Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          JrfkHXXE0LVmN6HoyGmaJm+ybdsY4tt/b6Dxoyczov4=
Subject key identifier:   24:E0:7B:68:50:67:07:FA:5F:85:D6:F7:36:27:22:69:16:2E:B1:39
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       01974CD774AD9495BF9EDB4F138A5B60E8C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          3D
Signing time:             Sun 08 Jun 2025 00:01:17 +0000
Manifest this update:     Sun 08 Jun 2025 00:01:17 +0000
Manifest next update:     Mon 09 Jun 2025 00:01:17 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: pQdScu7/OV+LJB8Ls1sQzafpJB1j9+bnZaDAbS00XcE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:74:ad:94:95:bf:9e:db:4f:13:8a:5b:60:e8:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Jun  8 00:01:17 2025 GMT
            Not After : Jun  9 00:01:17 2025 GMT
        Subject: CN=24e07b68506707fa5f85d6f736272269162eb139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e8:c9:c6:1a:ad:6b:1a:da:c1:ed:07:bb:30:
                    08:1b:2b:86:dc:79:af:32:76:d8:d4:8c:7f:f1:67:
                    6b:a4:f5:30:92:34:4f:6f:b7:bb:9c:a3:8d:ee:6c:
                    7a:08:aa:51:32:2c:dc:33:df:95:88:c4:b3:0a:b4:
                    c4:30:71:71:cd:6b:cd:09:e7:27:55:aa:c4:fd:b2:
                    2c:69:c2:ef:e6:45:b5:7a:40:9b:f3:6c:e2:bd:da:
                    0b:8f:f2:86:ad:e9:c3:f7:25:57:18:a0:17:19:bb:
                    58:cd:75:81:9c:66:5d:c7:ab:28:76:cd:c3:4e:4b:
                    0a:8f:ce:be:91:90:f3:10:90:c5:68:52:45:cb:92:
                    fc:68:4d:3f:b7:b0:f1:de:8f:a6:72:a7:47:4c:1e:
                    00:a9:f1:18:2c:b7:80:46:6b:7f:32:fb:77:a0:83:
                    0d:ff:06:8a:44:db:5f:8d:bb:16:6a:9b:13:58:2d:
                    c2:f6:eb:f7:da:4e:9a:cb:ed:12:5b:e3:9e:33:b3:
                    93:4a:6d:ed:e9:e7:48:f5:94:7b:94:ac:e9:16:71:
                    b9:38:8d:e6:ad:ca:9c:5f:12:7b:6f:8c:d1:a1:54:
                    13:fa:35:de:16:9d:6d:cf:a1:8a:ce:90:f0:8a:1c:
                    10:df:04:a4:46:e8:9a:68:b0:bc:5d:b3:d2:00:01:
                    34:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E0:7B:68:50:67:07:FA:5F:85:D6:F7:36:27:22:69:16:2E:B1:39
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:c5:66:f9:31:39:83:8b:7e:de:51:d4:d9:08:f4:f3:49:8b:
         c5:cd:54:2f:f0:87:f7:65:a7:f9:eb:38:6d:67:25:c0:86:86:
         e8:c9:fa:3f:6d:28:66:3d:9e:56:19:d4:93:18:af:88:cf:27:
         73:1a:bf:3c:a6:b0:a4:70:a6:be:1d:76:ed:1b:8d:09:a2:c2:
         5e:ca:95:10:85:a3:9c:4a:57:89:2f:6e:ce:7b:87:4f:39:08:
         9d:a2:79:4b:29:20:c2:d3:64:a2:36:cd:d8:f4:57:55:f9:72:
         45:f8:99:b1:f4:ec:59:a1:19:9c:2a:a0:10:9d:10:94:44:d9:
         0f:10:44:27:37:2b:06:cb:82:c4:a9:81:0b:f4:7c:7a:6e:4d:
         6c:09:08:4d:ba:7b:36:18:bc:b8:55:c2:d8:12:10:e3:69:bb:
         99:94:f1:e5:77:a7:dc:df:a0:51:9c:d4:3a:78:06:e4:8e:40:
         81:ac:46:5e:e9:2b:1b:62:ae:f5:51:43:0c:e9:7e:ec:61:38:
         21:9f:27:fb:b3:7f:d6:04:27:03:e7:29:93:f5:a2:e6:c9:8f:
         e4:9d:3f:a9:bd:fa:a0:9a:f8:36:b2:bf:d5:fe:e9:a1:7e:e5:
         9d:3f:b3:63:e2:e9:1d:ff:64:d2:3e:55:ba:74:53:9e:30:f2:
         60:04:81:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM13StlJW/nttPE4pbYOjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjUwNjA4MDAwMTE3WhcNMjUwNjA5MDAwMTE3WjAzMTEwLwYDVQQD
EygyNGUwN2I2ODUwNjcwN2ZhNWY4NWQ2ZjczNjI3MjI2OTE2MmViMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyejJxhqtaxrawe0HuzAIGyuG3Hmv
MnbY1Ix/8WdrpPUwkjRPb7e7nKON7mx6CKpRMizcM9+ViMSzCrTEMHFxzWvNCecn
VarE/bIsacLv5kW1ekCb82zivdoLj/KGrenD9yVXGKAXGbtYzXWBnGZdx6sods3D
TksKj86+kZDzEJDFaFJFy5L8aE0/t7Dx3o+mcqdHTB4AqfEYLLeARmt/Mvt3oIMN
/waKRNtfjbsWapsTWC3C9uv32k6ay+0SW+OeM7OTSm3t6edI9ZR7lKzpFnG5OI3m
rcqcXxJ7b4zRoVQT+jXeFp1tz6GKzpDwihwQ3wSkRuiaaLC8XbPSAAE0rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTge2hQZwf6X4XW9zYnImkWLrE5MB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8Vm+TE5
g4t+3lHU2Qj080mLxc1UL/CH92Wn+es4bWclwIaG6Mn6P20oZj2eVhnUkxiviM8n
cxq/PKawpHCmvh127RuNCaLCXsqVEIWjnEpXiS9uznuHTzkInaJ5SykgwtNkojbN
2PRXVflyRfiZsfTsWaEZnCqgEJ0QlETZDxBEJzcrBsuCxKmBC/R8em5NbAkITbp7
Nhi8uFXC2BIQ42m7mZTx5Xen3N+gUZzUOngG5I5AgaxGXukrG2Ku9VFDDOl+7GE4
IZ8n+7N/1gQnA+cpk/Wi5smP5J0/qb36oJr4NrK/1f7poX7lnT+zY+LpHf9k0j5V
unRTnjDyYASBiQ==
-----END CERTIFICATE-----