Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          mKUlqNKtp3oWhZNn9SGOktOPG8VzK++y56ZUFx9vffc=
Subject key identifier:   AA:54:5F:CD:1A:9D:E5:D0:EB:72:C6:B8:21:84:28:2D:23:EE:00:63
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       01974C69653E4752CA0843001465D158F7F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          13C5
Signing time:             Sat 07 Jun 2025 22:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:04 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: /7uR5ir2bQTzTuTb+dLThIg0O8Dv+yol2JNKK/+Axws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:65:3e:47:52:ca:08:43:00:14:65:d1:58:f7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: Jun  7 22:01:04 2025 GMT
            Not After : Jun  8 22:01:04 2025 GMT
        Subject: CN=aa545fcd1a9de5d0eb72c6b82184282d23ee0063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:b3:93:41:fd:c9:09:a0:18:13:be:31:c9:
                    78:a4:f5:e3:7a:af:8c:63:f4:6d:44:e0:62:d1:f2:
                    78:71:95:3a:10:98:dd:7e:7c:50:02:38:28:10:d0:
                    5b:e1:ee:ba:06:6c:59:16:ff:26:7e:cd:35:27:5b:
                    ec:ff:e9:20:2f:e8:18:62:29:43:95:14:42:1c:96:
                    0b:75:67:b9:d0:35:cd:61:fc:88:af:ec:a2:4c:6e:
                    84:de:ed:2f:14:09:06:b4:bb:0e:34:73:70:04:00:
                    a3:89:58:2e:33:bf:cf:a3:a3:21:cf:6a:e0:e8:ae:
                    7e:e6:aa:14:6d:e6:6f:ac:cc:5c:88:21:f5:51:d9:
                    9b:71:78:d9:34:bf:f3:c0:ba:7b:98:91:d7:08:aa:
                    7b:3f:42:f9:04:b9:42:54:19:09:2d:3c:11:55:d5:
                    66:fe:30:1a:3d:dc:51:b3:96:ed:06:97:1b:3b:d9:
                    cf:72:78:98:dd:6e:a4:3d:48:7d:7b:d1:4b:41:5b:
                    ad:eb:46:b7:0a:4a:a6:66:3c:41:62:8e:03:91:a9:
                    8d:71:48:6b:66:95:76:09:c2:d0:e7:76:19:aa:fc:
                    49:c7:36:10:ed:bd:42:69:70:af:7f:36:24:a9:e5:
                    95:8f:d1:ac:1d:fc:97:aa:f0:87:88:4c:f1:d0:43:
                    ef:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:54:5F:CD:1A:9D:E5:D0:EB:72:C6:B8:21:84:28:2D:23:EE:00:63
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:b6:a4:d3:f1:a6:d0:f3:ca:5a:9a:58:ce:2f:ec:8d:59:af:
         c7:6f:a0:14:1f:86:87:4d:82:0c:69:64:67:c7:dc:6e:26:a4:
         8a:51:7d:59:e0:87:d8:92:97:56:29:68:02:26:81:7b:b5:64:
         2c:73:a7:d7:9c:26:1a:e0:cb:b8:78:11:a6:62:1d:b1:df:0f:
         e8:64:69:91:2d:66:b1:4e:7f:1a:0c:07:d3:6e:88:de:44:a1:
         41:13:07:6b:8b:b6:b3:cf:43:6e:b6:e9:0d:0c:5a:a9:74:f0:
         4b:4d:cf:54:31:f4:13:74:2b:2c:a7:bc:19:e6:05:84:66:40:
         04:e2:82:bf:27:88:e2:4c:49:62:68:81:76:2b:35:15:b4:b6:
         d0:5e:90:c0:3a:86:ac:97:8e:15:7a:5d:a4:bb:2d:ac:0d:63:
         be:11:92:8b:3a:6a:56:de:0e:be:71:29:d7:58:23:4a:76:82:
         4b:1f:71:de:a0:f3:25:86:c0:3a:8c:bc:94:4a:b5:44:7f:a7:
         31:14:6e:da:83:1b:e6:bf:c4:0a:ff:a5:62:7c:6c:dc:74:e9:
         5e:93:73:67:cc:95:fe:1b:17:84:e4:2f:1d:27:bc:4d:33:c0:
         84:aa:3c:79:85:9f:90:f6:32:a7:90:05:7b:c2:c7:68:b6:5e:
         ee:20:27:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaWU+R1LKCEMAFGXRWPfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjUwNjA3MjIwMTA0WhcNMjUwNjA4MjIwMTA0WjAzMTEwLwYDVQQD
EyhhYTU0NWZjZDFhOWRlNWQwZWI3MmM2YjgyMTg0MjgyZDIzZWUwMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZqzk0H9yQmgGBO+Mcl4pPXjeq+M
Y/RtROBi0fJ4cZU6EJjdfnxQAjgoENBb4e66BmxZFv8mfs01J1vs/+kgL+gYYilD
lRRCHJYLdWe50DXNYfyIr+yiTG6E3u0vFAkGtLsONHNwBACjiVguM7/Po6Mhz2rg
6K5+5qoUbeZvrMxciCH1UdmbcXjZNL/zwLp7mJHXCKp7P0L5BLlCVBkJLTwRVdVm
/jAaPdxRs5btBpcbO9nPcniY3W6kPUh9e9FLQVut60a3CkqmZjxBYo4DkamNcUhr
ZpV2CcLQ53YZqvxJxzYQ7b1CaXCvfzYkqeWVj9GsHfyXqvCHiEzx0EPvAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpUX80aneXQ63LGuCGEKC0j7gBjMB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt7ak0/Gm
0PPKWppYzi/sjVmvx2+gFB+Gh02CDGlkZ8fcbiakilF9WeCH2JKXViloAiaBe7Vk
LHOn15wmGuDLuHgRpmIdsd8P6GRpkS1msU5/GgwH026I3kShQRMHa4u2s89Dbrbp
DQxaqXTwS03PVDH0E3QrLKe8GeYFhGZABOKCvyeI4kxJYmiBdis1FbS20F6QwDqG
rJeOFXpdpLstrA1jvhGSizpqVt4OvnEp11gjSnaCSx9x3qDzJYbAOoy8lEq1RH+n
MRRu2oMb5r/ECv+lYnxs3HTpXpNzZ8yV/hsXhOQvHSe8TTPAhKo8eYWfkPYyp5AF
e8LHaLZe7iAn8Q==
-----END CERTIFICATE-----