Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          QpabZiTHc4D02R/S1ClYCSg9LjH0Hokck24KVEVXuLo=
Subject key identifier:   61:E9:D8:55:3D:00:A4:7F:2E:43:B9:17:2C:99:62:A5:1F:A1:11:92
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       01974C69A57A9F01E3C85E4B36A9C0613685
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          0305
Signing time:             Sat 07 Jun 2025 22:01:21 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:21 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:21 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: Dou69u9jk0aqvGZAvV0FaZ9cMcpy46cZNm8NnDPcDN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:a5:7a:9f:01:e3:c8:5e:4b:36:a9:c0:61:36:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Jun  7 22:01:21 2025 GMT
            Not After : Jun  8 22:01:21 2025 GMT
        Subject: CN=61e9d8553d00a47f2e43b9172c9962a51fa11192
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:93:89:14:95:10:15:3d:ae:be:d4:a4:58:db:
                    8e:d0:b3:c3:3d:cd:8d:c9:93:f5:90:4e:8e:44:8c:
                    b1:f1:8d:43:df:ee:88:7e:84:1b:ff:83:13:b1:e9:
                    7f:be:29:28:71:c1:b0:08:b4:1e:9d:10:e7:30:75:
                    25:ae:8d:32:05:b9:2d:b0:75:36:34:a6:9c:f3:1a:
                    22:2c:08:bb:c1:b4:8f:0e:98:50:2b:7b:04:05:f2:
                    25:2c:75:5c:18:13:6b:c5:4c:15:5d:86:da:ee:09:
                    53:08:de:55:92:a0:a5:07:16:2d:94:c2:ed:31:ab:
                    ad:9c:cf:9d:ee:ca:14:6b:b0:2b:9c:88:94:04:54:
                    6b:c2:ff:54:7c:f5:d7:a9:62:93:47:20:ee:40:c6:
                    05:d7:46:9a:1a:b2:5e:4b:1c:8f:fb:9b:17:c0:4c:
                    5b:06:90:80:7e:8c:b5:fc:c6:94:4a:07:15:58:9a:
                    1a:ab:2d:bb:f0:96:e3:27:7f:40:02:d5:f7:93:2f:
                    06:47:28:ae:8a:22:67:c2:f1:0d:e6:3a:25:16:9b:
                    f3:27:26:fd:eb:2b:fd:fe:be:f8:8a:8e:b7:e4:24:
                    69:33:3b:40:e6:20:d5:e3:98:be:61:1b:3c:e8:5c:
                    96:53:d2:08:0b:10:11:dd:7c:55:d6:a1:6c:ff:d7:
                    3b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E9:D8:55:3D:00:A4:7F:2E:43:B9:17:2C:99:62:A5:1F:A1:11:92
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:3b:af:cb:f5:ba:9b:57:d6:cc:5e:f1:da:61:28:ca:ec:9c:
         f2:5a:f3:ea:32:58:49:d8:33:4b:05:a6:25:4f:5f:5b:85:da:
         6a:8c:eb:73:3b:08:f6:0d:b8:46:72:7d:85:4b:d9:b3:0b:cb:
         bb:80:5a:0b:a7:27:df:57:f8:3d:28:5a:62:40:44:7f:6f:26:
         f5:60:5d:17:43:1b:3b:06:67:1b:bb:33:a9:7a:b8:f8:20:d4:
         f6:4a:82:35:e5:bb:42:70:93:c7:47:09:16:69:4b:e4:91:63:
         97:90:2a:db:7b:69:57:0a:53:05:7f:cf:c1:3e:5a:0a:0d:ef:
         f3:f8:52:45:37:11:6a:5a:7a:7f:4d:b2:26:cd:8d:34:84:d8:
         78:92:91:ac:8d:4f:41:d7:9e:3f:f1:83:be:f9:bd:ae:df:e9:
         41:14:6e:ed:cd:98:ed:83:9c:22:2f:93:dc:66:b4:50:2d:9e:
         12:60:1d:09:68:04:f9:ad:d1:c3:19:79:bf:cd:22:57:6a:52:
         b6:cf:fe:93:82:69:9a:5d:5f:7f:73:2b:f4:1a:78:a2:d3:a4:
         98:e9:0d:36:20:55:ad:41:37:94:73:ce:3f:2d:8c:ae:9e:da:
         0e:25:fc:78:f1:47:b3:e0:f1:3b:c4:b0:19:df:7e:7f:45:cd:
         b1:be:d0:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaaV6nwHjyF5LNqnAYTaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjUwNjA3MjIwMTIxWhcNMjUwNjA4MjIwMTIxWjAzMTEwLwYDVQQD
Eyg2MWU5ZDg1NTNkMDBhNDdmMmU0M2I5MTcyYzk5NjJhNTFmYTExMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppOJFJUQFT2uvtSkWNuO0LPDPc2N
yZP1kE6ORIyx8Y1D3+6IfoQb/4MTsel/vikoccGwCLQenRDnMHUlro0yBbktsHU2
NKac8xoiLAi7wbSPDphQK3sEBfIlLHVcGBNrxUwVXYba7glTCN5VkqClBxYtlMLt
MautnM+d7soUa7ArnIiUBFRrwv9UfPXXqWKTRyDuQMYF10aaGrJeSxyP+5sXwExb
BpCAfoy1/MaUSgcVWJoaqy278JbjJ39AAtX3ky8GRyiuiiJnwvEN5jolFpvzJyb9
6yv9/r74io635CRpMztA5iDV45i+YRs86FyWU9IICxAR3XxV1qFs/9c7xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHp2FU9AKR/LkO5FyyZYqUfoRGSMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACjuvy/W6
m1fWzF7x2mEoyuyc8lrz6jJYSdgzSwWmJU9fW4XaaozrczsI9g24RnJ9hUvZswvL
u4BaC6cn31f4PShaYkBEf28m9WBdF0MbOwZnG7szqXq4+CDU9kqCNeW7QnCTx0cJ
FmlL5JFjl5Aq23tpVwpTBX/PwT5aCg3v8/hSRTcRalp6f02yJs2NNITYeJKRrI1P
QdeeP/GDvvm9rt/pQRRu7c2Y7YOcIi+T3Ga0UC2eEmAdCWgE+a3Rwxl5v80iV2pS
ts/+k4Jpml1ff3Mr9Bp4otOkmOkNNiBVrUE3lHPOPy2Mrp7aDiX8ePFHs+DxO8Sw
Gd9+f0XNsb7QTg==
-----END CERTIFICATE-----