Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
File:                     rkyfGKFH6zVjDiNFxUAOFop8icE.mft (raw, json)
Hash identifier:          /tsbn6vN4czkK1ypSChGHQ0Pn2+V0EuL9N6zetF+tcs=
Subject key identifier:   81:8E:FD:8D:71:F6:05:2B:F5:23:D2:A2:5C:24:5B:F7:74:95:F5:2E
Authority key identifier: AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1
Certificate issuer:       /CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
Certificate serial:       01974A7B1F1796A84C5124D7FF5D23BCF6FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
Manifest number:          0AC4
Signing time:             Sat 07 Jun 2025 13:01:11 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:11 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:11 +0000
Files and hashes:         1: rkyfGKFH6zVjDiNFxUAOFop8icE.crl (hash: l9TlyZ/RGBvFdvY/cYm+vNhBxWuhHvLuZhvQvjNKcwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:1f:17:96:a8:4c:51:24:d7:ff:5d:23:bc:f6:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
        Validity
            Not Before: Jun  7 13:01:11 2025 GMT
            Not After : Jun  8 13:01:11 2025 GMT
        Subject: CN=818efd8d71f6052bf523d2a25c245bf77495f52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:2f:1c:9a:d4:87:24:b2:88:56:70:fd:63:d3:
                    7a:fb:b4:c3:47:42:0d:9c:8e:6d:88:ff:b4:9e:a3:
                    06:a5:03:36:e4:03:fb:fb:c3:68:ae:fb:ab:12:fa:
                    2d:76:0e:aa:f7:72:04:3a:61:76:dd:10:23:c6:ea:
                    92:88:16:87:98:41:53:f1:24:cd:1d:84:02:cb:78:
                    dd:2f:06:28:9e:75:b8:ec:70:9c:c6:b6:51:83:36:
                    6c:8f:25:18:fc:77:34:e2:3b:bb:ea:b3:91:52:40:
                    c2:23:1d:9f:ad:d4:96:02:8c:8e:aa:08:05:90:03:
                    87:fd:a7:08:a7:23:90:4d:a4:49:33:90:9c:6b:83:
                    2b:bb:11:b3:6b:78:04:36:fd:7b:ad:10:e0:57:56:
                    72:cb:dc:94:7f:a0:16:2a:39:45:d1:e5:de:1a:3f:
                    e1:87:0b:4e:37:ce:49:14:1f:e3:20:a0:73:af:1c:
                    1f:ba:b6:f8:4f:0f:e1:dd:5f:61:b9:a7:b7:24:cb:
                    ae:0d:6b:fb:ba:96:00:31:2e:78:59:5b:e8:8e:b2:
                    41:96:31:36:53:fd:37:d0:4c:da:1c:ea:ed:f5:69:
                    6e:36:57:9b:52:b4:40:ac:b7:de:6f:f3:a0:12:29:
                    52:44:66:02:f1:a7:c8:77:82:85:25:02:ea:0b:fe:
                    f0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:8E:FD:8D:71:F6:05:2B:F5:23:D2:A2:5C:24:5B:F7:74:95:F5:2E
            X509v3 Authority Key Identifier:
                keyid:AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:8d:ff:16:87:74:c2:9d:4e:f6:56:53:50:9d:1c:d1:29:f2:
         f2:c9:ca:67:6d:d5:c2:8c:63:41:6d:54:b6:d3:5b:26:14:d6:
         28:3b:29:a7:20:bb:b1:6a:b1:83:bb:69:4b:61:f0:09:72:3f:
         16:c5:7d:d4:36:41:33:3c:37:23:ed:10:4f:99:57:69:2a:79:
         f0:b7:db:c8:be:da:f0:86:5f:94:c5:4e:b7:c5:bb:00:27:96:
         56:fa:5d:ae:04:d6:96:97:25:52:95:6a:4f:99:54:6d:3c:96:
         4d:5f:6c:43:7e:cd:75:a7:40:50:0d:82:24:05:62:28:a0:e4:
         18:e2:b5:eb:99:8c:ff:ea:b7:ec:d7:87:a5:56:af:c0:ad:54:
         24:a7:19:24:41:21:6e:fe:ab:fd:67:c5:b1:58:ee:d6:74:1d:
         86:7b:e9:14:33:df:4c:58:30:13:c9:5f:61:12:8e:a0:24:be:
         98:7f:d2:e3:ef:aa:bc:18:ca:db:ee:3f:9f:27:fc:0e:74:25:
         bf:c7:bf:b7:a9:97:ec:a7:27:0c:bc:62:ce:13:df:d3:a3:40:
         6f:43:35:25:cd:40:9c:6a:7f:4f:70:56:03:93:1e:b0:7b:50:
         82:5b:f2:71:16:19:a8:46:42:c6:2d:c3:bc:ca:8f:d2:cf:62:
         f2:3b:25:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKex8XlqhMUSTX/10jvPb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGM5ZjE4YTE0N2ViMzU2MzBlMjM0NWM1NDAwZTE2OGE3
Yzg5YzEwHhcNMjUwNjA3MTMwMTExWhcNMjUwNjA4MTMwMTExWjAzMTEwLwYDVQQD
Eyg4MThlZmQ4ZDcxZjYwNTJiZjUyM2QyYTI1YzI0NWJmNzc0OTVmNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6y8cmtSHJLKIVnD9Y9N6+7TDR0IN
nI5tiP+0nqMGpQM25AP7+8NorvurEvotdg6q93IEOmF23RAjxuqSiBaHmEFT8STN
HYQCy3jdLwYonnW47HCcxrZRgzZsjyUY/Hc04ju76rORUkDCIx2frdSWAoyOqggF
kAOH/acIpyOQTaRJM5Cca4MruxGza3gENv17rRDgV1Zyy9yUf6AWKjlF0eXeGj/h
hwtON85JFB/jIKBzrxwfurb4Tw/h3V9huae3JMuuDWv7upYAMS54WVvojrJBljE2
U/030EzaHOrt9WluNlebUrRArLfeb/OgEilSRGYC8afId4KFJQLqC/7wrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGO/Y1x9gUr9SPSolwkW/d0lfUuMB8GA1UdIwQY
MBaAFK5MnxihR+s1Yw4jRcVADhaKfInBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMt
ZGEwNWIzN2M4ZTI0LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMtZGEwNWIzN2M4ZTI0
LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoo3/Fod0
wp1O9lZTUJ0c0Sny8snKZ23VwoxjQW1UttNbJhTWKDsppyC7sWqxg7tpS2HwCXI/
FsV91DZBMzw3I+0QT5lXaSp58LfbyL7a8IZflMVOt8W7ACeWVvpdrgTWlpclUpVq
T5lUbTyWTV9sQ37NdadAUA2CJAViKKDkGOK165mM/+q37NeHpVavwK1UJKcZJEEh
bv6r/WfFsVju1nQdhnvpFDPfTFgwE8lfYRKOoCS+mH/S4++qvBjK2+4/nyf8DnQl
v8e/t6mX7KcnDLxizhPf06NAb0M1Jc1AnGp/T3BWA5MesHtQglvycRYZqEZCxi3D
vMqP0s9i8jslsw==
-----END CERTIFICATE-----