Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          mo+Bvo9ZrJ+AIW47Mq7YnG9wmR0P6YV9VJq+Fe7968o=
Subject key identifier:   73:EF:74:8A:28:5A:8A:AC:70:11:B9:70:5A:C0:6A:B4:99:0C:05:30
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       01974C32504C73784D415F2822739DAAE538
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          01CD
Signing time:             Sat 07 Jun 2025 21:00:54 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:54 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:54 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: smeowcJobEfrjkeJgb4pnuRVK2QGkc1tJLBCUljO43M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:32:50:4c:73:78:4d:41:5f:28:22:73:9d:aa:e5:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Jun  7 21:00:54 2025 GMT
            Not After : Jun  8 21:00:54 2025 GMT
        Subject: CN=73ef748a285a8aac7011b9705ac06ab4990c0530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c2:0d:34:1f:42:6a:76:ac:c2:f3:87:d9:96:
                    b6:e5:fc:c8:b2:73:95:b1:3f:1c:3c:99:00:de:34:
                    05:7d:7f:bc:7f:7a:ce:57:e4:21:c5:b7:ad:13:59:
                    e2:7c:c6:a2:87:a5:76:01:13:1a:b0:0c:4e:f4:36:
                    31:47:cf:17:d9:f6:7c:01:1a:dc:16:91:5e:05:dc:
                    3c:9d:c2:d3:10:c9:77:e5:e9:2d:3b:bf:d5:70:e0:
                    fb:d0:81:28:d8:97:68:1f:eb:ca:54:1c:15:cd:d6:
                    b6:1c:d6:a0:e8:d2:5f:b3:74:c7:bd:e6:e3:d5:4a:
                    e3:5e:5d:89:26:9c:4f:cb:d6:1b:90:d8:6c:f5:ae:
                    f4:db:56:2b:ff:54:c7:89:46:5e:3c:67:56:f0:c3:
                    f3:f4:43:d8:0d:7d:27:e0:bd:4c:3b:d3:74:13:6e:
                    e2:3f:36:0e:1a:ae:eb:35:0a:ee:a1:4b:dd:be:71:
                    8c:6c:c0:c5:4b:51:8f:7c:11:36:77:ae:06:11:b4:
                    39:2e:9b:3c:5d:c0:dd:00:2b:3e:32:73:7e:6e:cb:
                    40:c5:ac:7a:ab:1c:7f:71:08:05:a4:aa:0e:41:0a:
                    f9:0c:49:04:94:2b:a3:46:70:9a:bd:9f:27:da:ae:
                    fa:2d:74:a8:79:62:c7:c4:b5:db:06:30:66:79:29:
                    86:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:EF:74:8A:28:5A:8A:AC:70:11:B9:70:5A:C0:6A:B4:99:0C:05:30
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:e3:44:6a:9a:1b:03:f9:80:12:76:b9:79:d0:88:f6:22:64:
         29:d3:51:22:63:96:28:8b:0b:21:fe:45:9d:e2:ea:3c:3c:4a:
         50:ea:2d:88:c1:37:c4:12:59:d7:54:40:81:22:69:e4:71:5d:
         f2:5e:ac:f8:c8:ee:33:ab:49:2c:31:d7:a1:d5:89:4a:a9:db:
         ff:d3:9b:eb:b1:8a:f1:bb:97:07:a7:a1:2f:ba:a3:17:f6:0e:
         04:20:bb:34:e7:c7:ad:dd:63:dd:3e:f7:a1:ca:36:b4:ca:0f:
         26:38:27:a5:5b:86:e4:b5:6c:d4:b9:63:00:99:9a:0a:db:89:
         d4:20:96:83:c6:59:b9:d4:31:6e:41:4b:2b:e1:c5:c7:5f:2a:
         8e:d8:f9:f7:ce:12:76:27:da:bb:19:2e:d9:42:51:c3:87:c0:
         04:1d:ae:3b:14:11:3c:0c:45:87:4d:8c:34:50:30:36:15:29:
         b8:a7:81:13:e3:77:2b:e3:b4:a4:2e:5c:34:a5:4a:62:d5:62:
         be:44:f9:41:a6:6e:5c:ff:dc:09:06:17:53:eb:94:12:6e:dc:
         3e:7c:d9:81:d0:86:e6:c6:a2:a7:15:f0:15:77:37:62:b6:3b:
         1b:d3:e3:b4:26:98:53:55:b3:00:d7:46:a9:e2:c2:66:9b:f3:
         e2:27:de:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMlBMc3hNQV8oInOdquU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwNjA3MjEwMDU0WhcNMjUwNjA4MjEwMDU0WjAzMTEwLwYDVQQD
Eyg3M2VmNzQ4YTI4NWE4YWFjNzAxMWI5NzA1YWMwNmFiNDk5MGMwNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8INNB9CanaswvOH2Za25fzIsnOV
sT8cPJkA3jQFfX+8f3rOV+QhxbetE1nifMaih6V2ARMasAxO9DYxR88X2fZ8ARrc
FpFeBdw8ncLTEMl35ektO7/VcOD70IEo2JdoH+vKVBwVzda2HNag6NJfs3THvebj
1UrjXl2JJpxPy9YbkNhs9a7021Yr/1THiUZePGdW8MPz9EPYDX0n4L1MO9N0E27i
PzYOGq7rNQruoUvdvnGMbMDFS1GPfBE2d64GEbQ5Lps8XcDdACs+MnN+bstAxax6
qxx/cQgFpKoOQQr5DEkElCujRnCavZ8n2q76LXSoeWLHxLXbBjBmeSmGmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPvdIooWoqscBG5cFrAarSZDAUwMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAluNEapob
A/mAEna5edCI9iJkKdNRImOWKIsLIf5FneLqPDxKUOotiME3xBJZ11RAgSJp5HFd
8l6s+MjuM6tJLDHXodWJSqnb/9Ob67GK8buXB6ehL7qjF/YOBCC7NOfHrd1j3T73
oco2tMoPJjgnpVuG5LVs1LljAJmaCtuJ1CCWg8ZZudQxbkFLK+HFx18qjtj5984S
difauxku2UJRw4fABB2uOxQRPAxFh02MNFAwNhUpuKeBE+N3K+O0pC5cNKVKYtVi
vkT5QaZuXP/cCQYXU+uUEm7cPnzZgdCG5saipxXwFXc3YrY7G9PjtCaYU1WzANdG
qeLCZpvz4ifeYw==
-----END CERTIFICATE-----