Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          lrkV72Um9zGzcEvA6FuqlhmQEfzbE6TJ3utV4cd2mZI=
Subject key identifier:   CC:D1:84:AB:5E:D5:69:B6:31:BB:EC:89:21:21:63:6F:6E:09:F6:81
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       0197542301F068263EE896184672840E7D0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0947
Signing time:             Mon 09 Jun 2025 10:01:09 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:09 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:09 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: 0dfTggRaw99NYFsto9vWsjj1XOpkbkpWV/HP7T/lNug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 10:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:01:f0:68:26:3e:e8:96:18:46:72:84:0e:7d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Jun  9 10:01:09 2025 GMT
            Not After : Jun 10 10:01:09 2025 GMT
        Subject: CN=ccd184ab5ed569b631bbec892121636f6e09f681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:63:61:e8:7c:63:68:31:42:dd:52:4c:ab:c4:
                    f6:82:cd:32:cd:d5:0d:b0:ea:74:1e:4c:b9:91:95:
                    64:84:f6:43:74:02:7d:eb:65:79:be:12:33:e2:e0:
                    f7:3e:d2:93:1f:c4:04:04:4f:28:5f:26:8d:31:6c:
                    2f:50:32:5b:9e:96:90:a4:20:3a:a7:61:1b:1c:b1:
                    60:68:48:61:6b:22:4b:af:11:56:75:c1:96:a0:94:
                    25:93:2b:10:cb:08:87:44:3d:6a:c5:40:27:a7:56:
                    4f:8f:55:1f:08:8a:07:ce:de:36:a3:7b:5a:25:50:
                    ae:52:66:02:54:ef:8a:7e:37:fd:4a:c4:6f:9e:45:
                    58:39:e3:76:55:c6:69:32:69:da:8b:ab:f9:94:98:
                    85:68:80:b3:9f:f0:3f:e6:d8:1a:44:25:57:9b:57:
                    5d:14:2b:5a:77:ad:c7:a5:97:80:b7:7f:b5:aa:ba:
                    fd:8f:42:6a:d7:d0:a5:19:44:06:f0:e3:37:22:b4:
                    00:ba:36:4f:bc:ef:74:4f:84:79:41:d4:be:84:ee:
                    70:8e:6b:4b:01:80:0f:f3:85:a6:62:47:74:1f:e4:
                    70:f1:1c:1d:3d:94:e6:17:44:6b:b6:6f:16:f8:87:
                    fe:78:19:3f:9a:1d:9d:a0:f8:61:89:95:ee:5d:b7:
                    81:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:D1:84:AB:5E:D5:69:B6:31:BB:EC:89:21:21:63:6F:6E:09:F6:81
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:4e:6e:66:01:8b:43:44:4f:20:7c:dc:c5:6b:a4:b9:b8:47:
         a7:1e:9e:03:f0:bb:9f:0e:ab:c4:99:89:b0:62:a8:a8:fd:60:
         72:46:ad:f8:53:d2:59:72:2a:c1:e7:71:7f:bb:c4:fe:e9:5e:
         00:85:a8:aa:ea:d0:e1:f2:54:91:4a:23:88:ec:10:36:af:0c:
         ab:51:df:b5:1a:5f:d7:b4:4a:f2:b5:ca:ef:9f:64:eb:96:b3:
         dd:e0:93:de:55:58:0f:22:92:38:16:8b:a2:ea:4c:6f:62:a5:
         d5:a3:b6:0a:f8:0a:19:d1:6a:ac:4d:2a:62:10:2e:08:94:2b:
         f9:b9:10:39:ed:39:7a:08:3c:d4:25:0e:2b:ae:9f:2d:e7:8e:
         3f:6f:b9:a0:d4:1f:bc:71:8b:2b:c9:07:58:14:7a:2a:d4:0f:
         2c:5c:c1:13:a5:78:3a:6e:47:c7:01:b5:8d:51:74:0e:57:e0:
         5d:45:1e:6a:46:6e:49:68:c7:69:0d:36:ff:b7:0c:f0:4a:1a:
         4c:07:5a:3d:de:19:2a:a5:04:20:c5:37:35:d6:d8:7b:e4:c6:
         7f:45:65:4d:7e:40:4f:49:79:cc:4a:18:75:6e:85:95:e6:38:
         a8:b3:ee:43:d9:28:3e:78:6d:27:65:83:1f:d9:cb:bb:cb:82:
         be:3a:cf:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIwHwaCY+6JYYRnKEDn0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjUwNjA5MTAwMTA5WhcNMjUwNjEwMTAwMTA5WjAzMTEwLwYDVQQD
EyhjY2QxODRhYjVlZDU2OWI2MzFiYmVjODkyMTIxNjM2ZjZlMDlmNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGNh6HxjaDFC3VJMq8T2gs0yzdUN
sOp0Hky5kZVkhPZDdAJ962V5vhIz4uD3PtKTH8QEBE8oXyaNMWwvUDJbnpaQpCA6
p2EbHLFgaEhhayJLrxFWdcGWoJQlkysQywiHRD1qxUAnp1ZPj1UfCIoHzt42o3ta
JVCuUmYCVO+Kfjf9SsRvnkVYOeN2VcZpMmnai6v5lJiFaICzn/A/5tgaRCVXm1dd
FCtad63HpZeAt3+1qrr9j0Jq19ClGUQG8OM3IrQAujZPvO90T4R5QdS+hO5wjmtL
AYAP84WmYkd0H+Rw8RwdPZTmF0Rrtm8W+If+eBk/mh2doPhhiZXuXbeB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzRhKte1Wm2MbvsiSEhY29uCfaBMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp05uZgGL
Q0RPIHzcxWukubhHpx6eA/C7nw6rxJmJsGKoqP1gckat+FPSWXIqwedxf7vE/ule
AIWoqurQ4fJUkUojiOwQNq8Mq1HftRpf17RK8rXK759k65az3eCT3lVYDyKSOBaL
oupMb2Kl1aO2CvgKGdFqrE0qYhAuCJQr+bkQOe05egg81CUOK66fLeeOP2+5oNQf
vHGLK8kHWBR6KtQPLFzBE6V4Om5HxwG1jVF0DlfgXUUeakZuSWjHaQ02/7cM8Eoa
TAdaPd4ZKqUEIMU3NdbYe+TGf0VlTX5AT0l5zEoYdW6FleY4qLPuQ9koPnhtJ2WD
H9nLu8uCvjrPqQ==
-----END CERTIFICATE-----