Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          BSXHpJc/WKM6ViQqQdJ5KRoRJkzycJYnSkTuiClsVzw=
Subject key identifier:   0F:B7:8F:6C:25:55:A1:42:DB:F6:99:58:40:D2:BC:BF:E6:2F:95:83
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       01974CD6F4946EE2490511B8D0510B1E6351
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          03D5
Signing time:             Sun 08 Jun 2025 00:00:45 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:45 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:45 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: +1vUN9VcJdkXUe11S8dnoH31YsetramyF8EjsyLbduA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d6:f4:94:6e:e2:49:05:11:b8:d0:51:0b:1e:63:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Jun  8 00:00:45 2025 GMT
            Not After : Jun  9 00:00:45 2025 GMT
        Subject: CN=0fb78f6c2555a142dbf6995840d2bcbfe62f9583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:f9:31:67:64:bb:2a:db:70:f1:b6:6e:13:64:
                    fb:9f:f0:44:03:ed:67:e3:ab:0e:02:92:39:7d:5f:
                    a1:5e:9a:46:fe:e0:57:72:d1:80:17:8e:d6:83:b6:
                    c3:84:92:49:06:b3:f0:62:b5:d0:1f:44:74:12:d9:
                    35:79:0c:d5:cc:46:75:0a:8f:07:74:c1:ef:c5:1d:
                    81:0c:66:cd:23:7f:08:70:cf:89:f2:8e:06:d5:21:
                    a0:b7:49:bd:bb:ab:af:b8:a4:69:a3:60:10:e0:43:
                    da:da:9f:27:40:0f:c3:4f:1b:e3:c5:f0:b6:89:1f:
                    26:97:6a:f1:83:79:95:25:d2:32:a5:4b:cb:ba:a7:
                    b0:8a:c5:3f:3b:a0:ea:a3:bd:2e:d3:a8:18:78:d6:
                    55:35:f4:1d:91:b7:e9:62:46:85:d6:c1:40:5a:72:
                    76:60:20:0c:54:2b:bc:e3:e1:7c:09:6e:0f:c7:5d:
                    39:07:21:65:36:21:f2:7a:d4:ad:cc:e8:b1:91:f9:
                    2c:bc:91:1d:54:3e:d7:b7:14:52:b8:44:b8:8e:e3:
                    34:9b:f0:80:8d:ac:1e:0b:9b:1f:c5:4b:b4:9e:90:
                    2a:58:1a:16:8b:c2:ba:c7:1f:c6:45:85:f9:d3:ce:
                    ef:7f:3f:7d:13:ad:b7:03:8d:ba:c1:8a:62:82:d4:
                    6a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:B7:8F:6C:25:55:A1:42:DB:F6:99:58:40:D2:BC:BF:E6:2F:95:83
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:fe:93:87:06:0f:f2:9d:16:4d:aa:0e:85:eb:13:fc:ff:61:
         a2:85:1f:54:12:18:8b:a4:07:ba:3a:c1:50:68:36:e1:7d:5c:
         3c:98:1b:d0:ee:d1:a8:42:36:1b:2c:c3:ec:95:05:c8:1f:71:
         64:a1:5a:78:0b:fc:1b:e0:33:1f:42:35:5e:d5:82:8c:e6:c5:
         34:42:6c:88:5e:8c:25:db:a6:77:e7:c0:b9:a5:25:27:ad:7e:
         55:ab:6c:fe:f2:43:63:9b:0b:7a:5f:1c:68:bb:7f:22:66:65:
         75:73:c0:fe:39:53:fb:df:4d:e3:31:8e:cc:6c:2c:4d:4a:23:
         04:09:a8:80:ec:bd:86:25:6f:1a:76:bf:a9:cc:94:9d:b6:8c:
         cd:2e:80:22:b9:39:3d:16:11:f5:a2:a4:74:2a:b5:47:5b:b5:
         07:15:2e:61:54:f6:85:40:7b:46:e3:39:69:34:f2:87:60:b7:
         85:9f:b5:7d:27:7e:fc:3e:d0:7b:12:05:66:21:6c:61:91:b2:
         0e:c1:02:49:a6:ed:30:38:e3:a0:b8:cb:5a:dd:6b:60:7b:26:
         37:50:c2:dd:31:50:9c:d5:5c:1a:cf:71:03:bb:3f:42:fb:5d:
         53:f8:9a:9e:09:24:34:68:73:2f:09:2b:b4:80:c8:cb:87:d2:
         ef:f5:19:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1vSUbuJJBRG40FELHmNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjUwNjA4MDAwMDQ1WhcNMjUwNjA5MDAwMDQ1WjAzMTEwLwYDVQQD
EygwZmI3OGY2YzI1NTVhMTQyZGJmNjk5NTg0MGQyYmNiZmU2MmY5NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PkxZ2S7Kttw8bZuE2T7n/BEA+1n
46sOApI5fV+hXppG/uBXctGAF47Wg7bDhJJJBrPwYrXQH0R0Etk1eQzVzEZ1Co8H
dMHvxR2BDGbNI38IcM+J8o4G1SGgt0m9u6uvuKRpo2AQ4EPa2p8nQA/DTxvjxfC2
iR8ml2rxg3mVJdIypUvLuqewisU/O6Dqo70u06gYeNZVNfQdkbfpYkaF1sFAWnJ2
YCAMVCu84+F8CW4Px105ByFlNiHyetStzOixkfksvJEdVD7XtxRSuES4juM0m/CA
jaweC5sfxUu0npAqWBoWi8K6xx/GRYX5087vfz99E623A426wYpigtRqrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+3j2wlVaFC2/aZWEDSvL/mL5WDMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkv6ThwYP
8p0WTaoOhesT/P9hooUfVBIYi6QHujrBUGg24X1cPJgb0O7RqEI2GyzD7JUFyB9x
ZKFaeAv8G+AzH0I1XtWCjObFNEJsiF6MJdumd+fAuaUlJ61+Vats/vJDY5sLel8c
aLt/ImZldXPA/jlT+99N4zGOzGwsTUojBAmogOy9hiVvGna/qcyUnbaMzS6AIrk5
PRYR9aKkdCq1R1u1BxUuYVT2hUB7RuM5aTTyh2C3hZ+1fSd+/D7QexIFZiFsYZGy
DsECSabtMDjjoLjLWt1rYHsmN1DC3TFQnNVcGs9xA7s/QvtdU/iangkkNGhzLwkr
tIDIy4fS7/UZhg==
-----END CERTIFICATE-----