Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          oETxza2Vsu3MVKAqSb5SCPAUNVhdPIpXd24u5PIAzJI=
Subject key identifier:   60:12:28:E1:57:65:FC:F5:1C:E3:B7:60:81:8B:8D:5C:DF:ED:43:26
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       01974CD6DACA68C3B6E29CB66B16968104B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0345
Signing time:             Sun 08 Jun 2025 00:00:38 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:38 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:38 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: ZFyyrsMSa3LYQMd88gcT9cv4r4YkYhivT6PrvtkW+8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d6:da:ca:68:c3:b6:e2:9c:b6:6b:16:96:81:04:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Jun  8 00:00:38 2025 GMT
            Not After : Jun  9 00:00:38 2025 GMT
        Subject: CN=601228e15765fcf51ce3b760818b8d5cdfed4326
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:10:3b:5d:37:aa:07:ec:11:48:15:dd:e3:15:
                    17:1d:75:fb:e0:b0:9f:7e:30:8a:d9:67:5e:ba:75:
                    ef:76:a7:32:f8:20:df:f7:93:1e:d6:aa:3b:3f:d9:
                    49:be:43:90:fb:44:fc:0c:f2:c5:f4:b3:50:ef:49:
                    ff:5f:9a:da:c5:4d:3f:a1:08:e1:9d:8d:2b:43:88:
                    e7:e1:c3:71:ae:a2:0a:0d:ff:82:1f:d3:40:5a:cf:
                    86:37:a4:01:89:6f:1a:94:7c:70:3c:2d:9d:84:3f:
                    cc:f8:f8:33:00:48:00:1a:ae:8a:de:95:1e:78:4d:
                    8a:ee:48:9c:f8:8d:8c:d4:5b:63:32:58:7d:0f:e0:
                    fb:9a:95:58:a7:d9:9f:cb:0d:23:d3:7c:59:ef:59:
                    67:8d:60:a1:26:84:55:7a:7e:2f:5a:1e:91:3b:9d:
                    ad:6b:c5:d0:0c:02:67:d7:cc:c9:cb:86:31:6a:2f:
                    96:cf:2c:ea:dd:5f:7f:88:fb:1e:9b:1c:33:1d:16:
                    32:f9:a4:ea:cf:83:5d:d4:54:04:20:ec:16:d2:a9:
                    29:6f:f1:fa:9f:94:49:2e:a1:de:f8:93:1e:c5:db:
                    dd:ca:d3:08:cf:47:dd:02:dd:07:ad:ee:30:54:5a:
                    1a:ef:89:c4:28:b5:4f:74:12:2d:19:85:cd:54:d8:
                    61:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:12:28:E1:57:65:FC:F5:1C:E3:B7:60:81:8B:8D:5C:DF:ED:43:26
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:ed:bd:e3:16:f7:4c:6d:b5:87:99:a4:89:16:45:f1:af:70:
         ac:85:45:47:79:b9:cb:9c:31:e2:75:21:63:5e:ac:27:6d:3d:
         15:74:48:ca:cb:39:f8:88:e1:7f:40:58:41:c8:5e:0f:bd:1e:
         ad:d0:f2:de:c9:ae:fb:dc:ab:38:f6:cf:f9:9d:1c:88:bf:48:
         b0:75:60:ee:eb:cb:66:82:ef:4a:2a:d2:47:dc:f4:18:bc:5d:
         a8:5b:a1:b3:fa:20:05:25:7a:7f:d1:39:2b:86:9f:4e:e6:0c:
         62:f6:b8:35:8f:3b:42:60:5c:22:f5:95:27:de:85:57:f5:7d:
         21:63:09:e2:01:21:db:c5:d7:3a:3d:ee:e8:78:c1:a8:0a:47:
         7a:53:42:1f:1d:2c:3d:f8:7c:89:06:15:0b:32:9c:e8:eb:f3:
         f0:50:4e:d9:7b:c7:b1:7e:36:c3:c4:79:ab:0f:34:77:76:20:
         57:0d:0d:97:e5:c3:72:a5:e8:2e:79:a1:33:e6:39:88:8e:67:
         ca:de:80:19:e5:fa:32:75:88:fc:79:0a:d7:c9:2a:40:19:64:
         a3:b6:02:83:37:6b:06:ec:bc:db:27:73:fa:3f:b0:bc:da:40:
         8f:92:75:7a:73:31:42:d7:21:5d:14:9e:33:07:4d:ab:37:1f:
         f4:34:a2:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1trKaMO24py2axaWgQSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjUwNjA4MDAwMDM4WhcNMjUwNjA5MDAwMDM4WjAzMTEwLwYDVQQD
Eyg2MDEyMjhlMTU3NjVmY2Y1MWNlM2I3NjA4MThiOGQ1Y2RmZWQ0MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRA7XTeqB+wRSBXd4xUXHXX74LCf
fjCK2WdeunXvdqcy+CDf95Me1qo7P9lJvkOQ+0T8DPLF9LNQ70n/X5raxU0/oQjh
nY0rQ4jn4cNxrqIKDf+CH9NAWs+GN6QBiW8alHxwPC2dhD/M+PgzAEgAGq6K3pUe
eE2K7kic+I2M1FtjMlh9D+D7mpVYp9mfyw0j03xZ71lnjWChJoRVen4vWh6RO52t
a8XQDAJn18zJy4Yxai+Wzyzq3V9/iPsemxwzHRYy+aTqz4Nd1FQEIOwW0qkpb/H6
n5RJLqHe+JMexdvdytMIz0fdAt0Hre4wVFoa74nEKLVPdBItGYXNVNhhPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGASKOFXZfz1HOO3YIGLjVzf7UMmMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqe294xb3
TG21h5mkiRZF8a9wrIVFR3m5y5wx4nUhY16sJ209FXRIyss5+Ijhf0BYQcheD70e
rdDy3smu+9yrOPbP+Z0ciL9IsHVg7uvLZoLvSirSR9z0GLxdqFuhs/ogBSV6f9E5
K4afTuYMYva4NY87QmBcIvWVJ96FV/V9IWMJ4gEh28XXOj3u6HjBqApHelNCHx0s
Pfh8iQYVCzKc6Ovz8FBO2XvHsX42w8R5qw80d3YgVw0Nl+XDcqXoLnmhM+Y5iI5n
yt6AGeX6MnWI/HkK18kqQBlko7YCgzdrBuy82ydz+j+wvNpAj5J1enMxQtchXRSe
MwdNqzcf9DSiXg==
-----END CERTIFICATE-----