Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
File:                     tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft (raw, json)
Hash identifier:          o/NpIiXVRI8DemzplqVF8ZCn18jjiKURUpkhityXMg4=
Subject key identifier:   38:A8:5C:EC:F5:97:83:ED:39:D1:BF:00:44:1C:C0:C8:14:D7:D3:CF
Authority key identifier: B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6
Certificate issuer:       /CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
Certificate serial:       019754229F7AE3A9E0CC9C94E1A6C7DF2B73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
Manifest number:          0521
Signing time:             Mon 09 Jun 2025 10:00:44 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:44 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:44 +0000
Files and hashes:         1: tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl (hash: CtCu9aqp4RRHrF/0Rg/pzMfoJXN21qym397eUwSt2b0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:9f:7a:e3:a9:e0:cc:9c:94:e1:a6:c7:df:2b:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b69aaef1cea19f2f926f570961545cfe4ed69af6
        Validity
            Not Before: Jun  9 10:00:44 2025 GMT
            Not After : Jun 10 10:00:44 2025 GMT
        Subject: CN=38a85cecf59783ed39d1bf00441cc0c814d7d3cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:61:fa:15:0f:9d:c7:30:c4:06:58:3d:22:23:
                    51:4b:3b:ea:d2:ac:69:e5:bf:84:27:99:c6:62:07:
                    83:9f:da:94:ef:f2:3f:8a:22:19:8a:de:3d:77:f1:
                    14:85:61:11:4c:76:df:08:58:76:7a:3c:a2:34:bb:
                    b5:ee:8d:26:01:11:7b:7d:99:df:61:ca:07:3f:78:
                    fd:c5:69:89:b0:6a:52:5a:44:55:7a:7f:71:5e:17:
                    a1:c3:89:c7:64:f1:b5:9f:e5:fa:53:02:73:bc:5f:
                    82:42:41:a2:3e:c3:13:9c:4f:9d:9b:b2:a4:36:c7:
                    fb:61:e5:4f:f7:ea:80:d7:1e:ac:68:8d:dc:ac:dd:
                    af:06:53:13:ca:0c:4e:a5:f8:47:ac:81:74:bf:7a:
                    a1:72:0c:68:0d:23:e4:29:05:ef:92:23:ca:a3:42:
                    88:d1:b0:30:63:51:f4:44:ea:aa:97:63:58:62:ee:
                    23:96:3b:48:44:ca:8b:26:f7:44:d1:09:f8:45:d7:
                    c8:96:9b:b2:38:f4:77:9e:e3:4c:8a:f8:1f:bc:2a:
                    dd:e7:3e:ad:c8:fb:83:ba:e1:6a:49:e8:44:c8:45:
                    c3:f1:61:75:a6:6c:d1:29:72:63:e1:50:4f:b5:77:
                    4e:6e:12:d2:7c:1d:a5:e6:69:09:29:e0:75:53:15:
                    29:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A8:5C:EC:F5:97:83:ED:39:D1:BF:00:44:1C:C0:C8:14:D7:D3:CF
            X509v3 Authority Key Identifier:
                keyid:B6:9A:AE:F1:CE:A1:9F:2F:92:6F:57:09:61:54:5C:FE:4E:D6:9A:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpqu8c6hny-Sb1cJYVRc_k7WmvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f01712-72bb-4088-8b61-7fe20f2efed4/1/tpqu8c6hny-Sb1cJYVRc_k7WmvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:92:74:2c:3e:ae:43:cc:c6:fb:08:6c:8d:d5:fd:88:11:66:
         49:b9:34:4d:84:f6:20:bb:4b:0d:4f:fc:7b:4c:3c:84:79:37:
         3e:44:28:84:87:2b:27:55:23:54:55:f6:66:04:c0:ae:11:78:
         9d:c7:d0:39:98:44:bd:59:f2:08:e6:f1:94:04:77:6c:5b:c9:
         e4:53:5b:7f:4c:a5:97:e0:6f:82:ff:f7:66:d9:c5:75:2c:20:
         55:a6:73:83:38:8a:57:df:6d:53:64:89:3f:db:23:f7:7a:d4:
         0a:d9:11:90:0a:cb:31:82:78:8b:00:2b:27:81:1f:32:cc:75:
         68:78:78:ed:1c:cb:29:8e:78:c7:76:48:5d:5d:e5:17:47:45:
         29:0a:88:36:b2:a8:c6:5b:fa:5d:17:70:12:14:16:b1:f6:4b:
         a4:74:59:06:82:f4:ff:05:e1:a0:e0:d8:8e:95:c7:a6:d8:49:
         0d:50:39:01:b4:21:32:66:86:66:4f:b0:3d:7b:69:1f:8d:96:
         50:bf:a6:aa:6e:f8:bf:7c:ad:03:e9:16:92:c0:c1:b1:a9:77:
         59:31:44:95:09:f5:11:6a:ec:a0:c6:55:7b:9e:3f:0e:94:f8:
         65:d3:fd:08:3e:04:fc:70:f3:95:be:4c:56:93:cb:ec:98:4e:
         55:8e:6e:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIp9646ngzJyU4abH3ytzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OWFhZWYxY2VhMTlmMmY5MjZmNTcwOTYxNTQ1Y2ZlNGVk
NjlhZjYwHhcNMjUwNjA5MTAwMDQ0WhcNMjUwNjEwMTAwMDQ0WjAzMTEwLwYDVQQD
EygzOGE4NWNlY2Y1OTc4M2VkMzlkMWJmMDA0NDFjYzBjODE0ZDdkM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGH6FQ+dxzDEBlg9IiNRSzvq0qxp
5b+EJ5nGYgeDn9qU7/I/iiIZit49d/EUhWERTHbfCFh2ejyiNLu17o0mARF7fZnf
YcoHP3j9xWmJsGpSWkRVen9xXhehw4nHZPG1n+X6UwJzvF+CQkGiPsMTnE+dm7Kk
Nsf7YeVP9+qA1x6saI3crN2vBlMTygxOpfhHrIF0v3qhcgxoDSPkKQXvkiPKo0KI
0bAwY1H0ROqql2NYYu4jljtIRMqLJvdE0Qn4RdfIlpuyOPR3nuNMivgfvCrd5z6t
yPuDuuFqSehEyEXD8WF1pmzRKXJj4VBPtXdObhLSfB2l5mkJKeB1UxUpkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDioXOz1l4PtOdG/AEQcwMgU19PPMB8GA1UdIwQY
MBaAFLaarvHOoZ8vkm9XCWFUXP5O1pr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEt
N2ZlMjBmMmVmZWQ0LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDE3MTItNzJiYi00MDg4LThiNjEtN2ZlMjBmMmVmZWQ0
LzEvdHBxdThjNmhueS1TYjFjSllWUmNfazdXbXZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnZJ0LD6u
Q8zG+whsjdX9iBFmSbk0TYT2ILtLDU/8e0w8hHk3PkQohIcrJ1UjVFX2ZgTArhF4
ncfQOZhEvVnyCObxlAR3bFvJ5FNbf0yll+Bvgv/3ZtnFdSwgVaZzgziKV99tU2SJ
P9sj93rUCtkRkArLMYJ4iwArJ4EfMsx1aHh47RzLKY54x3ZIXV3lF0dFKQqINrKo
xlv6XRdwEhQWsfZLpHRZBoL0/wXhoODYjpXHpthJDVA5AbQhMmaGZk+wPXtpH42W
UL+mqm74v3ytA+kWksDBsal3WTFElQn1EWrsoMZVe54/DpT4ZdP9CD4E/HDzlb5M
VpPL7JhOVY5uoA==
-----END CERTIFICATE-----