Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
File:                     Dj8xyerObwpezNuN8rAcc1FWhoY.mft (raw, json)
Hash identifier:          hFjZ/+r0zUi4Q4yHcId1Pd8YvRQXuQdE741x/in/YZ8=
Subject key identifier:   03:BE:00:1F:64:9A:E1:64:B4:A8:A7:1C:B2:9B:D6:0E:83:17:6B:BA
Authority key identifier: 0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86
Certificate issuer:       /CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
Certificate serial:       01974A7AB31852FFF55BED81D7B8AAE99D6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
Manifest number:          1537
Signing time:             Sat 07 Jun 2025 13:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:44 +0000
Files and hashes:         1: Dj8xyerObwpezNuN8rAcc1FWhoY.crl (hash: 3x1f28W7r19DFaBQfRFBhGpYp5uMXTBKbVP30rVj8IY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:b3:18:52:ff:f5:5b:ed:81:d7:b8:aa:e9:9d:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
        Validity
            Not Before: Jun  7 13:00:44 2025 GMT
            Not After : Jun  8 13:00:44 2025 GMT
        Subject: CN=03be001f649ae164b4a8a71cb29bd60e83176bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e0:d5:03:7d:83:f7:63:7a:9e:1a:0b:e8:e5:
                    b9:3d:d6:04:d0:6e:66:92:71:55:eb:05:dd:11:5c:
                    d8:5b:11:d5:ee:15:72:9c:08:39:8d:98:fb:ac:9a:
                    4f:c2:3d:b1:8a:93:45:d3:11:bc:10:7d:f8:ec:9c:
                    ef:52:89:bb:3f:8e:49:fc:a4:a0:75:d9:82:ed:e7:
                    3a:54:39:15:73:2a:e1:27:e5:01:9c:cb:cb:ef:4f:
                    b2:5a:6a:9a:b1:06:54:59:bf:b9:08:dd:f0:c2:b7:
                    20:7e:aa:54:73:2b:8d:b9:e1:21:d3:b5:9f:04:48:
                    e5:bb:83:b5:6e:7a:7b:44:01:3d:98:6a:b2:1c:ee:
                    14:b2:e8:b3:e9:7a:b2:de:36:a3:a6:4c:eb:a6:c3:
                    f0:00:85:99:1a:4c:e5:b2:d4:17:c2:d1:5b:ab:52:
                    d8:74:72:b1:dd:cf:ad:ac:f3:dc:b2:71:31:05:a6:
                    4d:f2:a6:e3:fe:30:6f:45:39:94:2c:d4:e9:6e:cc:
                    91:73:b0:1e:ce:1c:88:37:49:2a:60:02:4f:ac:97:
                    44:f0:6d:93:0f:d3:17:0d:31:d8:6c:ac:35:09:1e:
                    08:bf:66:47:b7:da:67:c5:63:f9:b4:f4:1e:5d:58:
                    31:07:94:fc:12:4f:a7:d8:1b:61:38:18:9a:b1:0b:
                    e3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BE:00:1F:64:9A:E1:64:B4:A8:A7:1C:B2:9B:D6:0E:83:17:6B:BA
            X509v3 Authority Key Identifier:
                keyid:0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:19:43:91:c4:79:2b:b6:60:10:78:3e:0d:20:6d:48:b3:13:
         7f:40:a9:9c:4a:6d:a6:25:01:90:04:1e:ad:a9:74:a5:90:5e:
         90:3d:9c:d5:9f:c5:ea:72:40:55:eb:19:23:db:b4:11:e1:ed:
         f1:34:9d:ea:6e:07:94:4e:6a:2b:0c:7c:b4:2b:b8:1d:7b:e4:
         9d:f6:31:4b:5c:8c:e0:57:f2:de:57:de:5d:f8:a2:84:61:c7:
         2e:f6:08:7a:ed:28:ca:22:cb:0f:7b:1c:72:19:71:d2:50:24:
         3e:e9:9f:36:3d:ea:0a:0e:d8:f4:77:a4:60:e0:2f:8e:3b:3f:
         34:a9:00:c7:8b:a6:a6:52:ed:a6:6a:0b:aa:04:d2:31:7f:b0:
         7e:bc:33:85:b9:65:20:09:3c:1a:da:f0:e1:93:d8:b9:9f:79:
         26:14:cf:d0:d2:7f:21:16:7f:75:53:0c:a6:65:0c:ff:07:a9:
         1d:37:ea:e5:07:30:5d:c7:2f:8c:b0:d1:be:fa:a0:b5:c8:16:
         36:a6:8b:a8:a7:c9:16:c3:26:db:f6:15:11:79:c0:e5:58:ee:
         3e:0a:55:2b:64:4b:03:45:8f:b9:4c:86:26:57:cc:68:da:4e:
         f9:fd:3d:42:e4:46:04:f8:e4:7e:06:f6:46:66:b1:3e:fe:f0:
         37:df:a8:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKerMYUv/1W+2B17iq6Z1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2YzMWM5ZWFjZTZmMGE1ZWNjZGI4ZGYyYjAxYzczNTE1
Njg2ODYwHhcNMjUwNjA3MTMwMDQ0WhcNMjUwNjA4MTMwMDQ0WjAzMTEwLwYDVQQD
EygwM2JlMDAxZjY0OWFlMTY0YjRhOGE3MWNiMjliZDYwZTgzMTc2YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+DVA32D92N6nhoL6OW5PdYE0G5m
knFV6wXdEVzYWxHV7hVynAg5jZj7rJpPwj2xipNF0xG8EH347JzvUom7P45J/KSg
ddmC7ec6VDkVcyrhJ+UBnMvL70+yWmqasQZUWb+5CN3wwrcgfqpUcyuNueEh07Wf
BEjlu4O1bnp7RAE9mGqyHO4Usuiz6Xqy3jajpkzrpsPwAIWZGkzlstQXwtFbq1LY
dHKx3c+trPPcsnExBaZN8qbj/jBvRTmULNTpbsyRc7AezhyIN0kqYAJPrJdE8G2T
D9MXDTHYbKw1CR4Iv2ZHt9pnxWP5tPQeXVgxB5T8Ek+n2BthOBiasQvjJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAO+AB9kmuFktKinHLKb1g6DF2u6MB8GA1UdIwQY
MBaAFA4/Mcnqzm8KXszbjfKwHHNRVoaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYt
ZGQ1ZGRkMDVkYjBiLzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYtZGQ1ZGRkMDVkYjBi
LzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxlDkcR5
K7ZgEHg+DSBtSLMTf0CpnEptpiUBkAQeral0pZBekD2c1Z/F6nJAVesZI9u0EeHt
8TSd6m4HlE5qKwx8tCu4HXvknfYxS1yM4Ffy3lfeXfiihGHHLvYIeu0oyiLLD3sc
chlx0lAkPumfNj3qCg7Y9HekYOAvjjs/NKkAx4umplLtpmoLqgTSMX+wfrwzhbll
IAk8Gtrw4ZPYuZ95JhTP0NJ/IRZ/dVMMpmUM/wepHTfq5QcwXccvjLDRvvqgtcgW
NqaLqKfJFsMm2/YVEXnA5VjuPgpVK2RLA0WPuUyGJlfMaNpO+f09QuRGBPjkfgb2
RmaxPv7wN9+oTA==
-----END CERTIFICATE-----