Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
File:                     SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft (raw, json)
Hash identifier:          Tp/VqGtpz80bF7yJLch0jHfuoxxNsVili+b4753Bxlo=
Subject key identifier:   32:81:3A:25:98:6A:66:B4:BA:47:75:5F:55:AE:37:A5:3B:B1:78:CE
Authority key identifier: 48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA
Certificate issuer:       /CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
Certificate serial:       01974A7A743A2F7EC4E21C23028C045FC10E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
Manifest number:          0F0D
Signing time:             Sat 07 Jun 2025 13:00:28 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:28 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:28 +0000
Files and hashes:         1: SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl (hash: sRcneytexrQhMaAZeXkrkncdUBXumQe6sigqmXcMNtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:74:3a:2f:7e:c4:e2:1c:23:02:8c:04:5f:c1:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
        Validity
            Not Before: Jun  7 13:00:28 2025 GMT
            Not After : Jun  8 13:00:28 2025 GMT
        Subject: CN=32813a25986a66b4ba47755f55ae37a53bb178ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ef:04:3e:03:a2:6b:03:1d:d5:47:75:6e:7d:
                    bc:41:b4:a5:ee:46:b2:e4:77:90:b1:88:67:da:ce:
                    b2:97:c4:7b:0c:97:35:94:47:90:50:8e:80:9c:ff:
                    a2:45:a7:bb:ab:cb:a1:3e:48:c8:3e:9b:0d:73:39:
                    98:89:6c:ac:0b:4b:0f:fe:b4:89:00:ce:cc:3b:cf:
                    26:a3:ee:0d:2a:17:11:30:42:f4:14:ec:14:13:f6:
                    f4:15:23:92:88:44:05:c6:fe:1c:74:95:71:1c:4f:
                    45:b5:79:c7:53:60:ae:5c:42:01:e0:d7:96:86:70:
                    fc:d2:0f:63:95:e5:e1:55:26:d4:c2:dd:9f:bf:11:
                    f0:1b:16:d7:cf:da:91:cd:78:29:f5:a1:23:a7:19:
                    4b:67:58:05:24:ad:ba:d9:b0:57:64:e3:ce:76:c1:
                    c4:1b:41:c2:ac:6e:47:a4:b2:d8:e4:8f:a5:55:46:
                    f4:6e:97:78:68:e7:a4:40:29:b7:d9:bc:ff:f0:07:
                    13:cb:82:89:c2:67:96:32:a3:b6:de:34:53:48:eb:
                    7b:8c:74:58:23:58:47:d3:06:ac:40:85:04:23:fe:
                    cb:48:57:6c:3c:3f:e6:89:1e:f3:8d:93:db:59:bb:
                    7c:96:07:7b:b7:88:08:c5:41:84:af:48:a0:97:b1:
                    97:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:81:3A:25:98:6A:66:B4:BA:47:75:5F:55:AE:37:A5:3B:B1:78:CE
            X509v3 Authority Key Identifier:
                keyid:48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:70:32:3d:00:80:e9:f3:be:f4:7a:9c:8f:86:f3:01:a4:4d:
         08:0c:fd:2f:d0:40:58:70:0b:ff:cd:fb:1b:c1:57:25:34:fe:
         de:43:1e:49:60:4b:48:6c:e9:18:ad:6b:e8:68:11:72:91:d8:
         84:c5:01:61:3f:66:db:58:73:eb:b8:96:22:79:af:17:7c:15:
         93:51:e9:d4:71:a9:49:bb:4c:03:c3:74:6f:18:89:82:2b:87:
         d0:83:53:50:c4:2a:30:77:e0:9a:f1:83:be:f5:b3:40:80:d1:
         2f:94:b8:7a:5a:f4:d2:20:08:41:76:fd:01:de:9c:d2:6a:73:
         15:6e:e3:42:f5:eb:1e:ad:de:23:c8:85:1c:02:61:fc:41:7d:
         db:36:46:c4:23:bb:b1:7e:ea:30:81:fb:e4:95:7e:7b:5d:44:
         84:1c:fe:4b:e7:7d:a7:f7:1e:53:0e:79:c6:3b:32:68:4b:ad:
         a6:c5:f5:af:be:02:a8:7b:72:94:f0:b8:4b:2a:b6:7d:60:07:
         9b:f5:d8:9f:a2:f1:9b:96:c6:14:14:f0:ed:a1:e8:3b:56:20:
         86:e2:1f:e6:b6:87:ee:d8:a7:7f:49:23:e4:27:02:ab:e1:e5:
         fd:4f:e3:37:88:56:51:75:39:e7:6c:57:89:a6:aa:0d:fd:41:
         1f:ed:14:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKenQ6L37E4hwjAowEX8EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MzQzODdlYmZlY2RhNjM3YTc2ZTExMTk5ZTFjZDAzMDdj
MmY0Y2EwHhcNMjUwNjA3MTMwMDI4WhcNMjUwNjA4MTMwMDI4WjAzMTEwLwYDVQQD
EygzMjgxM2EyNTk4NmE2NmI0YmE0Nzc1NWY1NWFlMzdhNTNiYjE3OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+8EPgOiawMd1Ud1bn28QbSl7kay
5HeQsYhn2s6yl8R7DJc1lEeQUI6AnP+iRae7q8uhPkjIPpsNczmYiWysC0sP/rSJ
AM7MO88mo+4NKhcRMEL0FOwUE/b0FSOSiEQFxv4cdJVxHE9FtXnHU2CuXEIB4NeW
hnD80g9jleXhVSbUwt2fvxHwGxbXz9qRzXgp9aEjpxlLZ1gFJK262bBXZOPOdsHE
G0HCrG5HpLLY5I+lVUb0bpd4aOekQCm32bz/8AcTy4KJwmeWMqO23jRTSOt7jHRY
I1hH0wasQIUEI/7LSFdsPD/miR7zjZPbWbt8lgd7t4gIxUGEr0igl7GXwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKBOiWYama0ukd1X1WuN6U7sXjOMB8GA1UdIwQY
MBaAFEg0OH6/7NpjenbhEZnhzQMHwvTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEt
NTkxYTJhNDE5NGNkLzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEtNTkxYTJhNDE5NGNk
LzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHAyPQCA
6fO+9Hqcj4bzAaRNCAz9L9BAWHAL/837G8FXJTT+3kMeSWBLSGzpGK1r6GgRcpHY
hMUBYT9m21hz67iWInmvF3wVk1Hp1HGpSbtMA8N0bxiJgiuH0INTUMQqMHfgmvGD
vvWzQIDRL5S4elr00iAIQXb9Ad6c0mpzFW7jQvXrHq3eI8iFHAJh/EF92zZGxCO7
sX7qMIH75JV+e11EhBz+S+d9p/ceUw55xjsyaEutpsX1r74CqHtylPC4Syq2fWAH
m/XYn6Lxm5bGFBTw7aHoO1YghuIf5raH7tinf0kj5CcCq+Hl/U/jN4hWUXU552xX
iaaqDf1BH+0UHA==
-----END CERTIFICATE-----