Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          JiiVm6GDjoB2whFjbIUUwc0F2Tlr8sIlSsT/LMhUAUc=
Subject key identifier:   5C:38:DE:3B:C6:E1:EC:D7:2A:4D:38:F6:1E:50:AE:E7:54:B3:21:B3
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       019767730AA6F748F59106126D2CCD5E12FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          022E
Signing time:             Fri 13 Jun 2025 04:01:21 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:21 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:21 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: tASlbxJQFEjM0fbK3qxdZy5e5BlwG3GhPAHfRp7yTlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:73:0a:a6:f7:48:f5:91:06:12:6d:2c:cd:5e:12:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: Jun 13 04:01:21 2025 GMT
            Not After : Jun 14 04:01:21 2025 GMT
        Subject: CN=5c38de3bc6e1ecd72a4d38f61e50aee754b321b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:2f:13:d4:63:9e:b7:49:dd:1b:c8:f2:e5:3d:
                    50:af:20:86:7a:d1:6c:49:41:31:fd:cf:c7:ab:d0:
                    60:be:9e:2a:4a:66:d9:29:cb:d3:93:8b:ff:71:3d:
                    50:8a:0b:10:74:a4:9d:be:fa:03:82:1d:c0:33:4c:
                    d1:1b:50:88:ab:69:a2:51:a4:51:79:f1:d4:ee:fc:
                    da:69:e8:1d:b9:5a:1b:17:51:81:d2:ff:0e:4d:2d:
                    b3:55:0b:96:9b:bf:a6:df:a6:c5:06:60:2a:bd:51:
                    5e:f6:a7:f9:30:bd:7b:49:30:b7:17:cc:56:d1:45:
                    82:3d:79:66:5c:5e:67:f7:39:34:5d:0e:bf:52:df:
                    37:c8:cc:8d:cc:c1:f1:3b:02:b0:0c:8b:06:f0:34:
                    05:a5:4a:86:f1:8a:42:dd:2c:32:ad:29:3e:d6:9e:
                    99:82:38:ce:4d:ec:1a:be:e9:22:96:55:4f:d4:72:
                    d2:18:4d:5c:d5:c3:c5:e5:70:0f:f7:2b:10:ef:ac:
                    36:09:61:f9:3e:5b:22:fd:01:22:8b:da:6e:ac:3d:
                    17:f8:b7:70:12:04:fc:ca:fd:b3:f0:55:8f:e7:bc:
                    23:ca:51:4c:02:dc:12:96:95:64:da:1b:1e:43:e3:
                    53:2c:fc:8f:a8:c9:ac:78:d2:9c:44:84:ac:f2:ed:
                    21:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:38:DE:3B:C6:E1:EC:D7:2A:4D:38:F6:1E:50:AE:E7:54:B3:21:B3
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:89:16:a5:14:f3:56:85:39:2c:05:0f:8e:95:b3:6b:d1:48:
         b8:31:12:5f:0b:4e:a1:bc:3a:90:c8:35:c4:a5:7c:86:1f:47:
         40:61:c9:a6:82:6b:a9:1b:d1:cf:b9:08:e4:92:c8:53:35:45:
         e6:82:59:74:41:9e:51:16:4e:13:8b:62:9c:ca:9f:a2:5b:63:
         35:b9:b5:66:d7:4b:fb:d3:bd:4f:2d:f5:d1:63:70:1f:6c:24:
         66:df:6a:03:b5:cc:60:7f:6a:af:aa:61:18:84:6d:f4:ec:ba:
         2a:d4:bb:1c:d0:26:9b:64:3b:0f:30:85:38:c1:82:8c:6d:3b:
         80:54:fd:e9:e0:68:d7:83:ec:86:43:7e:36:c1:01:1b:f4:d4:
         0f:26:7a:31:28:d7:c7:e7:98:83:b0:32:e3:48:2e:82:a5:c3:
         2d:65:4c:2a:0e:30:87:69:dc:7a:c7:d9:3c:5f:d8:78:1a:da:
         82:7c:83:50:c8:03:91:2e:27:a1:94:9e:a4:db:55:79:0b:e2:
         e3:1d:02:91:0a:11:f1:f6:74:9c:c5:60:67:b1:d8:9b:21:24:
         1b:72:87:ae:3b:0f:e4:68:cd:e5:49:82:d0:59:5d:b9:97:c9:
         53:b8:8e:22:cb:55:88:67:89:e9:45:c5:50:8e:17:92:f0:fd:
         3e:f1:66:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncwqm90j1kQYSbSzNXhL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjUwNjEzMDQwMTIxWhcNMjUwNjE0MDQwMTIxWjAzMTEwLwYDVQQD
Eyg1YzM4ZGUzYmM2ZTFlY2Q3MmE0ZDM4ZjYxZTUwYWVlNzU0YjMyMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0C8T1GOet0ndG8jy5T1QryCGetFs
SUEx/c/Hq9Bgvp4qSmbZKcvTk4v/cT1QigsQdKSdvvoDgh3AM0zRG1CIq2miUaRR
efHU7vzaaegduVobF1GB0v8OTS2zVQuWm7+m36bFBmAqvVFe9qf5ML17STC3F8xW
0UWCPXlmXF5n9zk0XQ6/Ut83yMyNzMHxOwKwDIsG8DQFpUqG8YpC3SwyrSk+1p6Z
gjjOTewavukillVP1HLSGE1c1cPF5XAP9ysQ76w2CWH5Plsi/QEii9purD0X+Ldw
EgT8yv2z8FWP57wjylFMAtwSlpVk2hseQ+NTLPyPqMmseNKcRISs8u0hRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw43jvG4ezXKk049h5QrudUsyGzMB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAokWpRTz
VoU5LAUPjpWza9FIuDESXwtOobw6kMg1xKV8hh9HQGHJpoJrqRvRz7kI5JLIUzVF
5oJZdEGeURZOE4tinMqfoltjNbm1ZtdL+9O9Ty310WNwH2wkZt9qA7XMYH9qr6ph
GIRt9Oy6KtS7HNAmm2Q7DzCFOMGCjG07gFT96eBo14PshkN+NsEBG/TUDyZ6MSjX
x+eYg7Ay40gugqXDLWVMKg4wh2ncesfZPF/YeBragnyDUMgDkS4noZSepNtVeQvi
4x0CkQoR8fZ0nMVgZ7HYmyEkG3KHrjsP5GjN5UmC0FlduZfJU7iOIstViGeJ6UXF
UI4XkvD9PvFmGQ==
-----END CERTIFICATE-----