Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
File:                     H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft (raw, json)
Hash identifier:          5lNyB0AjcW0OLtfjPdsmGHOSF1rL4b1zl5yDe9b7JZk=
Subject key identifier:   50:B0:62:AC:02:26:37:6C:65:F8:4E:1B:68:30:0C:56:77:DF:8C:39
Authority key identifier: 1F:89:7D:BF:F0:1A:FD:9D:1E:77:B6:F9:FE:08:D9:77:42:F5:6D:32
Certificate issuer:       /CN=1f897dbff01afd9d1e77b6f9fe08d97742f56d32
Certificate serial:       019745F93567BB57C55D8E5AA78F0412D09B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
Manifest number:          02E9
Signing time:             Fri 06 Jun 2025 16:00:49 +0000
Manifest this update:     Fri 06 Jun 2025 16:00:49 +0000
Manifest next update:     Sat 07 Jun 2025 16:00:49 +0000
Files and hashes:         1: H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl (hash: mbXsLIRt9QmtfSvpNtrVmAHOMcV8bp/fV0ejCIKq54Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:f9:35:67:bb:57:c5:5d:8e:5a:a7:8f:04:12:d0:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f897dbff01afd9d1e77b6f9fe08d97742f56d32
        Validity
            Not Before: Jun  6 16:00:49 2025 GMT
            Not After : Jun  7 16:00:49 2025 GMT
        Subject: CN=50b062ac0226376c65f84e1b68300c5677df8c39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:33:d0:8a:fb:e4:76:c5:38:da:96:fa:9e:0b:
                    ad:d9:a5:b2:c8:67:09:62:7b:d4:73:0b:05:5c:d5:
                    fd:1f:65:3b:e0:94:9f:97:1b:cc:fe:a8:0f:75:1c:
                    c1:4a:4b:c0:a5:a0:98:eb:43:f3:ca:b1:35:27:59:
                    7e:80:28:e7:e4:e9:da:5f:d3:53:9b:70:94:2b:33:
                    63:af:1c:53:8c:28:2b:d6:4d:db:90:41:0a:2c:b1:
                    0e:41:de:c1:a5:60:f0:4e:e1:10:b6:7a:85:a3:4e:
                    b2:9c:59:da:af:7e:d9:e9:42:8c:8f:94:d1:49:18:
                    74:97:1a:ff:5d:bd:46:e2:e2:81:9b:8d:a0:35:e4:
                    b1:25:9b:4d:6b:3e:2d:d7:81:f2:f7:08:76:fd:76:
                    fe:98:f9:fc:ae:0d:3b:f2:dd:71:53:9c:30:3d:f0:
                    20:41:38:ad:2f:98:12:f6:2c:b3:41:4a:2a:24:d1:
                    e4:86:49:74:a5:0c:74:b4:65:93:ca:df:68:a2:f1:
                    98:de:5a:2f:c1:4b:4f:2f:96:fa:f7:16:e4:8c:fc:
                    f1:bc:73:e1:db:81:ad:fe:01:a6:f3:d3:04:e7:33:
                    c8:97:64:ff:19:08:31:10:84:8c:66:d6:dc:e3:24:
                    1c:72:f0:9f:34:e6:ae:0e:b2:cc:45:37:16:1c:7c:
                    44:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:B0:62:AC:02:26:37:6C:65:F8:4E:1B:68:30:0C:56:77:DF:8C:39
            X509v3 Authority Key Identifier:
                keyid:1F:89:7D:BF:F0:1A:FD:9D:1E:77:B6:F9:FE:08:D9:77:42:F5:6D:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:d6:3c:c7:80:76:d0:27:52:45:c2:87:08:b7:55:f3:b2:90:
         a9:fb:c8:86:1d:48:bc:b6:be:bf:66:94:f8:1f:57:b8:3b:8c:
         cb:cd:9a:ae:6b:60:45:e3:d5:4f:68:85:46:72:f1:a9:b0:af:
         8e:52:52:a6:a3:ef:97:48:05:47:b2:8a:99:8a:31:77:b2:fe:
         b8:be:7a:73:63:0d:0d:f0:05:1f:39:d5:e2:5e:11:d3:8a:8e:
         91:d8:a9:f2:b1:3f:3e:6a:a3:d0:ca:63:83:88:e3:a1:a0:6f:
         fc:2f:d5:0a:c6:52:bc:85:c2:c3:57:8a:93:4b:be:43:a2:69:
         d2:9e:48:f1:d8:bd:ff:be:3d:87:0e:48:5f:8d:41:4d:9c:5e:
         b9:8f:17:e1:91:f0:be:34:81:10:68:31:d0:a8:10:8a:4d:69:
         3e:60:24:2d:99:db:9f:7f:e7:09:a3:55:ad:86:3f:88:0d:77:
         3b:eb:59:74:02:8b:25:a9:ac:b4:2a:c3:18:f0:09:94:14:00:
         29:27:a8:af:25:5b:77:ac:2b:18:a6:b4:a1:de:52:aa:e0:19:
         fb:01:e6:49:8f:c9:7e:8f:be:f0:03:ca:85:55:a9:d6:b6:85:
         83:34:e3:57:9f:c4:fe:39:c9:1d:48:48:84:52:b9:8a:24:79:
         0a:98:60:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+TVnu1fFXY5ap48EEtCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODk3ZGJmZjAxYWZkOWQxZTc3YjZmOWZlMDhkOTc3NDJm
NTZkMzIwHhcNMjUwNjA2MTYwMDQ5WhcNMjUwNjA3MTYwMDQ5WjAzMTEwLwYDVQQD
Eyg1MGIwNjJhYzAyMjYzNzZjNjVmODRlMWI2ODMwMGM1Njc3ZGY4YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTPQivvkdsU42pb6ngut2aWyyGcJ
YnvUcwsFXNX9H2U74JSflxvM/qgPdRzBSkvApaCY60PzyrE1J1l+gCjn5OnaX9NT
m3CUKzNjrxxTjCgr1k3bkEEKLLEOQd7BpWDwTuEQtnqFo06ynFnar37Z6UKMj5TR
SRh0lxr/Xb1G4uKBm42gNeSxJZtNaz4t14Hy9wh2/Xb+mPn8rg078t1xU5wwPfAg
QTitL5gS9iyzQUoqJNHkhkl0pQx0tGWTyt9oovGY3lovwUtPL5b69xbkjPzxvHPh
24Gt/gGm89ME5zPIl2T/GQgxEISMZtbc4yQccvCfNOauDrLMRTcWHHxExQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCwYqwCJjdsZfhOG2gwDFZ334w5MB8GA1UdIwQY
MBaAFB+Jfb/wGv2dHne2+f4I2XdC9W0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lNDAxZDAtNjlmZS00MzI2LWEwNDIt
NDExYzNkMmQwNjllLzEvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lNDAxZDAtNjlmZS00MzI2LWEwNDItNDExYzNkMmQwNjll
LzEvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP9Y8x4B2
0CdSRcKHCLdV87KQqfvIhh1IvLa+v2aU+B9XuDuMy82armtgRePVT2iFRnLxqbCv
jlJSpqPvl0gFR7KKmYoxd7L+uL56c2MNDfAFHznV4l4R04qOkdip8rE/Pmqj0Mpj
g4jjoaBv/C/VCsZSvIXCw1eKk0u+Q6Jp0p5I8di9/749hw5IX41BTZxeuY8X4ZHw
vjSBEGgx0KgQik1pPmAkLZnbn3/nCaNVrYY/iA13O+tZdAKLJamstCrDGPAJlBQA
KSeoryVbd6wrGKa0od5SquAZ+wHmSY/Jfo++8APKhVWp1raFgzTjV5/E/jnJHUhI
hFK5iiR5CphgHA==
-----END CERTIFICATE-----