Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          ZT7I8MFiawlO0rKO7fcFvWum8/Cwx3+SS+5dDiQsS8U=
Subject key identifier:   9D:0C:D8:66:33:5B:58:D9:CC:C1:02:C8:EC:F8:F2:58:CE:4A:8D:99
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019764041E1E8B1AB14A544A80E9CEF5CBDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0C34
Signing time:             Thu 12 Jun 2025 12:01:20 +0000
Manifest this update:     Thu 12 Jun 2025 12:01:20 +0000
Manifest next update:     Fri 13 Jun 2025 12:01:20 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: Zs90lhpoCcCuqzneGxmznQW3h/nKOIYAicAsrs07/9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:04:1e:1e:8b:1a:b1:4a:54:4a:80:e9:ce:f5:cb:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Jun 12 12:01:20 2025 GMT
            Not After : Jun 13 12:01:20 2025 GMT
        Subject: CN=9d0cd866335b58d9ccc102c8ecf8f258ce4a8d99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5a:2e:de:cc:fe:b4:53:ee:ce:cf:e1:7c:14:
                    a5:9b:c2:45:8e:ce:99:c3:67:e5:35:6f:8b:8c:91:
                    b0:37:aa:fd:a1:6c:ae:3a:c8:52:1a:45:95:e5:c5:
                    c6:df:29:ab:87:b1:a0:ed:e6:87:3d:bb:91:8d:cc:
                    d1:ec:81:7f:61:2d:73:b7:72:6d:f0:88:d9:07:8e:
                    c8:9a:83:81:2b:12:fe:62:d1:b6:ef:92:54:9b:04:
                    87:99:4a:03:f5:48:75:1d:96:e7:05:3d:10:8a:3b:
                    f4:54:08:a3:1d:b1:33:df:b4:60:83:e7:87:f7:a8:
                    15:a1:de:a8:a2:cc:b2:99:71:d2:f3:52:57:4a:52:
                    36:2a:92:f1:f1:d6:f0:f1:9f:3e:be:3f:30:bc:d9:
                    8b:c7:53:b8:ee:bd:c1:f6:53:3a:ea:db:65:9f:9e:
                    ab:1e:60:d6:fc:7b:e0:ec:31:e8:eb:b3:8f:5a:db:
                    ea:cf:20:ad:f0:00:d6:ad:f7:3f:2d:6b:da:25:d2:
                    64:11:87:55:63:35:f8:c6:63:80:ff:bb:1c:c2:9a:
                    00:0e:b8:c2:a0:80:ae:77:22:ab:42:ee:16:8b:62:
                    f1:66:d4:a1:a2:a7:e7:96:c0:62:15:ad:59:a0:4d:
                    47:37:2d:31:df:b0:52:bf:5d:bb:85:ae:f5:87:61:
                    4d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:0C:D8:66:33:5B:58:D9:CC:C1:02:C8:EC:F8:F2:58:CE:4A:8D:99
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:9a:fc:ca:c3:35:b1:15:43:bb:8c:c5:f7:4c:f5:71:5e:4a:
         1c:08:91:d2:9e:0d:b0:ab:55:a0:10:a2:8c:e0:94:c5:5f:91:
         fe:33:18:37:8a:8e:f9:e3:02:0d:41:a0:e8:29:18:6b:0c:5d:
         09:bd:42:4b:24:8f:ea:c4:99:8f:4a:03:a0:80:b1:bd:80:36:
         48:61:6f:71:81:3d:1e:75:2c:fb:e3:94:e2:c5:71:da:bb:31:
         5c:16:ac:a2:d3:8a:ca:9f:a7:18:85:de:fc:62:47:da:cc:0f:
         a1:a2:6e:4e:ea:41:70:76:2a:42:81:fa:4f:fb:23:51:0d:89:
         81:43:7a:43:b5:f3:1e:5a:86:01:3b:8a:f8:15:ed:8e:8d:41:
         b3:29:63:7e:15:d4:bd:4f:72:a1:cf:be:17:9b:9e:03:f8:33:
         59:da:9b:b7:e3:7b:02:9e:6c:2c:60:f3:15:ea:51:03:0e:5f:
         15:85:dc:af:a9:ca:24:7d:5a:2c:c2:50:9a:72:e3:be:10:e6:
         c0:ef:9e:b3:9f:d7:de:75:5d:2e:2e:2b:12:31:3a:45:ce:92:
         f4:63:9c:36:36:7f:6e:b2:8c:ba:8e:00:02:e0:33:b2:a0:c0:
         72:a9:f3:e7:7a:a1:aa:a7:bd:8b:eb:6e:bf:70:5a:66:d9:61:
         cf:e6:94:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkBB4eixqxSlRKgOnO9cvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNjEyMTIwMTIwWhcNMjUwNjEzMTIwMTIwWjAzMTEwLwYDVQQD
Eyg5ZDBjZDg2NjMzNWI1OGQ5Y2NjMTAyYzhlY2Y4ZjI1OGNlNGE4ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFou3sz+tFPuzs/hfBSlm8JFjs6Z
w2flNW+LjJGwN6r9oWyuOshSGkWV5cXG3ymrh7Gg7eaHPbuRjczR7IF/YS1zt3Jt
8IjZB47ImoOBKxL+YtG275JUmwSHmUoD9Uh1HZbnBT0Qijv0VAijHbEz37Rgg+eH
96gVod6oosyymXHS81JXSlI2KpLx8dbw8Z8+vj8wvNmLx1O47r3B9lM66ttln56r
HmDW/Hvg7DHo67OPWtvqzyCt8ADWrfc/LWvaJdJkEYdVYzX4xmOA/7scwpoADrjC
oICudyKrQu4Wi2LxZtShoqfnlsBiFa1ZoE1HNy0x37BSv127ha71h2FNWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0M2GYzW1jZzMECyOz48ljOSo2ZMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZr8ysM1
sRVDu4zF90z1cV5KHAiR0p4NsKtVoBCijOCUxV+R/jMYN4qO+eMCDUGg6CkYawxd
Cb1CSySP6sSZj0oDoICxvYA2SGFvcYE9HnUs++OU4sVx2rsxXBasotOKyp+nGIXe
/GJH2swPoaJuTupBcHYqQoH6T/sjUQ2JgUN6Q7XzHlqGATuK+BXtjo1BsyljfhXU
vU9yoc++F5ueA/gzWdqbt+N7Ap5sLGDzFepRAw5fFYXcr6nKJH1aLMJQmnLjvhDm
wO+es5/X3nVdLi4rEjE6Rc6S9GOcNjZ/brKMuo4AAuAzsqDAcqnz53qhqqe9i+tu
v3BaZtlhz+aUsQ==
-----END CERTIFICATE-----