Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
File:                     AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft (raw, json)
Hash identifier:          ZyuQRcNSmlqan2R8Pjr71VxZC01WJLWL2HeWaNFLo8c=
Subject key identifier:   B2:AC:27:51:99:24:77:C5:C5:28:DA:3E:7C:9C:9C:A1:A4:83:93:8A
Authority key identifier: 01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04
Certificate issuer:       /CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
Certificate serial:       01974C69EC878A57300B4655B4EF2CD4197F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
Manifest number:          0A54
Signing time:             Sat 07 Jun 2025 22:01:39 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:39 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:39 +0000
Files and hashes:         1: AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl (hash: AnIMLkRkE/67up7LIqmWNqNC1oNDpPxx12ZVQpA8CfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:ec:87:8a:57:30:0b:46:55:b4:ef:2c:d4:19:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=013f6db0fd57d19f9ee15242a2e4167efb522d04
        Validity
            Not Before: Jun  7 22:01:39 2025 GMT
            Not After : Jun  8 22:01:39 2025 GMT
        Subject: CN=b2ac2751992477c5c528da3e7c9c9ca1a483938a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:dd:b7:8d:2e:b7:08:ec:38:f9:70:fc:ac:9f:
                    a4:5a:37:68:0f:4c:48:f3:0b:2d:cc:9e:82:21:0f:
                    77:a6:44:70:ae:10:b7:3b:14:41:86:c1:1b:36:90:
                    e4:ff:8e:5c:6b:de:e8:42:c7:69:31:5b:ac:af:01:
                    ac:91:20:42:d7:71:3a:06:e0:34:c9:6b:20:f8:ec:
                    bc:79:d8:96:13:8e:6d:01:62:9c:6f:68:b9:5a:a8:
                    d2:a7:dd:5a:e3:77:13:19:dc:b6:e7:c5:74:ec:cd:
                    e3:7b:30:7f:35:1b:03:2a:67:65:42:8b:de:de:5f:
                    d0:e9:54:a5:14:09:1c:e0:9d:1c:2d:ec:d5:e3:40:
                    0e:91:c4:86:72:be:4a:7e:fa:fe:00:60:52:3d:2d:
                    de:d1:c2:7e:28:72:02:b7:b7:35:59:e7:32:63:68:
                    a7:4c:66:4a:d0:4c:af:43:cf:94:fe:68:fa:02:40:
                    cc:42:52:53:f8:e0:78:d9:ae:f7:36:8d:d5:0f:11:
                    b3:12:eb:6d:70:15:b1:6a:d2:68:c8:53:48:0b:de:
                    4b:c1:ad:e9:e5:38:05:b1:70:d1:2c:b4:5e:c7:44:
                    42:b0:b7:ac:0f:5c:2c:dc:65:e8:a7:b5:36:c9:4d:
                    4f:da:51:44:f9:17:ce:b7:96:13:33:92:df:26:a3:
                    1b:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:AC:27:51:99:24:77:C5:C5:28:DA:3E:7C:9C:9C:A1:A4:83:93:8A
            X509v3 Authority Key Identifier:
                keyid:01:3F:6D:B0:FD:57:D1:9F:9E:E1:52:42:A2:E4:16:7E:FB:52:2D:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f63307-4a0f-4053-8fc3-f535578984c2/1/AT9tsP1X0Z-e4VJCouQWfvtSLQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:98:a9:01:9e:3b:66:0e:98:62:51:36:ae:47:e4:07:45:e8:
         fb:17:89:39:b0:de:34:21:ad:34:07:30:9d:35:c5:f8:8a:b4:
         59:1e:39:65:b8:e6:44:17:6e:4b:87:0b:ea:9b:b5:67:ca:c3:
         ac:96:bb:d6:2d:08:ad:da:7a:54:29:ed:de:d5:f0:f7:dc:af:
         df:7c:03:40:ea:07:6c:e2:cc:5c:f5:2c:b4:e3:d6:19:81:af:
         61:8f:f7:4a:ab:76:67:fe:33:87:64:38:41:9d:b5:40:e9:7c:
         8f:61:8e:f1:0a:52:e2:17:47:bf:6f:72:cf:72:31:98:87:9a:
         bc:66:dd:15:60:82:cb:ef:e5:51:ac:2b:bf:77:43:22:0f:57:
         5e:e7:c2:3f:e2:f1:0e:07:e3:4f:15:bd:f2:50:d9:86:f1:63:
         6a:64:9d:b9:87:28:ff:cf:31:10:20:17:e4:38:3f:9e:e2:e9:
         ac:e8:0c:ca:f5:19:cb:36:e1:89:7d:18:49:e2:b7:14:e4:40:
         be:43:80:68:00:a1:ab:c3:e0:6d:26:a9:20:6c:83:81:7c:60:
         d8:59:17:51:e7:89:b3:9f:60:e7:a0:6d:54:32:ad:46:56:63:
         22:a8:27:5d:3f:af:c1:d4:c9:a8:6b:fc:e9:95:b4:bd:6c:6b:
         77:27:c9:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaeyHilcwC0ZVtO8s1Bl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxM2Y2ZGIwZmQ1N2QxOWY5ZWUxNTI0MmEyZTQxNjdlZmI1
MjJkMDQwHhcNMjUwNjA3MjIwMTM5WhcNMjUwNjA4MjIwMTM5WjAzMTEwLwYDVQQD
EyhiMmFjMjc1MTk5MjQ3N2M1YzUyOGRhM2U3YzljOWNhMWE0ODM5MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot23jS63COw4+XD8rJ+kWjdoD0xI
8wstzJ6CIQ93pkRwrhC3OxRBhsEbNpDk/45ca97oQsdpMVusrwGskSBC13E6BuA0
yWsg+Oy8ediWE45tAWKcb2i5WqjSp91a43cTGdy258V07M3jezB/NRsDKmdlQove
3l/Q6VSlFAkc4J0cLezV40AOkcSGcr5Kfvr+AGBSPS3e0cJ+KHICt7c1WecyY2in
TGZK0EyvQ8+U/mj6AkDMQlJT+OB42a73No3VDxGzEuttcBWxatJoyFNIC95Lwa3p
5TgFsXDRLLRex0RCsLesD1ws3GXop7U2yU1P2lFE+RfOt5YTM5LfJqMb9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKsJ1GZJHfFxSjaPnycnKGkg5OKMB8GA1UdIwQY
MBaAFAE/bbD9V9GfnuFSQqLkFn77Ui0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMt
ZjUzNTU3ODk4NGMyLzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNjMzMDctNGEwZi00MDUzLThmYzMtZjUzNTU3ODk4NGMy
LzEvQVQ5dHNQMVgwWi1lNFZKQ291UVdmdnRTTFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpipAZ47
Zg6YYlE2rkfkB0Xo+xeJObDeNCGtNAcwnTXF+Iq0WR45ZbjmRBduS4cL6pu1Z8rD
rJa71i0Irdp6VCnt3tXw99yv33wDQOoHbOLMXPUstOPWGYGvYY/3Sqt2Z/4zh2Q4
QZ21QOl8j2GO8QpS4hdHv29yz3IxmIeavGbdFWCCy+/lUawrv3dDIg9XXufCP+Lx
DgfjTxW98lDZhvFjamSduYco/88xECAX5Dg/nuLprOgMyvUZyzbhiX0YSeK3FORA
vkOAaAChq8PgbSapIGyDgXxg2FkXUeeJs59g56BtVDKtRlZjIqgnXT+vwdTJqGv8
6ZW0vWxrdyfJ+Q==
-----END CERTIFICATE-----