Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
File:                     tDlkbascuAzWConx-qE0bzlSO_o.mft (raw, json)
Hash identifier:          BKw1RNqTjpQIEGSB9IVuoEHmBZabZjLKEWzHYRyf7OU=
Subject key identifier:   40:7A:F9:3E:12:14:D9:C1:AD:89:05:FA:71:89:90:15:E3:70:8E:F7
Authority key identifier: B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA
Certificate issuer:       /CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
Certificate serial:       0197488C5FE627AC613A74E3C09BBBB074BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 04:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:48 +0000
Files and hashes:         1: tDlkbascuAzWConx-qE0bzlSO_o.crl (hash: JkhRMlmyUjhMWWvOgUH/9w1SSwS8FNNz/SWFrbr4N3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:5f:e6:27:ac:61:3a:74:e3:c0:9b:bb:b0:74:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b439646dab1cb80cd60a89f1faa1346f39523bfa
        Validity
            Not Before: Jun  7 04:00:48 2025 GMT
            Not After : Jun  8 04:00:48 2025 GMT
        Subject: CN=407af93e1214d9c1ad8905fa71899015e3708ef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d2:80:99:7b:da:ca:35:10:88:3a:d0:82:c4:
                    30:04:94:1e:6b:71:2e:e1:cc:c5:3e:97:f0:a9:e8:
                    89:d7:13:b1:3e:f7:84:6c:70:85:a3:d1:3d:48:2d:
                    28:b5:bd:80:ce:04:40:5c:d9:e6:a4:8c:af:3b:64:
                    75:2a:f3:64:cc:c4:d6:5d:0c:fe:f8:3d:59:b3:35:
                    db:5e:15:0b:a1:e8:b3:76:91:79:09:a7:a7:91:af:
                    11:29:9a:e8:c0:c2:b2:64:89:f3:4e:9f:fb:23:ea:
                    70:1e:bd:2f:82:19:65:c1:a4:c7:6c:7e:a1:f3:99:
                    27:6b:cc:0e:36:ff:9f:b3:f6:27:4f:f2:df:98:47:
                    a3:7a:aa:ee:de:a4:fd:c9:13:0c:83:60:64:1d:c7:
                    4d:c8:aa:b2:4c:4e:bd:cb:04:a5:67:dc:b1:5c:f7:
                    0a:fb:d6:42:94:e4:a9:c3:2e:80:44:a4:49:55:1d:
                    89:f3:0a:2d:f5:a2:04:69:09:0f:0b:56:59:92:0c:
                    ec:72:62:77:0d:e0:84:55:53:65:ba:cc:f6:c5:36:
                    11:57:54:7c:85:2d:d5:12:49:28:e6:bb:52:82:e8:
                    ef:84:da:3b:e7:8a:65:6c:9a:a8:27:2b:ce:ed:d9:
                    1e:ba:2e:0a:ef:85:bb:78:dc:08:f6:0f:7b:fb:bf:
                    59:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:7A:F9:3E:12:14:D9:C1:AD:89:05:FA:71:89:90:15:E3:70:8E:F7
            X509v3 Authority Key Identifier:
                keyid:B4:39:64:6D:AB:1C:B8:0C:D6:0A:89:F1:FA:A1:34:6F:39:52:3B:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlkbascuAzWConx-qE0bzlSO_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cd4f4d-aa58-4a2f-a3c5-7e8c545a97ae/1/tDlkbascuAzWConx-qE0bzlSO_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:d9:0a:d3:3f:9b:3b:2d:3c:9a:79:eb:c9:b9:9e:5a:0f:2f:
         87:c1:69:20:84:1d:e5:df:f8:cb:61:e2:30:22:77:79:fc:ba:
         04:90:35:3b:10:0c:84:be:99:54:ae:ac:7b:b3:de:38:52:0a:
         18:07:da:40:05:c0:b0:2a:8d:da:9e:c9:57:34:24:d0:88:30:
         26:ab:17:f2:f6:60:17:4a:16:1e:b7:80:58:68:3c:f0:f4:2b:
         c0:1a:cd:2b:09:93:5b:41:81:13:36:c3:2a:80:53:33:6e:0e:
         36:18:65:95:5d:be:10:02:92:73:e3:4d:c4:04:64:f7:95:b9:
         55:aa:19:5c:35:64:8a:5b:28:82:1f:13:dd:bf:d2:21:ce:62:
         6f:19:e0:16:91:bc:9f:3a:8d:2f:0c:3a:96:d2:b8:8b:4e:40:
         36:16:23:58:0a:a4:23:ba:bf:27:74:51:fe:a4:df:18:06:89:
         dd:3e:1c:cb:73:30:40:79:45:84:36:06:51:84:2e:2d:f4:24:
         e3:4b:7f:18:f0:21:03:3a:01:0a:f4:7d:d3:b5:f5:54:25:d3:
         c6:2e:f1:64:27:f8:ad:10:ae:c0:2f:56:b6:89:2b:3c:fb:22:
         e4:67:47:99:78:c9:9e:dc:c1:c9:81:92:fc:2a:47:ac:3e:e3:
         24:61:5c:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjF/mJ6xhOnTjwJu7sHS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Mzk2NDZkYWIxY2I4MGNkNjBhODlmMWZhYTEzNDZmMzk1
MjNiZmEwHhcNMjUwNjA3MDQwMDQ4WhcNMjUwNjA4MDQwMDQ4WjAzMTEwLwYDVQQD
Eyg0MDdhZjkzZTEyMTRkOWMxYWQ4OTA1ZmE3MTg5OTAxNWUzNzA4ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtKAmXvayjUQiDrQgsQwBJQea3Eu
4czFPpfwqeiJ1xOxPveEbHCFo9E9SC0otb2AzgRAXNnmpIyvO2R1KvNkzMTWXQz+
+D1ZszXbXhULoeizdpF5Caenka8RKZrowMKyZInzTp/7I+pwHr0vghllwaTHbH6h
85kna8wONv+fs/YnT/LfmEejeqru3qT9yRMMg2BkHcdNyKqyTE69ywSlZ9yxXPcK
+9ZClOSpwy6ARKRJVR2J8wot9aIEaQkPC1ZZkgzscmJ3DeCEVVNlusz2xTYRV1R8
hS3VEkko5rtSgujvhNo754plbJqoJyvO7dkeui4K74W7eNwI9g97+79ZawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEB6+T4SFNnBrYkF+nGJkBXjcI73MB8GA1UdIwQY
MBaAFLQ5ZG2rHLgM1gqJ8fqhNG85Ujv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUt
N2U4YzU0NWE5N2FlLzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jZDRmNGQtYWE1OC00YTJmLWEzYzUtN2U4YzU0NWE5N2Fl
LzEvdERsa2Jhc2N1QXpXQ29ueC1xRTBiemxTT19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARtkK0z+b
Oy08mnnrybmeWg8vh8FpIIQd5d/4y2HiMCJ3efy6BJA1OxAMhL6ZVK6se7PeOFIK
GAfaQAXAsCqN2p7JVzQk0IgwJqsX8vZgF0oWHreAWGg88PQrwBrNKwmTW0GBEzbD
KoBTM24ONhhllV2+EAKSc+NNxARk95W5VaoZXDVkilsogh8T3b/SIc5ibxngFpG8
nzqNLww6ltK4i05ANhYjWAqkI7q/J3RR/qTfGAaJ3T4cy3MwQHlFhDYGUYQuLfQk
40t/GPAhAzoBCvR907X1VCXTxi7xZCf4rRCuwC9WtokrPPsi5GdHmXjJntzByYGS
/CpHrD7jJGFcYQ==
-----END CERTIFICATE-----