Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
File:                     MlPNw--1IdnV5wqcxeRxsBWGA2o.mft (raw, json)
Hash identifier:          lrVd8NyTtatCZ6LvZUFlkpC5Kox1+WFv70JbUBJc/Tc=
Subject key identifier:   8D:8C:4C:E4:61:96:22:0A:63:48:58:29:36:D2:DF:6F:1C:EB:31:88
Authority key identifier: 32:53:CD:C3:EF:B5:21:D9:D5:E7:0A:9C:C5:E4:71:B0:15:86:03:6A
Certificate issuer:       /CN=3253cdc3efb521d9d5e70a9cc5e471b01586036a
Certificate serial:       0197542309CFB7A1F9EBEA35451F3B4FDB78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
Manifest number:          08A6
Signing time:             Mon 09 Jun 2025 10:01:11 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:11 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:11 +0000
Files and hashes:         1: MlPNw--1IdnV5wqcxeRxsBWGA2o.crl (hash: BKXXThs6TzEN0O1GvFfPPnfDKLWzwtWhadiCPCjdg9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 10:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:09:cf:b7:a1:f9:eb:ea:35:45:1f:3b:4f:db:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3253cdc3efb521d9d5e70a9cc5e471b01586036a
        Validity
            Not Before: Jun  9 10:01:11 2025 GMT
            Not After : Jun 10 10:01:11 2025 GMT
        Subject: CN=8d8c4ce46196220a6348582936d2df6f1ceb3188
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:aa:5b:aa:ff:c1:e4:5c:b4:19:d5:94:cb:89:
                    a7:15:50:fb:3f:59:1d:2a:42:98:e6:f0:ec:c5:8a:
                    bb:71:ff:28:41:a1:b6:83:0e:37:4b:c5:24:24:45:
                    db:37:10:16:e1:82:50:41:90:f8:0f:1b:4b:97:9d:
                    b9:82:ec:bd:94:93:72:1b:8f:4e:d7:de:4c:79:06:
                    41:81:fe:8a:1a:22:17:20:94:ef:da:71:8f:9e:6e:
                    eb:97:2c:37:f6:49:0c:a7:00:4c:e4:bb:bd:88:bb:
                    b3:a9:23:60:a2:36:ae:1c:4b:62:15:70:4b:a0:61:
                    18:6e:ab:0f:01:ba:42:69:9d:90:11:04:49:5d:82:
                    06:56:5e:ee:c1:08:af:ca:98:33:c9:6b:96:46:82:
                    82:22:84:cc:51:e2:57:21:02:a8:c0:70:19:1a:c0:
                    7c:47:e7:bd:9f:f1:49:57:71:53:a6:b3:3a:31:1c:
                    0e:9f:53:2a:c8:02:94:f5:0d:0b:63:a5:14:54:7d:
                    d7:60:a7:4d:7a:2d:9e:60:c8:f5:13:9d:49:b1:5a:
                    01:65:36:d3:79:66:03:da:85:ba:5e:16:ae:a6:f0:
                    96:7c:62:a8:48:99:62:90:31:aa:48:59:e2:bd:d1:
                    75:5a:18:51:b1:7f:62:4a:d1:4c:8d:be:4f:64:41:
                    c1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:8C:4C:E4:61:96:22:0A:63:48:58:29:36:D2:DF:6F:1C:EB:31:88
            X509v3 Authority Key Identifier:
                keyid:32:53:CD:C3:EF:B5:21:D9:D5:E7:0A:9C:C5:E4:71:B0:15:86:03:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:a3:3d:f7:f8:24:a5:b3:40:a5:49:1f:33:68:ca:1a:ab:94:
         d9:4a:96:46:99:d5:e7:49:e4:d4:54:99:43:a9:68:35:89:99:
         c0:da:aa:c1:a9:59:a1:7d:5f:57:68:73:42:10:3d:95:c2:f5:
         cd:a7:f2:32:3a:d4:b9:c9:79:e3:be:0f:a4:67:ac:56:39:56:
         66:33:5f:3c:f1:6b:bd:21:b9:37:4c:9b:6c:69:96:98:fe:98:
         c8:21:1d:a5:34:4b:22:2b:f8:70:f4:b0:99:35:c0:81:89:5f:
         f2:a6:53:9c:05:e6:24:85:26:4f:ea:f4:f6:35:eb:57:01:a2:
         21:8c:e2:4b:44:86:8d:53:7a:41:08:01:24:a3:c5:6c:17:d5:
         bb:7c:db:a5:40:bc:4b:3b:38:09:80:c8:17:75:d0:92:64:ee:
         b4:10:07:bc:38:e8:53:8c:1f:a3:97:73:42:9e:13:a2:bc:ce:
         6b:fc:a6:30:66:78:15:24:7f:36:01:11:6d:e7:fd:b1:dd:51:
         90:3a:88:7d:7b:33:b6:51:bf:cf:5e:fd:41:50:b2:6d:a1:5e:
         4f:2e:d5:d6:5b:8b:e0:8e:1e:7c:2c:45:79:a2:b2:db:da:81:
         e6:bb:b8:8c:29:a4:c9:34:fd:a7:bc:0a:f4:03:4b:f4:d7:eb:
         26:57:83:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIwnPt6H56+o1RR87T9t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTNjZGMzZWZiNTIxZDlkNWU3MGE5Y2M1ZTQ3MWIwMTU4
NjAzNmEwHhcNMjUwNjA5MTAwMTExWhcNMjUwNjEwMTAwMTExWjAzMTEwLwYDVQQD
Eyg4ZDhjNGNlNDYxOTYyMjBhNjM0ODU4MjkzNmQyZGY2ZjFjZWIzMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKpbqv/B5Fy0GdWUy4mnFVD7P1kd
KkKY5vDsxYq7cf8oQaG2gw43S8UkJEXbNxAW4YJQQZD4DxtLl525guy9lJNyG49O
195MeQZBgf6KGiIXIJTv2nGPnm7rlyw39kkMpwBM5Lu9iLuzqSNgojauHEtiFXBL
oGEYbqsPAbpCaZ2QEQRJXYIGVl7uwQivypgzyWuWRoKCIoTMUeJXIQKowHAZGsB8
R+e9n/FJV3FTprM6MRwOn1MqyAKU9Q0LY6UUVH3XYKdNei2eYMj1E51JsVoBZTbT
eWYD2oW6XhaupvCWfGKoSJlikDGqSFnivdF1WhhRsX9iStFMjb5PZEHBhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2MTORhliIKY0hYKTbS328c6zGIMB8GA1UdIwQY
MBaAFDJTzcPvtSHZ1ecKnMXkcbAVhgNqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MWExMTUtZGU4Ni00NDA3LWE5NjMt
MWM1YzIwZDEzZWY4LzEvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MWExMTUtZGU4Ni00NDA3LWE5NjMtMWM1YzIwZDEzZWY4
LzEvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaM99/gk
pbNApUkfM2jKGquU2UqWRpnV50nk1FSZQ6loNYmZwNqqwalZoX1fV2hzQhA9lcL1
zafyMjrUucl5474PpGesVjlWZjNfPPFrvSG5N0ybbGmWmP6YyCEdpTRLIiv4cPSw
mTXAgYlf8qZTnAXmJIUmT+r09jXrVwGiIYziS0SGjVN6QQgBJKPFbBfVu3zbpUC8
Szs4CYDIF3XQkmTutBAHvDjoU4wfo5dzQp4TorzOa/ymMGZ4FSR/NgERbef9sd1R
kDqIfXsztlG/z179QVCybaFeTy7V1luL4I4efCxFeaKy29qB5ru4jCmkyTT9p7wK
9ANL9NfrJleDTA==
-----END CERTIFICATE-----