Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
File:                     wKopmx5fodUSbfrXXf1Km65EOhc.mft (raw, json)
Hash identifier:          D9LGAlWqQGhF1LEf7UUjG1WNSvQKCm+k971h2duCQHk=
Subject key identifier:   12:69:4E:68:77:70:A2:8F:8C:31:96:44:1F:92:61:0C:84:FF:E9:89
Authority key identifier: C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17
Certificate issuer:       /CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
Certificate serial:       0197488C60F014F23252B6AF22B4D7CD2380
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
Manifest number:          04B6
Signing time:             Sat 07 Jun 2025 04:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:48 +0000
Files and hashes:         1: wKopmx5fodUSbfrXXf1Km65EOhc.crl (hash: 1MMJ/uRkawrSYlp+FOyKSMIHRhAhrZlKHplXeGTXLcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:60:f0:14:f2:32:52:b6:af:22:b4:d7:cd:23:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
        Validity
            Not Before: Jun  7 04:00:48 2025 GMT
            Not After : Jun  8 04:00:48 2025 GMT
        Subject: CN=12694e687770a28f8c3196441f92610c84ffe989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6b:5c:c8:c6:74:7b:27:38:12:aa:87:03:c3:
                    27:80:a8:48:57:f6:f3:95:27:dd:30:8f:ec:82:d1:
                    6a:04:f0:fd:7b:67:39:22:0c:74:75:e1:40:3a:50:
                    e1:7d:88:a1:99:22:08:2c:22:bd:a6:88:00:6f:67:
                    84:0c:cf:d2:bd:93:46:33:72:4c:e9:98:8f:17:34:
                    2e:86:be:c6:3e:a2:8e:1d:71:c4:f5:df:a0:df:68:
                    48:b5:cc:1b:62:92:ea:bd:e7:21:f9:55:14:23:a7:
                    b1:9e:e5:a6:e2:ad:47:35:4c:73:6a:e6:ff:b7:53:
                    9f:06:b2:aa:d7:ac:de:14:bf:89:f1:c9:6c:a9:46:
                    74:6a:7e:21:85:c8:ac:ae:20:ea:36:f1:2b:1c:50:
                    ac:00:19:24:db:8f:64:43:c3:a0:af:5d:4f:2e:97:
                    00:e9:47:ca:ab:d1:7f:91:f8:2e:ff:af:0e:d5:4b:
                    11:75:56:10:f2:99:46:ee:52:7f:a4:89:77:ae:88:
                    66:7f:cb:c2:d0:be:80:4e:8d:de:dd:ce:0b:fd:d1:
                    fb:d5:40:e2:bd:06:9f:20:f8:b7:ac:92:43:fc:7d:
                    5d:b9:62:69:ff:ab:ee:0f:82:51:c3:13:73:07:17:
                    d5:96:bc:9d:12:a5:dc:4e:55:d0:a6:47:15:d9:b5:
                    99:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:69:4E:68:77:70:A2:8F:8C:31:96:44:1F:92:61:0C:84:FF:E9:89
            X509v3 Authority Key Identifier:
                keyid:C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:4d:26:af:4f:0e:06:1d:f9:ec:56:1f:5d:49:62:c1:42:c5:
         13:50:bb:e9:8a:8e:e4:ab:7b:ee:29:29:a6:d2:37:a4:31:a4:
         b8:6e:fe:5a:99:d1:d4:8e:18:a0:d3:1c:d6:3c:2c:15:d6:62:
         7f:03:4c:9a:70:44:bd:e4:58:53:9b:08:a1:33:8c:53:b7:09:
         b6:98:80:d5:ca:9a:2c:af:9f:34:2f:20:20:16:3a:23:32:f0:
         13:67:35:e3:b5:02:fa:56:0a:73:27:91:4c:22:72:91:85:9c:
         11:73:0e:7b:79:d3:4e:a0:7f:42:62:0a:ab:b1:1c:24:c0:8c:
         ac:3b:ad:1b:a3:78:01:de:aa:f6:ed:37:d9:ad:b8:7f:08:3a:
         dd:ab:33:59:b4:e9:27:e2:dc:bd:37:db:fa:b3:0d:58:03:74:
         20:93:6c:7e:1a:f6:45:f5:85:b3:aa:bd:3e:c2:44:f1:c7:fb:
         02:c4:02:8f:77:75:9f:35:78:27:ea:23:e1:83:3e:ba:57:bc:
         94:0a:4d:47:9a:1d:77:d8:1a:35:dd:ed:20:18:6f:55:84:93:
         14:e2:f5:b2:73:f8:7c:8e:44:9a:b0:e3:d6:9b:e7:82:08:7f:
         b6:ef:3d:51:05:d3:6c:5d:67:f3:aa:e5:8c:e5:86:b3:bc:a1:
         4e:0a:f1:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjGDwFPIyUravIrTXzSOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYWEyOTliMWU1ZmExZDUxMjZkZmFkNzVkZmQ0YTliYWU0
NDNhMTcwHhcNMjUwNjA3MDQwMDQ4WhcNMjUwNjA4MDQwMDQ4WjAzMTEwLwYDVQQD
EygxMjY5NGU2ODc3NzBhMjhmOGMzMTk2NDQxZjkyNjEwYzg0ZmZlOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2tcyMZ0eyc4EqqHA8MngKhIV/bz
lSfdMI/sgtFqBPD9e2c5Igx0deFAOlDhfYihmSIILCK9pogAb2eEDM/SvZNGM3JM
6ZiPFzQuhr7GPqKOHXHE9d+g32hItcwbYpLqvech+VUUI6exnuWm4q1HNUxzaub/
t1OfBrKq16zeFL+J8clsqUZ0an4hhcisriDqNvErHFCsABkk249kQ8Ogr11PLpcA
6UfKq9F/kfgu/68O1UsRdVYQ8plG7lJ/pIl3rohmf8vC0L6ATo3e3c4L/dH71UDi
vQafIPi3rJJD/H1duWJp/6vuD4JRwxNzBxfVlrydEqXcTlXQpkcV2bWZBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJpTmh3cKKPjDGWRB+SYQyE/+mJMB8GA1UdIwQY
MBaAFMCqKZseX6HVEm361139SpuuRDoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzct
NzA0YTk5NWUzZGI2LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzctNzA0YTk5NWUzZGI2
LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkk0mr08O
Bh357FYfXUliwULFE1C76YqO5Kt77ikpptI3pDGkuG7+WpnR1I4YoNMc1jwsFdZi
fwNMmnBEveRYU5sIoTOMU7cJtpiA1cqaLK+fNC8gIBY6IzLwE2c147UC+lYKcyeR
TCJykYWcEXMOe3nTTqB/QmIKq7EcJMCMrDutG6N4Ad6q9u032a24fwg63aszWbTp
J+LcvTfb+rMNWAN0IJNsfhr2RfWFs6q9PsJE8cf7AsQCj3d1nzV4J+oj4YM+ule8
lApNR5odd9gaNd3tIBhvVYSTFOL1snP4fI5EmrDj1pvnggh/tu89UQXTbF1n86rl
jOWGs7yhTgrxaQ==
-----END CERTIFICATE-----