Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
File:                     mhU_Od12IydNhl3LiFChYTKkIgY.mft (raw, json)
Hash identifier:          0rX0wSdCPdN1404B+mT8LJTOE5B+saABezUcEIuBwzo=
Subject key identifier:   C5:4D:F3:FC:5E:F7:2B:B1:80:72:DF:72:C4:83:2B:85:4C:4E:E9:AF
Authority key identifier: 9A:15:3F:39:DD:76:23:27:4D:86:5D:CB:88:50:A1:61:32:A4:22:06
Certificate issuer:       /CN=9a153f39dd7623274d865dcb8850a16132a42206
Certificate serial:       01974DE99AA41D94957207E78A57136F293C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
Manifest number:          0309
Signing time:             Sun 08 Jun 2025 05:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 05:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 05:00:44 +0000
Files and hashes:         1: mhU_Od12IydNhl3LiFChYTKkIgY.crl (hash: 0PEeIYIJ8tvmSpN6NFVx+MJXHuccp/ikdHaZFFnCQvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:e9:9a:a4:1d:94:95:72:07:e7:8a:57:13:6f:29:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a153f39dd7623274d865dcb8850a16132a42206
        Validity
            Not Before: Jun  8 05:00:44 2025 GMT
            Not After : Jun  9 05:00:44 2025 GMT
        Subject: CN=c54df3fc5ef72bb18072df72c4832b854c4ee9af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:58:c9:d3:4a:bf:35:50:19:be:09:ea:62:12:
                    21:5d:2d:f1:bc:48:65:46:f3:d4:0a:dd:7f:5e:0e:
                    4e:2a:b1:9f:0c:c5:b8:e3:d9:f4:51:97:15:6d:9d:
                    66:d8:f9:e8:f7:ce:c5:7f:a3:e1:33:ad:28:89:21:
                    64:94:97:18:b3:84:82:ce:4f:16:c9:35:88:2c:4b:
                    cb:fc:19:b7:d2:93:7a:42:d6:99:75:f6:b2:31:06:
                    e8:5e:ab:c8:62:74:2b:09:b9:99:af:28:8c:6d:6a:
                    b9:05:7e:b2:c3:89:b0:9e:7e:01:8d:95:04:2d:80:
                    49:d1:b2:76:49:b6:1c:20:73:b6:8d:15:dd:19:33:
                    42:0c:f2:08:02:42:10:b7:7f:b9:14:a2:1b:65:e1:
                    90:a1:ba:e9:a8:84:6b:62:45:6d:94:7f:2b:3d:f2:
                    3a:0a:f9:ff:3e:28:6b:da:6a:30:5e:ed:43:65:05:
                    c4:25:ea:f2:f7:13:30:8a:0d:b7:87:ef:be:f2:4d:
                    86:ac:08:44:a5:e1:56:c5:4d:4f:f0:51:c9:ea:b6:
                    34:e6:ec:ff:97:94:00:ea:e7:89:86:0d:82:de:c4:
                    67:21:53:73:7f:59:73:49:82:39:86:79:00:d7:90:
                    14:e0:16:04:f9:f0:5c:24:1c:7f:bd:c6:58:ce:17:
                    55:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:4D:F3:FC:5E:F7:2B:B1:80:72:DF:72:C4:83:2B:85:4C:4E:E9:AF
            X509v3 Authority Key Identifier:
                keyid:9A:15:3F:39:DD:76:23:27:4D:86:5D:CB:88:50:A1:61:32:A4:22:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhU_Od12IydNhl3LiFChYTKkIgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3ace88-7021-4c39-9dd9-b893bb07fe50/1/mhU_Od12IydNhl3LiFChYTKkIgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:2c:02:f0:b5:14:aa:34:3c:65:fa:a3:0d:54:0a:d2:da:5a:
         54:97:10:d9:ee:1d:66:b6:3c:cc:e1:26:0c:3a:d3:1b:ce:c9:
         12:40:84:a0:6f:7a:23:c5:45:95:dd:68:aa:f0:b3:7a:67:38:
         74:cb:0e:c4:70:7d:43:df:b3:e0:38:82:2f:4f:be:7b:61:26:
         98:12:f3:e3:00:eb:ea:6c:13:01:8e:bb:f6:f8:ee:28:88:db:
         ad:c9:83:20:b7:ed:cd:4e:3c:a2:17:a8:f9:73:c9:20:19:a6:
         f0:29:f2:d7:8d:8c:df:2c:7e:f2:13:62:16:69:74:11:0a:cc:
         4c:1c:c2:43:fd:14:b6:50:32:e9:fa:cb:f9:92:60:ad:94:a7:
         40:e6:a1:af:88:be:f8:09:f9:01:c0:60:bb:9c:db:4a:50:1e:
         9d:64:34:77:89:77:70:a4:f3:96:cc:c1:7e:5d:08:6a:6b:80:
         2d:6e:70:f3:fd:5a:f9:04:94:d0:fe:a5:97:38:24:11:51:9a:
         d3:f2:aa:94:24:c2:8e:c7:b7:48:a9:2b:5c:e9:00:50:20:d0:
         f5:9b:63:15:01:22:ee:67:81:e3:af:b1:1d:b2:ee:f1:de:fc:
         1d:9f:6d:e2:95:b2:ad:cf:53:07:ef:9d:09:94:d4:ef:74:74:
         ab:de:ca:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdN6ZqkHZSVcgfnilcTbyk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMTUzZjM5ZGQ3NjIzMjc0ZDg2NWRjYjg4NTBhMTYxMzJh
NDIyMDYwHhcNMjUwNjA4MDUwMDQ0WhcNMjUwNjA5MDUwMDQ0WjAzMTEwLwYDVQQD
EyhjNTRkZjNmYzVlZjcyYmIxODA3MmRmNzJjNDgzMmI4NTRjNGVlOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwljJ00q/NVAZvgnqYhIhXS3xvEhl
RvPUCt1/Xg5OKrGfDMW449n0UZcVbZ1m2Pno987Ff6PhM60oiSFklJcYs4SCzk8W
yTWILEvL/Bm30pN6QtaZdfayMQboXqvIYnQrCbmZryiMbWq5BX6yw4mwnn4BjZUE
LYBJ0bJ2SbYcIHO2jRXdGTNCDPIIAkIQt3+5FKIbZeGQobrpqIRrYkVtlH8rPfI6
Cvn/Pihr2mowXu1DZQXEJery9xMwig23h+++8k2GrAhEpeFWxU1P8FHJ6rY05uz/
l5QA6ueJhg2C3sRnIVNzf1lzSYI5hnkA15AU4BYE+fBcJBx/vcZYzhdVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVN8/xe9yuxgHLfcsSDK4VMTumvMB8GA1UdIwQY
MBaAFJoVPznddiMnTYZdy4hQoWEypCIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zYWNlODgtNzAyMS00YzM5LTlkZDkt
Yjg5M2JiMDdmZTUwLzEvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zYWNlODgtNzAyMS00YzM5LTlkZDktYjg5M2JiMDdmZTUw
LzEvbWhVX09kMTJJeWROaGwzTGlGQ2hZVEtrSWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALCwC8LUU
qjQ8ZfqjDVQK0tpaVJcQ2e4dZrY8zOEmDDrTG87JEkCEoG96I8VFld1oqvCzemc4
dMsOxHB9Q9+z4DiCL0++e2EmmBLz4wDr6mwTAY679vjuKIjbrcmDILftzU48oheo
+XPJIBmm8Cny142M3yx+8hNiFml0EQrMTBzCQ/0UtlAy6frL+ZJgrZSnQOahr4i+
+An5AcBgu5zbSlAenWQ0d4l3cKTzlszBfl0IamuALW5w8/1a+QSU0P6llzgkEVGa
0/KqlCTCjse3SKkrXOkAUCDQ9ZtjFQEi7meB46+xHbLu8d78HZ9t4pWyrc9TB++d
CZTU73R0q97KVQ==
-----END CERTIFICATE-----