Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
File:                     SxEEihpJFuExuM4Iji1v5OXF49s.mft (raw, json)
Hash identifier:          xnhsW8HDSXvZpvv36B6Pd1pRrmpqX36LJd5Fig3YTQw=
Subject key identifier:   2E:F0:35:8F:15:1A:7B:C9:ED:83:1A:11:E1:BB:D9:08:4D:4A:49:7C
Authority key identifier: 4B:11:04:8A:1A:49:16:E1:31:B8:CE:08:8E:2D:6F:E4:E5:C5:E3:DB
Certificate issuer:       /CN=4b11048a1a4916e131b8ce088e2d6fe4e5c5e3db
Certificate serial:       019746302C879EF4848AA3FAA8610378918B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
Manifest number:          01B9
Signing time:             Fri 06 Jun 2025 17:00:51 +0000
Manifest this update:     Fri 06 Jun 2025 17:00:51 +0000
Manifest next update:     Sat 07 Jun 2025 17:00:51 +0000
Files and hashes:         1: SxEEihpJFuExuM4Iji1v5OXF49s.crl (hash: DoCxfLC0XcwEK416UhFtcPicxgbkzttFN+22eqQ2+0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:30:2c:87:9e:f4:84:8a:a3:fa:a8:61:03:78:91:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b11048a1a4916e131b8ce088e2d6fe4e5c5e3db
        Validity
            Not Before: Jun  6 17:00:51 2025 GMT
            Not After : Jun  7 17:00:51 2025 GMT
        Subject: CN=2ef0358f151a7bc9ed831a11e1bbd9084d4a497c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b4:21:08:77:b3:75:d8:49:80:a6:81:a6:2d:
                    59:47:91:dd:1e:af:dd:ef:d5:58:e2:0b:e6:73:18:
                    d8:8f:fa:3c:aa:07:d3:c7:fa:71:74:11:08:0e:c9:
                    49:6a:9e:45:f8:ad:e0:c0:61:84:fc:33:ce:62:26:
                    af:e1:c1:09:bd:3b:a1:ff:ff:c0:ca:68:07:53:5f:
                    ed:5d:c4:3c:ce:a5:ae:b5:1c:e6:7e:86:c4:db:b1:
                    84:8e:16:25:5c:e7:dc:95:7f:f1:93:94:1d:c1:ed:
                    d1:f7:15:ac:9d:1e:19:c2:44:dd:41:3e:ae:a3:d6:
                    d5:77:70:6a:ac:d5:27:79:96:a6:bb:a5:4e:3f:e3:
                    02:d6:0e:82:bb:94:50:2b:26:47:e4:b0:db:79:ef:
                    90:f0:32:a7:1d:8a:31:b6:9d:c4:5b:c9:1e:f2:f8:
                    f8:be:18:df:8e:70:0c:b1:7b:f7:55:ba:97:d3:0b:
                    59:b6:37:87:3e:a9:f5:00:b6:e3:b2:97:d8:aa:d2:
                    df:21:12:77:34:af:00:21:41:d6:6a:ae:32:82:93:
                    30:60:33:31:bb:1f:eb:dc:27:ca:c0:d8:9a:2b:26:
                    37:96:24:25:1c:c7:d6:b1:8d:f1:31:82:40:a8:c4:
                    82:e4:da:e8:88:99:3a:8c:72:6b:24:86:14:45:57:
                    8b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:F0:35:8F:15:1A:7B:C9:ED:83:1A:11:E1:BB:D9:08:4D:4A:49:7C
            X509v3 Authority Key Identifier:
                keyid:4B:11:04:8A:1A:49:16:E1:31:B8:CE:08:8E:2D:6F:E4:E5:C5:E3:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SxEEihpJFuExuM4Iji1v5OXF49s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3a228-fc4f-40b2-88b2-e484611a9621/1/SxEEihpJFuExuM4Iji1v5OXF49s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:e6:da:a2:73:16:15:45:13:5f:51:39:3a:6a:2f:19:3b:c8:
         ee:77:c6:5a:1d:de:ed:33:8a:c6:bf:d3:b5:d0:7b:05:5b:d3:
         14:af:8d:c6:3e:15:6e:30:0a:99:f1:5f:77:fd:0a:3d:bd:66:
         80:52:93:29:eb:cb:97:9d:c4:c6:46:c3:79:b6:60:c6:00:70:
         fe:0f:b9:cd:f1:6a:9d:e0:79:05:97:e3:c3:af:7b:0b:6e:9e:
         53:14:f1:cf:86:9a:e1:a8:30:61:4c:66:bb:e2:58:f5:53:d8:
         bf:d6:30:a1:ae:8f:68:e6:44:77:41:9a:e0:2a:71:d6:cf:dd:
         e2:42:bb:77:a0:ae:71:9d:23:76:57:72:2b:34:77:54:f1:c9:
         0a:89:15:29:0d:5d:95:cc:4a:d7:b4:51:c2:d6:18:ad:2f:9f:
         b9:7d:4a:7d:7e:2b:dc:86:44:b0:2d:be:f3:c1:a4:88:54:d6:
         34:ed:bf:b2:bb:f2:50:3e:f7:13:4e:d3:ee:22:97:95:7c:73:
         ae:9d:83:a7:8b:24:cc:38:c4:c4:0d:73:df:74:6e:4a:26:25:
         c8:d6:1e:4c:d1:28:d7:46:d0:de:a9:4c:89:cf:53:56:7e:c2:
         71:18:48:b5:a2:f5:a1:65:db:fb:30:a4:05:42:7c:c8:aa:b8:
         5e:87:ca:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGMCyHnvSEiqP6qGEDeJGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTEwNDhhMWE0OTE2ZTEzMWI4Y2UwODhlMmQ2ZmU0ZTVj
NWUzZGIwHhcNMjUwNjA2MTcwMDUxWhcNMjUwNjA3MTcwMDUxWjAzMTEwLwYDVQQD
EygyZWYwMzU4ZjE1MWE3YmM5ZWQ4MzFhMTFlMWJiZDkwODRkNGE0OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrQhCHezddhJgKaBpi1ZR5HdHq/d
79VY4gvmcxjYj/o8qgfTx/pxdBEIDslJap5F+K3gwGGE/DPOYiav4cEJvTuh///A
ymgHU1/tXcQ8zqWutRzmfobE27GEjhYlXOfclX/xk5Qdwe3R9xWsnR4ZwkTdQT6u
o9bVd3BqrNUneZamu6VOP+MC1g6Cu5RQKyZH5LDbee+Q8DKnHYoxtp3EW8ke8vj4
vhjfjnAMsXv3VbqX0wtZtjeHPqn1ALbjspfYqtLfIRJ3NK8AIUHWaq4ygpMwYDMx
ux/r3CfKwNiaKyY3liQlHMfWsY3xMYJAqMSC5NroiJk6jHJrJIYURVeLmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7wNY8VGnvJ7YMaEeG72QhNSkl8MB8GA1UdIwQY
MBaAFEsRBIoaSRbhMbjOCI4tb+TlxePbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2EyMjgtZmM0Zi00MGIyLTg4YjIt
ZTQ4NDYxMWE5NjIxLzEvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2EyMjgtZmM0Zi00MGIyLTg4YjItZTQ4NDYxMWE5NjIx
LzEvU3hFRWlocEpGdUV4dU00SWppMXY1T1hGNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfebaonMW
FUUTX1E5OmovGTvI7nfGWh3e7TOKxr/TtdB7BVvTFK+Nxj4VbjAKmfFfd/0KPb1m
gFKTKevLl53ExkbDebZgxgBw/g+5zfFqneB5BZfjw697C26eUxTxz4aa4agwYUxm
u+JY9VPYv9Ywoa6PaOZEd0Ga4Cpx1s/d4kK7d6CucZ0jdldyKzR3VPHJCokVKQ1d
lcxK17RRwtYYrS+fuX1KfX4r3IZEsC2+88GkiFTWNO2/srvyUD73E07T7iKXlXxz
rp2Dp4skzDjExA1z33RuSiYlyNYeTNEo10bQ3qlMic9TVn7CcRhItaL1oWXb+zCk
BUJ8yKq4XofK3A==
-----END CERTIFICATE-----