Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          Kb1YlyYB3MInBqxWZUP+IFWIv4FXSko7XExE03hXInU=
Subject key identifier:   66:52:EC:7D:F9:F1:AA:BB:77:A9:F0:61:40:A3:B5:91:20:FE:B9:36
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       0197518F71236AAADC5DD26862B14541B9A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0969
Signing time:             Sun 08 Jun 2025 22:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 22:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 22:00:44 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: yfdfO1gtnQC7ZpvBNSEDdxNYcdMgaPs/D9pIz8N0mlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:8f:71:23:6a:aa:dc:5d:d2:68:62:b1:45:41:b9:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: Jun  8 22:00:44 2025 GMT
            Not After : Jun  9 22:00:44 2025 GMT
        Subject: CN=6652ec7df9f1aabb77a9f06140a3b59120feb936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1c:41:31:0a:7f:18:03:36:d2:42:2e:05:07:
                    73:e4:d3:92:c0:80:3f:a9:68:1d:83:93:66:38:88:
                    9a:36:f0:2f:0c:4a:8c:ed:58:80:42:8e:55:9d:fa:
                    4b:de:26:f1:39:0c:ef:8d:58:64:ec:88:5a:34:bd:
                    0f:d0:91:6b:8e:76:8f:46:76:89:f4:32:b0:03:19:
                    0e:2d:b9:54:45:3f:01:ae:83:83:93:8d:71:50:67:
                    aa:d4:91:06:74:2c:83:f3:0e:7d:d9:34:28:7d:e6:
                    94:31:53:5b:25:d5:7d:87:55:9c:38:3e:95:31:11:
                    59:58:da:46:e9:27:e6:00:38:dc:9d:d6:4d:27:25:
                    98:e0:c6:05:1a:c8:7c:c4:65:df:ec:43:66:4e:6c:
                    8d:51:68:90:c5:00:c1:83:da:9c:45:3b:09:82:5a:
                    80:63:cc:c2:3f:9e:44:3c:33:7d:08:1d:a0:fc:8a:
                    c6:8f:08:2c:91:40:ac:02:73:87:f7:bf:8d:46:2b:
                    a6:18:f5:2d:92:36:a3:17:7a:bf:8e:c2:b5:27:88:
                    a8:59:03:7f:d0:88:3b:00:99:2d:1c:b0:65:da:3c:
                    f1:fa:40:78:76:54:46:1d:db:0b:cf:79:c3:05:19:
                    0b:7e:eb:14:25:e4:46:99:91:7e:14:f9:70:5e:66:
                    57:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:52:EC:7D:F9:F1:AA:BB:77:A9:F0:61:40:A3:B5:91:20:FE:B9:36
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:2c:16:fc:25:fd:3c:fc:cd:1f:4f:c9:96:1e:3b:25:42:ac:
         3c:60:0d:90:8b:65:2f:ea:76:2b:32:21:43:ee:d1:d5:90:5d:
         04:fb:98:47:8f:c5:3f:29:fb:a7:6f:eb:af:75:53:7f:5c:0e:
         78:70:50:5e:db:c2:d4:77:f9:50:31:97:5c:49:39:44:86:a2:
         5d:56:cb:e9:45:89:82:95:d2:26:86:ca:1c:71:f8:c9:89:a0:
         be:17:b9:07:f9:19:35:5d:7d:ae:65:fc:69:bc:ab:e5:8f:ab:
         a4:5e:32:9d:77:91:9d:69:e7:a4:ca:c2:8c:54:af:f2:39:ad:
         72:70:91:1e:d7:11:8c:97:79:95:ba:84:e4:51:6e:22:03:75:
         fe:0e:83:e4:18:8f:af:ee:0a:83:0f:57:6c:9b:d0:66:fc:2c:
         fa:97:41:11:89:56:78:1e:a4:b7:1d:95:f5:79:70:b4:33:18:
         4e:fa:b0:d7:d9:c8:2b:b2:a2:6f:2b:a9:a0:2b:c9:31:e6:80:
         79:88:ff:ce:21:61:2a:42:9e:9f:3a:23:15:26:79:dd:33:e9:
         70:fc:8a:9b:df:45:6a:d6:8e:f0:c5:ab:ce:0b:b0:dc:4f:d4:
         c4:fb:20:ec:ca:e1:ad:3b:41:ee:92:24:3d:41:e0:51:d9:03:
         11:d3:b1:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRj3EjaqrcXdJoYrFFQbmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjUwNjA4MjIwMDQ0WhcNMjUwNjA5MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg2NjUyZWM3ZGY5ZjFhYWJiNzdhOWYwNjE0MGEzYjU5MTIwZmViOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxxBMQp/GAM20kIuBQdz5NOSwIA/
qWgdg5NmOIiaNvAvDEqM7ViAQo5VnfpL3ibxOQzvjVhk7IhaNL0P0JFrjnaPRnaJ
9DKwAxkOLblURT8BroODk41xUGeq1JEGdCyD8w592TQofeaUMVNbJdV9h1WcOD6V
MRFZWNpG6SfmADjcndZNJyWY4MYFGsh8xGXf7ENmTmyNUWiQxQDBg9qcRTsJglqA
Y8zCP55EPDN9CB2g/IrGjwgskUCsAnOH97+NRiumGPUtkjajF3q/jsK1J4ioWQN/
0Ig7AJktHLBl2jzx+kB4dlRGHdsLz3nDBRkLfusUJeRGmZF+FPlwXmZX3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZS7H358aq7d6nwYUCjtZEg/rk2MB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKiwW/CX9
PPzNH0/Jlh47JUKsPGANkItlL+p2KzIhQ+7R1ZBdBPuYR4/FPyn7p2/rr3VTf1wO
eHBQXtvC1Hf5UDGXXEk5RIaiXVbL6UWJgpXSJobKHHH4yYmgvhe5B/kZNV19rmX8
abyr5Y+rpF4ynXeRnWnnpMrCjFSv8jmtcnCRHtcRjJd5lbqE5FFuIgN1/g6D5BiP
r+4Kgw9XbJvQZvws+pdBEYlWeB6ktx2V9XlwtDMYTvqw19nIK7KibyupoCvJMeaA
eYj/ziFhKkKenzojFSZ53TPpcPyKm99FataO8MWrzguw3E/UxPsg7MrhrTtB7pIk
PUHgUdkDEdOx8A==
-----END CERTIFICATE-----