Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
File:                     sTFfExaKIog9oEuECAZgc7Hz8Nw.mft (raw, json)
Hash identifier:          WIiBFczQPACbTukHzKRfW1Q1GqDG/Wq+pPAwOBsM7Vk=
Subject key identifier:   94:2A:89:63:A7:4D:09:AE:9A:52:0E:E6:98:2C:6C:78:72:68:5E:5F
Authority key identifier: B1:31:5F:13:16:8A:22:88:3D:A0:4B:84:08:06:60:73:B1:F3:F0:DC
Certificate issuer:       /CN=b1315f13168a22883da04b8408066073b1f3f0dc
Certificate serial:       0197488C456DDC8A41F8FEC6C92A30B69597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 04:00:41 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:41 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:41 +0000
Files and hashes:         1: sTFfExaKIog9oEuECAZgc7Hz8Nw.crl (hash: gec/udl7TZnMmcvxcsrhnPxiiwZC0cDL5E3l3PuRUZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:45:6d:dc:8a:41:f8:fe:c6:c9:2a:30:b6:95:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1315f13168a22883da04b8408066073b1f3f0dc
        Validity
            Not Before: Jun  7 04:00:41 2025 GMT
            Not After : Jun  8 04:00:41 2025 GMT
        Subject: CN=942a8963a74d09ae9a520ee6982c6c7872685e5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:7a:41:9d:c4:98:25:de:fb:6a:57:76:50:
                    a7:34:79:c9:1d:92:3e:c6:31:81:8b:ac:87:96:88:
                    41:26:4f:d2:4c:d8:a8:a8:29:68:b8:9f:4c:18:b0:
                    bf:b2:39:d7:ba:fd:41:a9:b6:c0:84:c8:c0:a3:48:
                    90:e1:69:45:64:fa:e1:b8:e6:00:4d:08:fe:79:05:
                    a1:87:dd:c0:92:3b:01:0c:39:5a:19:d7:64:13:65:
                    92:a9:5f:d5:6b:43:54:0c:f9:ac:aa:4e:a6:83:96:
                    20:22:f2:92:6e:42:1d:41:78:11:a9:4b:62:1d:b1:
                    77:16:ee:b3:87:ff:04:f3:b7:cd:62:20:a0:5c:a2:
                    06:e8:66:e4:f5:ce:b4:fa:85:58:c5:7e:9b:46:8b:
                    c8:d2:7e:eb:6e:8c:b8:ad:71:e2:b5:ec:35:9a:7f:
                    9f:14:19:ca:a2:4c:71:5b:1d:56:a7:7c:ac:bc:bc:
                    62:91:91:e6:c6:3d:02:60:ae:67:b3:2c:5e:98:e7:
                    40:95:ed:98:a1:32:6e:09:a3:75:ad:ac:cf:82:76:
                    99:f1:24:ef:88:15:16:e5:7c:84:13:f1:9b:cc:68:
                    0a:8d:49:44:d7:4e:d6:a6:29:eb:9a:cf:79:97:6f:
                    7d:11:72:3e:c5:88:bf:2b:a1:46:b0:f3:e8:01:80:
                    b5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:2A:89:63:A7:4D:09:AE:9A:52:0E:E6:98:2C:6C:78:72:68:5E:5F
            X509v3 Authority Key Identifier:
                keyid:B1:31:5F:13:16:8A:22:88:3D:A0:4B:84:08:06:60:73:B1:F3:F0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTFfExaKIog9oEuECAZgc7Hz8Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a32c29-4087-4f87-89d9-9e4d1376ba31/1/sTFfExaKIog9oEuECAZgc7Hz8Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:67:ca:b8:50:8d:25:07:ad:3b:4b:c6:3c:8f:43:85:f8:79:
         c5:3f:d6:82:13:4a:45:5b:d9:a2:09:c7:71:4c:5d:2a:a4:b5:
         78:f7:2c:0c:24:2c:44:1a:15:6b:d1:27:29:7b:a9:83:92:3f:
         dd:71:3d:7e:9e:4a:63:4c:52:ee:46:27:f2:fc:bb:2c:3b:1d:
         2a:c9:df:3b:15:01:82:98:24:06:80:ba:a5:8e:44:bb:87:3d:
         b2:33:a7:11:d5:b8:42:88:82:dc:6a:6e:17:c4:e3:86:2a:76:
         24:bf:28:f0:76:ee:c4:e9:f5:a2:b2:7a:11:c9:ca:8d:0d:72:
         63:d1:2c:05:14:23:0a:ad:e9:09:ab:9e:43:65:9e:10:10:5d:
         91:2c:6d:40:21:54:dc:ee:4b:d0:77:5b:bf:3f:08:e8:e0:0d:
         9d:f7:b1:c4:cd:39:33:3c:9a:2b:8b:b1:11:a5:72:c9:c0:9c:
         df:ed:db:03:ae:ec:6c:53:21:98:61:62:51:7d:bb:54:83:8c:
         44:b7:9e:64:54:64:72:52:ce:0a:ae:fb:dc:77:93:80:8f:86:
         1d:aa:56:2b:2e:ef:7d:78:b1:01:0e:ce:8e:57:0e:c1:e1:bb:
         86:7a:00:ab:63:7f:d1:e2:30:21:c9:c8:40:3e:13:4c:d0:c6:
         e5:ec:75:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjEVt3IpB+P7GySowtpWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzE1ZjEzMTY4YTIyODgzZGEwNGI4NDA4MDY2MDczYjFm
M2YwZGMwHhcNMjUwNjA3MDQwMDQxWhcNMjUwNjA4MDQwMDQxWjAzMTEwLwYDVQQD
Eyg5NDJhODk2M2E3NGQwOWFlOWE1MjBlZTY5ODJjNmM3ODcyNjg1ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+t6QZ3EmCXe+2pXdlCnNHnJHZI+
xjGBi6yHlohBJk/STNioqClouJ9MGLC/sjnXuv1BqbbAhMjAo0iQ4WlFZPrhuOYA
TQj+eQWhh93AkjsBDDlaGddkE2WSqV/Va0NUDPmsqk6mg5YgIvKSbkIdQXgRqUti
HbF3Fu6zh/8E87fNYiCgXKIG6Gbk9c60+oVYxX6bRovI0n7rboy4rXHitew1mn+f
FBnKokxxWx1Wp3ysvLxikZHmxj0CYK5nsyxemOdAle2YoTJuCaN1razPgnaZ8STv
iBUW5XyEE/GbzGgKjUlE107Wpinrms95l299EXI+xYi/K6FGsPPoAYC1GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQqiWOnTQmumlIO5pgsbHhyaF5fMB8GA1UdIwQY
MBaAFLExXxMWiiKIPaBLhAgGYHOx8/DcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hMzJjMjktNDA4Ny00Zjg3LTg5ZDkt
OWU0ZDEzNzZiYTMxLzEvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hMzJjMjktNDA4Ny00Zjg3LTg5ZDktOWU0ZDEzNzZiYTMx
LzEvc1RGZkV4YUtJb2c5b0V1RUNBWmdjN0h6OE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmfKuFCN
JQetO0vGPI9Dhfh5xT/WghNKRVvZognHcUxdKqS1ePcsDCQsRBoVa9EnKXupg5I/
3XE9fp5KY0xS7kYn8vy7LDsdKsnfOxUBgpgkBoC6pY5Eu4c9sjOnEdW4QoiC3Gpu
F8Tjhip2JL8o8HbuxOn1orJ6EcnKjQ1yY9EsBRQjCq3pCaueQ2WeEBBdkSxtQCFU
3O5L0Hdbvz8I6OANnfexxM05MzyaK4uxEaVyycCc3+3bA67sbFMhmGFiUX27VIOM
RLeeZFRkclLOCq773HeTgI+GHapWKy7vfXixAQ7OjlcOweG7hnoAq2N/0eIwIcnI
QD4TTNDG5ex1FA==
-----END CERTIFICATE-----