGdC9mVjvsujwj
lNmQI0mOfzEJ6FWqemkPPKgrqu6/iQNN03/zL8eSunDwDpxPZvEE2bq5rl9ZYlZ8
l6OxfCSBW8yEOd40SAYicMkqTaM9xjzPjH5KpO7bT4J+dU2u6epsTqFuhmwjSP8H
nvkVi+EhThwzyg==
-----END CERTIFICATE-----