Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
File:                     rTaQk6MtG34Ou-MkRRxY10iuzUI.mft (raw, json)
Hash identifier:          jMWwjtQv8en+xPwTFlZEja6JqYSpJxvnXBR0wRywjN4=
Subject key identifier:   C9:95:C9:AA:AF:93:19:7F:16:EA:CD:5D:A7:BC:A0:80:3A:10:8A:95
Authority key identifier: AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42
Certificate issuer:       /CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
Certificate serial:       0197512194E0F94C2504ECBE2F4BEFB5D1FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
Manifest number:          0496
Signing time:             Sun 08 Jun 2025 20:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:44 +0000
Files and hashes:         1: rTaQk6MtG34Ou-MkRRxY10iuzUI.crl (hash: IBWeVMNfE2u78w8gO8OAOO8MlMz7aBVh3+boS43yQNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:94:e0:f9:4c:25:04:ec:be:2f:4b:ef:b5:d1:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
        Validity
            Not Before: Jun  8 20:00:44 2025 GMT
            Not After : Jun  9 20:00:44 2025 GMT
        Subject: CN=c995c9aaaf93197f16eacd5da7bca0803a108a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:85:7f:34:20:5e:7c:12:27:bc:25:f2:5d:f0:
                    89:7a:20:78:25:8b:45:c2:9a:d5:25:9e:01:f8:72:
                    10:4d:d6:03:e5:94:6b:ea:39:09:92:59:e8:62:19:
                    c7:05:1a:14:a5:a2:15:dc:10:30:d0:89:cf:48:a3:
                    82:66:da:6d:22:02:f2:00:8a:be:17:63:6c:c5:cb:
                    89:61:de:a0:8f:59:4b:c9:d6:c4:7f:d4:76:bc:aa:
                    87:93:83:2a:d1:c6:29:61:7d:ca:f4:e4:ac:6a:56:
                    db:3b:c7:c9:91:f9:e0:ba:5b:2a:e5:54:2b:a7:9d:
                    54:4a:74:3d:04:67:22:3f:88:66:08:ff:42:78:6e:
                    af:31:47:4a:5b:ca:ab:e3:d1:a8:9d:f3:50:e9:68:
                    53:9c:e4:76:e2:38:2f:d1:56:29:d0:9f:f8:3b:24:
                    58:09:8b:15:6f:f9:cd:bb:a8:24:1f:6d:3b:da:11:
                    57:2a:61:0f:89:87:bb:88:1a:6a:4b:5d:88:6c:9b:
                    4a:7e:b1:aa:e4:c6:4a:74:3a:2f:65:4c:4c:54:b1:
                    e6:98:c6:e4:23:cc:02:8d:3c:5d:85:a4:fd:59:81:
                    a0:77:12:57:15:75:43:b8:1d:a6:b6:27:b8:bf:fc:
                    8e:64:ba:eb:f0:24:b3:06:7f:ce:75:a3:8d:f6:b4:
                    c1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:95:C9:AA:AF:93:19:7F:16:EA:CD:5D:A7:BC:A0:80:3A:10:8A:95
            X509v3 Authority Key Identifier:
                keyid:AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e7:c0:75:18:a5:fb:88:5c:e4:a9:f4:d1:87:1a:8a:a9:38:
         75:e1:76:68:31:60:d4:30:4f:f5:3f:76:07:26:53:df:e6:f6:
         0d:42:06:6d:16:55:bb:a2:60:aa:e0:d7:0d:88:94:54:76:72:
         7c:46:96:80:ce:a6:59:62:65:0f:e6:d4:ba:c5:23:36:0d:3a:
         0d:2c:43:af:4b:7d:71:86:9b:0a:ac:b8:fc:ec:46:46:e2:a0:
         41:0f:b7:4b:94:5c:b4:5b:eb:da:8a:fd:53:e2:68:c2:5f:1c:
         0e:6a:78:15:60:83:4c:a0:9f:21:d6:eb:42:dc:9d:b9:bb:44:
         da:bc:e7:a2:54:96:3f:57:7b:c8:46:ed:2a:ab:64:7d:d4:66:
         dc:7e:1e:de:72:ec:5d:f6:fb:c7:a3:82:23:b1:12:e4:c4:d8:
         30:74:b3:36:e3:53:b6:cb:1f:21:54:08:4d:df:a3:1f:03:5a:
         d5:88:50:c6:42:ea:cf:c3:5d:34:f3:22:76:a8:ca:7f:2e:b4:
         49:6d:dd:19:4f:18:fd:71:33:5d:61:f3:47:8c:09:52:0b:a9:
         88:09:4a:aa:72:6e:3a:6f:7f:da:83:5d:5f:80:57:34:00:a1:
         25:e3:ab:c6:d4:be:20:0a:6b:75:82:76:a9:2f:bb:f5:1e:68:
         ea:37:a7:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIZTg+UwlBOy+L0vvtdH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY5MDkzYTMyZDFiN2UwZWJiZTMyNDQ1MWM1OGQ3NDhh
ZWNkNDIwHhcNMjUwNjA4MjAwMDQ0WhcNMjUwNjA5MjAwMDQ0WjAzMTEwLwYDVQQD
EyhjOTk1YzlhYWFmOTMxOTdmMTZlYWNkNWRhN2JjYTA4MDNhMTA4YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYV/NCBefBInvCXyXfCJeiB4JYtF
wprVJZ4B+HIQTdYD5ZRr6jkJklnoYhnHBRoUpaIV3BAw0InPSKOCZtptIgLyAIq+
F2NsxcuJYd6gj1lLydbEf9R2vKqHk4Mq0cYpYX3K9OSsalbbO8fJkfngulsq5VQr
p51USnQ9BGciP4hmCP9CeG6vMUdKW8qr49GonfNQ6WhTnOR24jgv0VYp0J/4OyRY
CYsVb/nNu6gkH2072hFXKmEPiYe7iBpqS12IbJtKfrGq5MZKdDovZUxMVLHmmMbk
I8wCjTxdhaT9WYGgdxJXFXVDuB2mtie4v/yOZLrr8CSzBn/OdaON9rTBeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmVyaqvkxl/FurNXae8oIA6EIqVMB8GA1UdIwQY
MBaAFK02kJOjLRt+DrvjJEUcWNdIrs1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYt
MzYzYTU1OGUxOWJlLzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYtMzYzYTU1OGUxOWJl
LzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+fAdRil
+4hc5Kn00Ycaiqk4deF2aDFg1DBP9T92ByZT3+b2DUIGbRZVu6JgquDXDYiUVHZy
fEaWgM6mWWJlD+bUusUjNg06DSxDr0t9cYabCqy4/OxGRuKgQQ+3S5RctFvr2or9
U+Jowl8cDmp4FWCDTKCfIdbrQtydubtE2rznolSWP1d7yEbtKqtkfdRm3H4e3nLs
Xfb7x6OCI7ES5MTYMHSzNuNTtssfIVQITd+jHwNa1YhQxkLqz8NdNPMidqjKfy60
SW3dGU8Y/XEzXWHzR4wJUgupiAlKqnJuOm9/2oNdX4BXNAChJeOrxtS+IAprdYJ2
qS+79R5o6jenig==
-----END CERTIFICATE-----