Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
File:                     D1pCPdyX3TDeyLhnPCSWjic3JnY.mft (raw, json)
Hash identifier:          kLDe3TFl5UqjK3OeNDZSCEFrrHUzPR+31+Q7hzEfqyk=
Subject key identifier:   BC:B3:42:79:7C:EC:4F:C3:80:C4:4B:C5:78:12:AE:C0:C5:2F:CC:5C
Authority key identifier: 0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76
Certificate issuer:       /CN=0f5a423ddc97dd30dec8b8673c24968e27372676
Certificate serial:       01974B568F47C8FE9590BBD1AC422CC48A72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
Manifest number:          41
Signing time:             Sat 07 Jun 2025 17:00:53 +0000
Manifest this update:     Sat 07 Jun 2025 17:00:53 +0000
Manifest next update:     Sun 08 Jun 2025 17:00:53 +0000
Files and hashes:         1: D1pCPdyX3TDeyLhnPCSWjic3JnY.crl (hash: 1AtSBHz1tazJaE0j3j+vx+SfGyqo4xLA1Il5cWout9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:8f:47:c8:fe:95:90:bb:d1:ac:42:2c:c4:8a:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f5a423ddc97dd30dec8b8673c24968e27372676
        Validity
            Not Before: Jun  7 17:00:53 2025 GMT
            Not After : Jun  8 17:00:53 2025 GMT
        Subject: CN=bcb342797cec4fc380c44bc57812aec0c52fcc5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6b:c9:5e:e9:5a:5f:40:3e:3b:02:28:38:b8:
                    02:7b:2b:f9:7e:97:ee:bc:c4:39:f6:1e:03:5c:76:
                    bd:a3:f6:0b:7e:08:ac:b5:9e:22:02:14:5b:33:20:
                    98:d1:b8:24:8a:83:50:bc:de:df:d3:93:e3:a7:eb:
                    9b:34:cf:a5:c6:f3:10:4a:a8:ca:ff:7c:e9:62:f1:
                    0a:65:65:79:44:d7:c6:f6:5f:77:76:02:00:d6:4c:
                    0e:2a:90:5c:62:c5:db:81:9b:6a:02:be:e9:9d:44:
                    94:4c:01:80:7d:c7:8f:94:b7:bc:ee:b3:ee:9a:c2:
                    8b:94:21:83:35:f4:da:39:14:e7:ae:d1:0f:27:63:
                    dc:47:d1:92:d9:38:f4:ea:8f:84:cb:12:49:65:e8:
                    2f:04:ca:ae:ba:e5:e1:32:6b:d9:0c:34:da:c9:95:
                    2f:d0:b9:4c:e4:35:bd:76:5c:e3:92:91:b9:0a:05:
                    2c:7f:c7:1f:f7:90:ee:12:bd:05:4b:c1:be:45:6b:
                    66:5f:7e:cf:cf:29:46:68:40:39:09:71:90:b9:33:
                    45:35:d7:75:37:63:57:14:7b:c4:c1:6e:38:56:3b:
                    26:40:0b:4a:69:5a:dd:1a:ca:c7:22:73:c5:47:88:
                    1a:9a:0d:67:8c:ad:f8:cd:f0:21:2d:95:70:52:3e:
                    c1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:B3:42:79:7C:EC:4F:C3:80:C4:4B:C5:78:12:AE:C0:C5:2F:CC:5C
            X509v3 Authority Key Identifier:
                keyid:0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ce:5b:06:44:a3:01:1d:c6:ba:dd:4f:92:1b:c0:61:85:9d:
         97:22:c6:4a:17:7d:a1:8e:93:d4:c2:a1:db:cf:a5:73:13:48:
         5d:7d:4e:70:4c:3f:c6:f9:da:a5:81:c7:09:c0:33:66:b5:ba:
         80:eb:01:69:38:6c:c9:41:28:04:85:9e:f5:58:f6:70:62:cb:
         4a:c1:c2:4d:84:df:e2:8d:49:13:38:7e:1e:4d:03:2a:6f:1b:
         3c:4d:88:f7:20:dc:63:bd:d8:3a:33:99:e3:6e:32:8b:75:10:
         f4:d8:9e:af:95:80:3f:66:93:fb:9e:48:ba:21:08:24:9e:08:
         20:98:cf:c2:ff:6c:b5:67:ed:f8:5a:68:4c:8c:cd:23:a7:ea:
         e4:ef:de:17:2e:72:06:8f:d1:0c:76:5c:e1:38:95:6f:8f:df:
         d7:13:07:59:12:0a:f1:b9:24:f0:82:03:bf:b4:9c:3f:ed:c2:
         7f:8a:9f:ac:80:54:2c:b8:c1:64:91:08:b5:8e:41:de:5a:ef:
         35:bc:ff:73:5e:d6:ed:ee:5c:94:1d:b5:ef:79:c0:40:ae:cd:
         03:6e:dd:eb:69:31:ba:dc:f7:2c:37:30:c1:e3:12:b3:0e:97:
         29:be:30:fc:67:af:ca:0a:4f:01:97:d5:99:52:3f:6e:2e:ef:
         47:93:b8:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVo9HyP6VkLvRrEIsxIpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNWE0MjNkZGM5N2RkMzBkZWM4Yjg2NzNjMjQ5NjhlMjcz
NzI2NzYwHhcNMjUwNjA3MTcwMDUzWhcNMjUwNjA4MTcwMDUzWjAzMTEwLwYDVQQD
EyhiY2IzNDI3OTdjZWM0ZmMzODBjNDRiYzU3ODEyYWVjMGM1MmZjYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmvJXulaX0A+OwIoOLgCeyv5fpfu
vMQ59h4DXHa9o/YLfgistZ4iAhRbMyCY0bgkioNQvN7f05Pjp+ubNM+lxvMQSqjK
/3zpYvEKZWV5RNfG9l93dgIA1kwOKpBcYsXbgZtqAr7pnUSUTAGAfcePlLe87rPu
msKLlCGDNfTaORTnrtEPJ2PcR9GS2Tj06o+EyxJJZegvBMquuuXhMmvZDDTayZUv
0LlM5DW9dlzjkpG5CgUsf8cf95DuEr0FS8G+RWtmX37PzylGaEA5CXGQuTNFNdd1
N2NXFHvEwW44VjsmQAtKaVrdGsrHInPFR4gamg1njK34zfAhLZVwUj7BLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyzQnl87E/DgMRLxXgSrsDFL8xcMB8GA1UdIwQY
MBaAFA9aQj3cl90w3si4Zzwklo4nNyZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEt
Y2Y4OWJlNWE1ZmVhLzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEtY2Y4OWJlNWE1ZmVh
LzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj85bBkSj
AR3Gut1PkhvAYYWdlyLGShd9oY6T1MKh28+lcxNIXX1OcEw/xvnapYHHCcAzZrW6
gOsBaThsyUEoBIWe9Vj2cGLLSsHCTYTf4o1JEzh+Hk0DKm8bPE2I9yDcY73YOjOZ
424yi3UQ9Nier5WAP2aT+55IuiEIJJ4IIJjPwv9stWft+FpoTIzNI6fq5O/eFy5y
Bo/RDHZc4TiVb4/f1xMHWRIK8bkk8IIDv7ScP+3Cf4qfrIBULLjBZJEItY5B3lrv
Nbz/c17W7e5clB2173nAQK7NA27d62kxutz3LDcwweMSsw6XKb4w/GevygpPAZfV
mVI/bi7vR5O4EA==
-----END CERTIFICATE-----