Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
File:                     geY5cEKnqWRfwS91nQJhldfL_Vg.mft (raw, json)
Hash identifier:          is4uLlPVdNh+uFcfK+iOFTmd/hm1F/ob29DjGbfyq2c=
Subject key identifier:   7B:12:79:4D:A9:9A:E9:D5:01:B7:24:11:74:63:73:B4:88:69:CB:CB
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Certificate issuer:       /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial:       019748FA36316D8A9275A59330AFBC30EC49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
Manifest number:          0C87
Signing time:             Sat 07 Jun 2025 06:00:46 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:46 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:46 +0000
Files and hashes:         1: geY5cEKnqWRfwS91nQJhldfL_Vg.crl (hash: bcQ+AGtAveGofUI4kvhNnieWiLxdVFjdnDMiIuU/bLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:36:31:6d:8a:92:75:a5:93:30:af:bc:30:ec:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
        Validity
            Not Before: Jun  7 06:00:46 2025 GMT
            Not After : Jun  8 06:00:46 2025 GMT
        Subject: CN=7b12794da99ae9d501b72411746373b48869cbcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9c:46:2b:44:e0:eb:28:2b:16:52:4f:c6:6a:
                    ba:3a:b0:d3:ee:6a:47:21:5a:68:ce:1b:ed:fa:ec:
                    55:6a:bd:24:b7:93:45:8a:40:ae:79:98:19:c6:6e:
                    d9:21:52:f9:6f:53:44:06:fc:74:e6:78:12:4a:2e:
                    78:81:54:4e:c2:0d:d2:c6:5c:b1:52:d8:f7:70:0b:
                    c4:b2:26:f4:aa:d9:37:e2:03:ca:ea:96:ab:cc:65:
                    1d:14:1b:54:55:da:9a:75:16:88:5f:f5:a2:87:0a:
                    48:73:84:7f:e3:44:43:27:3f:67:b0:bb:fb:fc:a3:
                    58:09:09:b0:ac:d7:d0:f8:a6:f6:ee:db:2d:9e:82:
                    c3:9e:0c:ea:da:21:3b:53:bc:45:02:c6:f1:bd:6c:
                    c8:20:4a:f1:5f:ce:d6:77:4c:96:d3:64:01:f7:57:
                    13:3e:cf:eb:4f:a5:d9:73:e2:8e:7c:6c:b8:7b:a5:
                    08:40:3e:75:2b:71:8d:2a:5a:ea:d0:a0:cf:55:77:
                    59:09:89:8a:4a:56:06:d0:90:ab:6a:11:24:af:f0:
                    35:22:29:53:7a:61:86:a3:c9:cf:a0:44:71:01:31:
                    a8:57:f4:f0:e7:f0:4b:06:3d:21:38:63:fc:ab:d3:
                    ec:a5:72:0f:9c:12:dd:89:f3:6d:16:e7:6b:78:f9:
                    37:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:12:79:4D:A9:9A:E9:D5:01:B7:24:11:74:63:73:B4:88:69:CB:CB
            X509v3 Authority Key Identifier:
                keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:63:83:7b:64:b0:fc:2c:74:1f:17:12:68:dd:f2:d3:07:6d:
         2d:78:41:f3:20:a5:12:68:2c:e1:00:00:bb:97:43:a5:c9:b1:
         a1:45:fc:6b:4b:98:d1:a0:83:da:91:b8:95:a6:04:50:07:11:
         32:7a:3f:d8:25:8e:78:2d:4f:ff:cb:fa:fe:c6:d1:23:96:eb:
         75:ea:62:5b:55:e4:80:a0:f9:58:bc:49:ff:ba:b1:88:f8:aa:
         7c:a3:e2:44:7a:f1:da:0d:21:e8:9c:09:6d:8b:af:05:0e:9d:
         e1:a9:aa:55:81:ca:49:3b:ad:75:0c:54:37:40:3a:9b:b8:c5:
         ff:ff:19:6b:aa:04:77:a8:ad:e0:7b:63:36:19:85:73:3e:46:
         2f:51:25:81:70:e8:fc:93:bc:53:f4:b7:51:db:6b:bc:cc:3a:
         c9:a0:f9:3a:55:31:27:c5:55:25:9d:18:04:42:5d:73:dc:93:
         22:f1:a3:ef:6e:c5:ca:a6:40:94:c0:6f:41:dd:ac:5c:07:ba:
         a9:cd:f0:05:2b:46:28:e1:96:7d:a6:7e:c8:e1:e1:62:9c:e9:
         b9:9a:ad:d9:b3:3b:ae:8b:45:2e:10:78:b9:02:c3:56:24:35:
         70:28:d1:af:39:97:a2:73:f9:62:24:2c:f0:84:54:42:bb:4b:
         23:8d:85:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+jYxbYqSdaWTMK+8MOxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjUwNjA3MDYwMDQ2WhcNMjUwNjA4MDYwMDQ2WjAzMTEwLwYDVQQD
Eyg3YjEyNzk0ZGE5OWFlOWQ1MDFiNzI0MTE3NDYzNzNiNDg4NjljYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJxGK0Tg6ygrFlJPxmq6OrDT7mpH
IVpozhvt+uxVar0kt5NFikCueZgZxm7ZIVL5b1NEBvx05ngSSi54gVROwg3Sxlyx
Utj3cAvEsib0qtk34gPK6parzGUdFBtUVdqadRaIX/WihwpIc4R/40RDJz9nsLv7
/KNYCQmwrNfQ+Kb27tstnoLDngzq2iE7U7xFAsbxvWzIIErxX87Wd0yW02QB91cT
Ps/rT6XZc+KOfGy4e6UIQD51K3GNKlrq0KDPVXdZCYmKSlYG0JCrahEkr/A1IilT
emGGo8nPoERxATGoV/Tw5/BLBj0hOGP8q9PspXIPnBLdifNtFudrePk3fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsSeU2pmunVAbckEXRjc7SIacvLMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW2ODe2Sw
/Cx0HxcSaN3y0wdtLXhB8yClEmgs4QAAu5dDpcmxoUX8a0uY0aCD2pG4laYEUAcR
Mno/2CWOeC1P/8v6/sbRI5brdepiW1XkgKD5WLxJ/7qxiPiqfKPiRHrx2g0h6JwJ
bYuvBQ6d4amqVYHKSTutdQxUN0A6m7jF//8Za6oEd6it4HtjNhmFcz5GL1ElgXDo
/JO8U/S3UdtrvMw6yaD5OlUxJ8VVJZ0YBEJdc9yTIvGj727FyqZAlMBvQd2sXAe6
qc3wBStGKOGWfaZ+yOHhYpzpuZqt2bM7rotFLhB4uQLDViQ1cCjRrzmXonP5YiQs
8IRUQrtLI42Fqg==
-----END CERTIFICATE-----