Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          0Eq88GucoerMMRVnpwZdE8nMRBhfp2LKi6nighjfJDw=
Subject key identifier:   AA:BF:72:CA:CB:34:E2:A4:67:D8:83:0C:75:55:56:FF:9C:BB:9B:CD
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       019746D47F73CDF7335C3D4A2EE0A1731E8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          0E6F
Signing time:             Fri 06 Jun 2025 20:00:20 +0000
Manifest this update:     Fri 06 Jun 2025 20:00:20 +0000
Manifest next update:     Sat 07 Jun 2025 20:00:20 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: Pt8sTSYCHzKuHyqfTZ0VFR/jjC8lyWFqmkIX6f3npgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:d4:7f:73:cd:f7:33:5c:3d:4a:2e:e0:a1:73:1e:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Jun  6 20:00:20 2025 GMT
            Not After : Jun  7 20:00:20 2025 GMT
        Subject: CN=aabf72cacb34e2a467d8830c755556ff9cbb9bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b9:25:4b:43:b6:07:8c:6d:88:7b:2b:66:1f:
                    21:bd:a6:1a:ce:ac:35:d4:39:81:5c:ca:f4:86:fd:
                    03:4f:46:19:ef:38:41:f8:e8:53:36:54:30:17:e1:
                    39:8c:24:0f:8d:29:bf:6f:ee:0c:db:50:f6:7a:30:
                    93:49:a8:f3:a9:67:e8:21:e3:4d:ac:3d:99:96:fc:
                    53:e5:24:27:e7:e5:38:84:69:b0:5f:3a:39:01:bf:
                    59:d8:15:14:67:3e:39:c4:07:a8:02:bc:e3:81:d2:
                    93:fc:14:12:cf:c1:0d:3c:56:68:59:50:3e:32:14:
                    0c:1e:7f:29:f2:93:2f:44:33:e3:2e:ba:77:90:51:
                    32:b8:73:15:e4:59:63:aa:2c:9a:67:ae:cb:dc:f1:
                    d9:18:59:ba:e3:94:5e:69:08:84:fb:d7:d8:61:fd:
                    9f:a6:ec:98:2b:cf:58:ad:a0:37:36:ad:be:70:1a:
                    b9:b8:c7:50:ad:fe:6c:58:64:22:db:e8:c7:b4:60:
                    54:19:78:65:eb:07:04:d5:84:92:d0:1a:aa:d3:bf:
                    62:43:90:5a:14:2b:cf:0b:6a:31:e2:f2:a0:f1:87:
                    55:da:44:e2:98:19:7a:55:fd:d4:83:23:12:41:47:
                    52:15:af:32:3f:39:49:e5:b9:0f:f6:81:e1:22:9f:
                    cc:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:BF:72:CA:CB:34:E2:A4:67:D8:83:0C:75:55:56:FF:9C:BB:9B:CD
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:86:2d:91:ed:99:5c:fb:40:86:29:4f:81:30:ee:79:a0:92:
         06:da:9d:50:94:9d:a5:0c:c8:81:31:b2:98:6b:d8:53:9e:9b:
         43:ea:fa:ca:c6:1f:f6:2e:7c:5f:15:10:4d:be:90:f1:2a:74:
         6a:4f:70:79:e0:d3:1c:9f:e1:05:c3:fd:16:64:cc:f8:80:53:
         cd:e0:5e:ff:74:1b:00:e1:f5:af:9c:ee:dd:07:13:59:8c:25:
         21:5b:d7:a2:18:c9:cf:c8:24:2e:ba:a0:55:d3:0f:61:b7:13:
         7a:6e:ab:21:26:8d:d9:5c:bb:fe:3c:83:c2:db:19:dc:09:e0:
         65:e2:92:b4:10:e6:f9:ab:4a:1a:29:db:56:e1:3c:b7:59:84:
         25:d8:99:91:f0:86:c3:77:73:d1:38:0d:4b:a6:f0:6f:e9:35:
         6c:53:ae:c3:0b:94:73:55:d5:a1:d1:42:a5:b5:87:62:ad:99:
         0a:f4:29:f0:ce:da:40:23:3a:4a:85:f2:4c:4e:11:4f:99:9b:
         3b:e2:e9:ab:f8:65:c8:04:0f:0c:a9:1d:77:50:22:ac:a2:2b:
         13:cc:68:c1:de:96:fb:39:60:63:f9:fc:36:52:29:57:86:f4:
         de:12:9b:d3:95:ed:d9:27:f5:7f:0b:cd:38:0e:a2:7e:c3:31:
         17:1d:a7:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdG1H9zzfczXD1KLuChcx6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjUwNjA2MjAwMDIwWhcNMjUwNjA3MjAwMDIwWjAzMTEwLwYDVQQD
EyhhYWJmNzJjYWNiMzRlMmE0NjdkODgzMGM3NTU1NTZmZjljYmI5YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLklS0O2B4xtiHsrZh8hvaYazqw1
1DmBXMr0hv0DT0YZ7zhB+OhTNlQwF+E5jCQPjSm/b+4M21D2ejCTSajzqWfoIeNN
rD2ZlvxT5SQn5+U4hGmwXzo5Ab9Z2BUUZz45xAeoArzjgdKT/BQSz8ENPFZoWVA+
MhQMHn8p8pMvRDPjLrp3kFEyuHMV5FljqiyaZ67L3PHZGFm645ReaQiE+9fYYf2f
puyYK89YraA3Nq2+cBq5uMdQrf5sWGQi2+jHtGBUGXhl6wcE1YSS0Bqq079iQ5Ba
FCvPC2ox4vKg8YdV2kTimBl6Vf3UgyMSQUdSFa8yPzlJ5bkP9oHhIp/M8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq/csrLNOKkZ9iDDHVVVv+cu5vNMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYIYtke2Z
XPtAhilPgTDueaCSBtqdUJSdpQzIgTGymGvYU56bQ+r6ysYf9i58XxUQTb6Q8Sp0
ak9weeDTHJ/hBcP9FmTM+IBTzeBe/3QbAOH1r5zu3QcTWYwlIVvXohjJz8gkLrqg
VdMPYbcTem6rISaN2Vy7/jyDwtsZ3AngZeKStBDm+atKGinbVuE8t1mEJdiZkfCG
w3dz0TgNS6bwb+k1bFOuwwuUc1XVodFCpbWHYq2ZCvQp8M7aQCM6SoXyTE4RT5mb
O+Lpq/hlyAQPDKkdd1AirKIrE8xowd6W+zlgY/n8NlIpV4b03hKb05Xt2Sf1fwvN
OA6ifsMxFx2nVQ==
-----END CERTIFICATE-----