Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          XXfbBq6yar+f52yEb/tbViHMo+cwg1CHHr0SnFLRM7I=
Subject key identifier:   04:DB:58:AA:43:D3:75:B6:BC:AF:56:F4:12:72:05:A8:35:5C:A5:9C
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019748FA2475152ABCE84646B19C40BB7928
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 06:00:42 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:42 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:42 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: sOrAgngWPKFmzSyQ9ghabrX1qMPn6e9jxnRbPATObDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:24:75:15:2a:bc:e8:46:46:b1:9c:40:bb:79:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Jun  7 06:00:42 2025 GMT
            Not After : Jun  8 06:00:42 2025 GMT
        Subject: CN=04db58aa43d375b6bcaf56f4127205a8355ca59c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:23:ee:d5:a8:b2:a5:dc:6a:ae:d1:dc:02:14:
                    0c:b3:19:a0:60:45:ee:a1:93:da:70:a8:28:8b:2a:
                    7e:93:f9:97:99:62:e3:51:ed:c9:b8:88:e3:7a:d0:
                    aa:39:fc:06:84:86:37:05:f1:cc:14:09:67:06:9e:
                    f4:0c:11:cf:aa:1c:41:cb:75:eb:bb:d7:e0:b0:ca:
                    1c:12:c0:29:c7:4a:e5:61:8f:88:b2:a0:67:ea:50:
                    53:0b:48:14:3d:1f:c9:f0:c0:41:14:2f:97:74:5b:
                    8f:57:e7:db:ea:a5:d4:7b:e5:d3:ef:00:ae:d9:ae:
                    5b:7b:8b:8f:ba:94:54:24:44:83:ca:d2:5b:ef:d3:
                    50:95:3c:b3:65:e0:09:f5:92:dc:9b:93:af:9a:b3:
                    5e:e6:fd:6c:55:32:13:9f:ac:88:cb:95:b5:71:c4:
                    9d:7b:d6:22:40:3e:9e:48:e3:5f:d8:37:64:b8:73:
                    31:5f:e7:de:64:37:18:92:4a:bd:9f:db:87:49:da:
                    7a:97:77:c8:d9:2c:40:bf:95:14:ab:99:cc:e6:6d:
                    a2:74:f0:a1:85:c6:0d:6e:1e:0e:98:69:0f:8e:bf:
                    ba:b3:c6:35:f7:24:5d:e5:8d:66:ac:6f:22:a7:51:
                    1f:89:13:54:35:5b:12:59:2e:de:72:87:fd:09:c4:
                    a3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:DB:58:AA:43:D3:75:B6:BC:AF:56:F4:12:72:05:A8:35:5C:A5:9C
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:84:1c:cf:0e:f4:fe:64:be:7e:59:23:6d:4e:38:b7:61:bd:
         d8:97:0b:2e:50:b1:85:9f:8d:e3:da:ec:09:81:32:01:3b:de:
         34:d0:a6:a8:98:4f:6d:1d:e5:db:37:1b:bc:e5:06:5f:c6:7d:
         1e:2d:d9:63:46:17:4a:02:9a:eb:b2:53:c0:4c:19:20:21:1d:
         05:37:b4:cb:5a:a3:7b:6a:8f:a0:99:6c:84:da:52:4e:f7:cf:
         55:80:e0:ad:5d:3d:71:a1:db:66:e8:76:fc:2f:d7:60:85:70:
         1e:64:bc:19:af:ef:af:5d:3f:97:54:35:9b:fb:af:2a:cd:7d:
         e7:c1:ae:8d:6e:09:40:9d:74:23:41:b3:09:8b:6c:ec:8f:82:
         e0:17:11:62:8a:f4:f8:f4:3c:c6:d1:86:09:7c:df:ab:35:88:
         30:04:3e:69:87:40:2d:53:c7:b6:2b:eb:c3:4a:e8:09:69:93:
         7d:cc:80:2f:7b:31:7c:95:71:36:87:d1:cd:87:c1:2d:e7:e8:
         95:3d:a6:65:3b:46:f6:dc:56:32:0c:29:57:56:be:6c:06:c8:
         bd:f0:cc:d2:1c:bf:4d:af:17:17:70:6b:a7:31:a4:83:5e:63:
         53:dc:8f:13:47:7e:f2:bb:b8:e9:a4:0d:73:8b:91:be:86:7a:
         cd:01:cc:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+iR1FSq86EZGsZxAu3koMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjUwNjA3MDYwMDQyWhcNMjUwNjA4MDYwMDQyWjAzMTEwLwYDVQQD
EygwNGRiNThhYTQzZDM3NWI2YmNhZjU2ZjQxMjcyMDVhODM1NWNhNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiPu1aiypdxqrtHcAhQMsxmgYEXu
oZPacKgoiyp+k/mXmWLjUe3JuIjjetCqOfwGhIY3BfHMFAlnBp70DBHPqhxBy3Xr
u9fgsMocEsApx0rlYY+IsqBn6lBTC0gUPR/J8MBBFC+XdFuPV+fb6qXUe+XT7wCu
2a5be4uPupRUJESDytJb79NQlTyzZeAJ9ZLcm5OvmrNe5v1sVTITn6yIy5W1ccSd
e9YiQD6eSONf2DdkuHMxX+feZDcYkkq9n9uHSdp6l3fI2SxAv5UUq5nM5m2idPCh
hcYNbh4OmGkPjr+6s8Y19yRd5Y1mrG8ip1EfiRNUNVsSWS7ecof9CcSjEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATbWKpD03W2vK9W9BJyBag1XKWcMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT4Qczw70
/mS+flkjbU44t2G92JcLLlCxhZ+N49rsCYEyATveNNCmqJhPbR3l2zcbvOUGX8Z9
Hi3ZY0YXSgKa67JTwEwZICEdBTe0y1qje2qPoJlshNpSTvfPVYDgrV09caHbZuh2
/C/XYIVwHmS8Ga/vr10/l1Q1m/uvKs1958GujW4JQJ10I0GzCYts7I+C4BcRYor0
+PQ8xtGGCXzfqzWIMAQ+aYdALVPHtivrw0roCWmTfcyAL3sxfJVxNofRzYfBLefo
lT2mZTtG9txWMgwpV1a+bAbIvfDM0hy/Ta8XF3BrpzGkg15jU9yPE0d+8ru46aQN
c4uRvoZ6zQHMIw==
-----END CERTIFICATE-----