Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          nc4If4ouGW5XNSStdH2veOLPg81nQMPuWqeRWrNNgh4=
Subject key identifier:   81:D8:A3:CC:38:C6:44:21:60:4D:88:E1:DA:09:DC:C1:19:85:D9:88
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       0197610236E0765E25E9461C1F4994F6E8F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          09E7
Signing time:             Wed 11 Jun 2025 22:00:24 +0000
Manifest this update:     Wed 11 Jun 2025 22:00:24 +0000
Manifest next update:     Thu 12 Jun 2025 22:00:24 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: BiDiKv1uXpsgHmxY0LCtYJcIHudJKTs3AXSv9poXqQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:02:36:e0:76:5e:25:e9:46:1c:1f:49:94:f6:e8:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Jun 11 22:00:24 2025 GMT
            Not After : Jun 12 22:00:24 2025 GMT
        Subject: CN=81d8a3cc38c64421604d88e1da09dcc11985d988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cd:83:6c:67:14:25:2c:f8:aa:ec:38:24:12:
                    ee:eb:5d:be:3c:08:10:c7:28:0a:6f:50:f7:f8:ed:
                    1f:bc:62:21:fd:fa:94:af:04:a3:53:2a:3c:7a:6c:
                    c2:2e:60:62:a1:6f:17:55:33:ec:c0:38:6b:b2:97:
                    ca:16:f3:4e:2d:bd:1f:77:9e:16:00:3c:c0:a6:35:
                    55:a2:e7:7e:06:cd:07:f9:34:40:f7:72:36:01:81:
                    9e:d4:d1:5e:9f:59:6a:ed:a6:47:ab:d4:e3:b0:ae:
                    60:c2:8b:b1:83:43:28:59:f2:e6:6d:7f:84:3a:57:
                    48:c1:2b:f6:41:56:79:f5:2f:f1:63:67:d1:f8:db:
                    7f:9f:ac:81:2e:26:19:cd:eb:11:12:b8:58:96:d7:
                    d9:70:95:e2:f9:af:44:21:1d:fb:62:68:4e:56:02:
                    6d:fa:c7:37:fa:f2:b8:59:6f:11:ae:85:35:f2:a3:
                    60:4c:79:c6:5c:20:f2:02:32:e8:06:5f:30:0e:02:
                    d0:db:09:70:4b:53:07:22:dc:46:37:16:87:e9:24:
                    09:53:7e:bd:65:96:8a:91:4e:f3:d0:82:d2:60:61:
                    2c:81:fd:8f:e9:82:82:86:8f:ea:82:06:b1:eb:c5:
                    94:8c:21:bf:5d:93:54:f9:5b:77:05:33:8f:2a:ce:
                    a5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:D8:A3:CC:38:C6:44:21:60:4D:88:E1:DA:09:DC:C1:19:85:D9:88
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:97:5e:54:ff:01:7f:4a:21:04:e5:de:7e:6d:8e:cc:87:86:
         33:d2:08:fe:0a:5e:41:02:24:ab:0e:a4:f4:2b:ea:f4:eb:55:
         8d:ee:da:da:7c:04:63:2b:15:31:92:0f:0e:32:1a:6b:df:06:
         64:e5:28:25:15:2e:64:b3:66:ef:1f:b4:a2:1f:9d:c3:b7:a5:
         66:d2:4d:d5:20:c6:af:be:27:f1:ac:77:29:d4:b0:db:f5:f6:
         6c:f4:2f:df:f2:2f:f2:95:74:b7:ed:51:95:5e:70:7e:7b:f7:
         65:ea:46:37:bb:67:87:d7:f4:e3:8e:58:66:31:30:f5:a9:9e:
         9d:19:ac:40:8c:43:bd:12:10:00:99:15:9c:19:4d:6f:2c:dd:
         c1:d8:1f:89:41:26:fa:c4:77:0f:d3:be:44:15:1d:27:be:2e:
         46:05:ce:02:20:87:d9:0e:31:b0:67:71:0c:39:60:e5:e5:0e:
         f0:aa:bb:47:62:12:de:ee:dc:df:18:d8:fc:ae:d0:76:c9:9b:
         f5:7e:32:4a:63:3d:aa:f1:b7:32:40:be:50:94:e2:d6:75:3d:
         d3:ca:90:8b:73:ea:9e:08:99:6a:89:dc:1f:a4:d9:a6:5c:32:
         ec:56:ba:1b:b7:e6:eb:67:6b:5c:c6:6c:f1:9a:ab:20:5a:0c:
         b9:5d:2d:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhAjbgdl4l6UYcH0mU9uj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwNjExMjIwMDI0WhcNMjUwNjEyMjIwMDI0WjAzMTEwLwYDVQQD
Eyg4MWQ4YTNjYzM4YzY0NDIxNjA0ZDg4ZTFkYTA5ZGNjMTE5ODVkOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM2DbGcUJSz4quw4JBLu612+PAgQ
xygKb1D3+O0fvGIh/fqUrwSjUyo8emzCLmBioW8XVTPswDhrspfKFvNOLb0fd54W
ADzApjVVoud+Bs0H+TRA93I2AYGe1NFen1lq7aZHq9TjsK5gwouxg0MoWfLmbX+E
OldIwSv2QVZ59S/xY2fR+Nt/n6yBLiYZzesRErhYltfZcJXi+a9EIR37YmhOVgJt
+sc3+vK4WW8RroU18qNgTHnGXCDyAjLoBl8wDgLQ2wlwS1MHItxGNxaH6SQJU369
ZZaKkU7z0ILSYGEsgf2P6YKCho/qggax68WUjCG/XZNU+Vt3BTOPKs6ltQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHYo8w4xkQhYE2I4doJ3MEZhdmIMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJdeVP8B
f0ohBOXefm2OzIeGM9II/gpeQQIkqw6k9Cvq9OtVje7a2nwEYysVMZIPDjIaa98G
ZOUoJRUuZLNm7x+0oh+dw7elZtJN1SDGr74n8ax3KdSw2/X2bPQv3/Iv8pV0t+1R
lV5wfnv3ZepGN7tnh9f0445YZjEw9amenRmsQIxDvRIQAJkVnBlNbyzdwdgfiUEm
+sR3D9O+RBUdJ74uRgXOAiCH2Q4xsGdxDDlg5eUO8Kq7R2IS3u7c3xjY/K7Qdsmb
9X4ySmM9qvG3MkC+UJTi1nU908qQi3PqngiZaoncH6TZplwy7Fa6G7fm62drXMZs
8ZqrIFoMuV0tsA==
-----END CERTIFICATE-----