Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          fQsma1JYEDp185+Gf2UenLSA0Y70HQGTICwe9WZx0GI=
Subject key identifier:   02:3E:16:78:6A:93:9A:C4:71:DC:EB:F5:42:59:07:D9:9A:05:54:12
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019651C96F7EAE95B89FF15267FCBA41637D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0C07
Signing time:             Sun 20 Apr 2025 06:01:17 +0000
Manifest this update:     Sun 20 Apr 2025 06:01:17 +0000
Manifest next update:     Mon 21 Apr 2025 06:01:17 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: d/G8wNPTPpAy6kUr9KNCPHsHsikLXCgaSdcz3DLUjEM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 06:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:c9:6f:7e:ae:95:b8:9f:f1:52:67:fc:ba:41:63:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Apr 20 06:01:17 2025 GMT
            Not After : Apr 21 06:01:17 2025 GMT
        Subject: CN=023e16786a939ac471dcebf5425907d99a055412
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:12:51:9a:ea:8a:bd:6b:29:05:d3:6c:12:5b:
                    1e:4d:38:36:44:40:da:76:ac:bf:83:cf:6a:80:89:
                    28:e9:b7:6f:3c:20:61:25:6c:31:ba:a2:1a:ff:8c:
                    79:ef:42:e1:bd:fe:5d:e2:d9:6a:de:38:e5:2a:09:
                    35:6c:87:31:42:a0:79:3a:15:8b:19:0e:a3:1c:3f:
                    e4:6e:ca:dc:69:82:6b:bf:e9:99:6b:06:03:b2:a0:
                    da:25:e3:b0:8a:93:8f:80:51:ae:9c:91:19:24:ee:
                    84:a8:ba:be:92:37:ad:41:ab:ed:7f:37:91:d8:da:
                    49:cc:25:c0:15:95:af:a2:98:8b:8c:fe:9b:34:96:
                    ef:bf:bf:be:d7:db:12:45:59:fd:f5:6c:c5:85:1c:
                    0a:20:26:c7:74:3f:06:3f:29:4d:99:87:c3:40:84:
                    a5:92:8a:ad:5c:f2:58:35:d4:fd:89:70:f4:7d:13:
                    68:ff:24:b6:6b:74:1d:0d:e6:5d:8c:1a:95:24:c2:
                    78:d7:20:6e:19:ab:fc:b1:20:bf:90:18:b8:09:62:
                    d6:d1:ba:b2:27:ad:0e:c0:14:46:45:bb:6b:03:34:
                    59:6b:e8:37:17:dd:3f:be:d4:36:88:39:7f:90:18:
                    97:98:1a:df:ba:37:ad:20:f4:bd:98:38:3a:35:94:
                    b5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:3E:16:78:6A:93:9A:C4:71:DC:EB:F5:42:59:07:D9:9A:05:54:12
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ac:56:e8:e2:98:aa:31:6b:03:b1:6e:64:4a:3c:4d:c8:f1:
         4a:0b:ed:72:56:8c:d2:9a:c2:be:78:e6:fb:40:e2:0b:b8:ad:
         00:ae:33:30:cc:38:b0:75:31:64:93:40:15:69:7b:e5:82:c8:
         20:ce:f0:0a:2f:23:e4:23:ed:20:9e:4c:c2:e7:89:68:1b:32:
         1c:5f:d6:62:3a:14:25:18:b1:f2:b8:3a:ba:ce:f1:b4:9a:58:
         02:d7:c5:ad:80:65:a5:38:8e:76:c1:4f:3a:f7:d8:28:e0:b0:
         30:fc:b5:ef:32:1f:d1:d9:61:d2:2c:dc:87:a3:26:b1:de:29:
         b3:00:a2:6b:21:7d:0a:05:8f:a0:5b:92:a2:4b:31:c7:d9:5e:
         28:c0:c7:17:c8:2f:ef:86:95:34:bd:9e:50:6e:58:08:be:3e:
         cd:0a:31:cc:00:9a:15:33:e2:4b:53:a4:fb:db:a4:0b:5a:19:
         e0:f7:b6:d7:84:01:b7:f8:eb:18:3d:14:24:18:0a:40:bb:e2:
         a9:6c:02:40:9e:88:0a:c9:7c:14:b3:0c:07:45:15:29:93:b7:
         ab:6c:ba:fe:a8:65:27:e3:de:6c:76:bc:96:2e:d7:23:e7:42:
         17:c6:4b:08:73:7c:c6:cc:01:17:fa:70:52:89:17:41:95:7d:
         0c:9a:69:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyW9+rpW4n/FSZ/y6QWN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUwNDIwMDYwMTE3WhcNMjUwNDIxMDYwMTE3WjAzMTEwLwYDVQQD
EygwMjNlMTY3ODZhOTM5YWM0NzFkY2ViZjU0MjU5MDdkOTlhMDU1NDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBJRmuqKvWspBdNsElseTTg2REDa
dqy/g89qgIko6bdvPCBhJWwxuqIa/4x570Lhvf5d4tlq3jjlKgk1bIcxQqB5OhWL
GQ6jHD/kbsrcaYJrv+mZawYDsqDaJeOwipOPgFGunJEZJO6EqLq+kjetQavtfzeR
2NpJzCXAFZWvopiLjP6bNJbvv7++19sSRVn99WzFhRwKICbHdD8GPylNmYfDQISl
koqtXPJYNdT9iXD0fRNo/yS2a3QdDeZdjBqVJMJ41yBuGav8sSC/kBi4CWLW0bqy
J60OwBRGRbtrAzRZa+g3F90/vtQ2iDl/kBiXmBrfujetIPS9mDg6NZS1WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAI+Fnhqk5rEcdzr9UJZB9maBVQSMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPaxW6OKY
qjFrA7FuZEo8TcjxSgvtclaM0prCvnjm+0DiC7itAK4zMMw4sHUxZJNAFWl75YLI
IM7wCi8j5CPtIJ5MwueJaBsyHF/WYjoUJRix8rg6us7xtJpYAtfFrYBlpTiOdsFP
OvfYKOCwMPy17zIf0dlh0izch6Mmsd4pswCiayF9CgWPoFuSoksxx9leKMDHF8gv
74aVNL2eUG5YCL4+zQoxzACaFTPiS1Ok+9ukC1oZ4Pe214QBt/jrGD0UJBgKQLvi
qWwCQJ6ICsl8FLMMB0UVKZO3q2y6/qhlJ+PebHa8li7XI+dCF8ZLCHN8xswBF/pw
UokXQZV9DJppSw==
-----END CERTIFICATE-----