Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          Y8nMhelkwKpadwbH1iEYDmUHH5AUTDw476hLCUTQz4c=
Subject key identifier:   BA:7C:DA:07:B0:07:40:B6:5E:82:53:24:95:21:DA:69:9A:22:87:B7
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       0197474302F8B2DD2B1BD9CCA4E77C01C325
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 22:01:03 +0000
Manifest this update:     Fri 06 Jun 2025 22:01:03 +0000
Manifest next update:     Sat 07 Jun 2025 22:01:03 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: oundnuuAD0OnzC5oA3Bzd2DhbO7+WD8jBehPsaBu13I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:43:02:f8:b2:dd:2b:1b:d9:cc:a4:e7:7c:01:c3:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Jun  6 22:01:03 2025 GMT
            Not After : Jun  7 22:01:03 2025 GMT
        Subject: CN=ba7cda07b00740b65e8253249521da699a2287b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ec:7b:49:a6:32:98:30:9d:f8:6e:e1:14:5e:
                    58:19:e6:ad:4f:de:d0:05:62:8a:de:76:c4:6b:a4:
                    4b:3e:e3:e1:0a:4b:dd:98:1c:2b:ed:20:64:f7:74:
                    a4:7d:d2:00:2f:68:1e:85:a8:e5:89:80:8a:1e:ae:
                    63:a7:72:49:98:a1:f5:50:8d:36:33:a1:03:f2:dc:
                    26:fe:eb:3d:41:15:b7:e6:9f:70:d8:0b:c0:cb:5b:
                    78:06:1c:0e:03:ad:e4:9c:fa:77:ec:47:fa:95:c3:
                    6b:31:e8:26:ec:3c:4e:87:9e:98:08:a0:8e:c9:c3:
                    7c:e0:f0:76:33:10:24:2b:85:6a:bd:44:ee:9c:f8:
                    5d:63:26:69:6a:3f:e1:ad:05:78:86:7d:93:b5:6e:
                    cf:2a:d2:42:78:57:71:f6:b0:4b:74:01:75:30:39:
                    c4:4e:93:7b:e4:67:d5:3c:52:fd:b4:7b:e4:60:65:
                    37:ce:1d:6c:ed:ba:75:b5:f0:75:09:78:cd:44:4a:
                    39:44:70:1c:22:30:75:10:af:c7:7b:22:9d:3b:75:
                    3e:e8:d0:6a:61:2e:72:04:35:e8:c8:94:18:47:eb:
                    a8:0a:4f:fa:9b:92:35:a7:27:54:54:f0:29:e1:71:
                    f7:fe:a4:86:a2:2f:6e:c0:04:b8:9d:36:f2:89:62:
                    e3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:7C:DA:07:B0:07:40:B6:5E:82:53:24:95:21:DA:69:9A:22:87:B7
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e8:1f:e7:ea:bf:4c:b2:40:03:9e:22:8b:a8:70:ad:37:7c:
         cf:da:ff:aa:7d:a4:ba:64:47:dd:04:9a:34:2d:19:c4:3d:50:
         6a:27:6f:e6:d4:61:64:d6:c3:fd:71:7a:c7:f7:5d:8a:cd:f7:
         e5:3e:83:ad:41:47:e1:be:39:6e:56:4d:d5:c2:49:05:ba:b6:
         7b:41:52:96:e3:5e:e9:d4:48:df:ae:72:ff:d1:2a:56:04:41:
         42:df:96:0b:20:36:a6:60:5f:b3:89:de:8c:4b:87:93:3e:42:
         06:0f:43:0a:d5:11:38:8d:94:02:dc:f4:9d:ac:a3:62:47:e2:
         6c:3b:4b:07:83:af:23:be:67:bf:3d:20:1b:e6:63:52:3a:bd:
         a1:e1:4d:00:11:7b:ad:f5:c0:3a:30:03:d6:a5:55:d6:b7:e8:
         02:c2:42:a4:26:39:51:73:5c:07:ab:80:34:38:c3:12:db:7b:
         34:de:94:65:6d:0e:d5:7d:7e:5f:80:ff:c0:2c:a0:c6:b7:56:
         b3:30:aa:ec:35:24:7d:4c:77:8e:46:7c:d0:b0:0f:c8:f7:cc:
         d5:5c:5b:ef:aa:d8:af:a7:fc:8e:74:1c:b4:94:bb:8c:c6:98:
         27:a3:01:fe:be:9d:80:56:88:a0:35:6d:70:f5:8c:81:c2:a9:
         ee:4f:c4:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQwL4st0rG9nMpOd8AcMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjUwNjA2MjIwMTAzWhcNMjUwNjA3MjIwMTAzWjAzMTEwLwYDVQQD
EyhiYTdjZGEwN2IwMDc0MGI2NWU4MjUzMjQ5NTIxZGE2OTlhMjI4N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+x7SaYymDCd+G7hFF5YGeatT97Q
BWKK3nbEa6RLPuPhCkvdmBwr7SBk93SkfdIAL2gehajliYCKHq5jp3JJmKH1UI02
M6ED8twm/us9QRW35p9w2AvAy1t4BhwOA63knPp37Ef6lcNrMegm7DxOh56YCKCO
ycN84PB2MxAkK4VqvUTunPhdYyZpaj/hrQV4hn2TtW7PKtJCeFdx9rBLdAF1MDnE
TpN75GfVPFL9tHvkYGU3zh1s7bp1tfB1CXjNREo5RHAcIjB1EK/HeyKdO3U+6NBq
YS5yBDXoyJQYR+uoCk/6m5I1pydUVPAp4XH3/qSGoi9uwAS4nTbyiWLjGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLp82gewB0C2XoJTJJUh2mmaIoe3MB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJegf5+q/
TLJAA54ii6hwrTd8z9r/qn2kumRH3QSaNC0ZxD1Qaidv5tRhZNbD/XF6x/ddis33
5T6DrUFH4b45blZN1cJJBbq2e0FSluNe6dRI365y/9EqVgRBQt+WCyA2pmBfs4ne
jEuHkz5CBg9DCtUROI2UAtz0nayjYkfibDtLB4OvI75nvz0gG+ZjUjq9oeFNABF7
rfXAOjAD1qVV1rfoAsJCpCY5UXNcB6uANDjDEtt7NN6UZW0O1X1+X4D/wCygxrdW
szCq7DUkfUx3jkZ80LAPyPfM1Vxb76rYr6f8jnQctJS7jMaYJ6MB/r6dgFaIoDVt
cPWMgcKp7k/E3w==
-----END CERTIFICATE-----