Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          9HvuuAE2LSeytksolyb9gZwG/YhrDB4PND5HjJ6+ZYc=
Subject key identifier:   AF:F7:DA:0F:F5:33:86:DA:51:74:AD:0A:0E:D4:C6:95:2F:CD:9E:12
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       01976214E79A73F2D4930A84669D995E8ED5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0C33
Signing time:             Thu 12 Jun 2025 03:00:26 +0000
Manifest this update:     Thu 12 Jun 2025 03:00:26 +0000
Manifest next update:     Fri 13 Jun 2025 03:00:26 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: a6go+3CsB4g3N2EIL3x0wch97NhvtkrcXfgzklmolhg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 03:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:14:e7:9a:73:f2:d4:93:0a:84:66:9d:99:5e:8e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Jun 12 03:00:26 2025 GMT
            Not After : Jun 13 03:00:26 2025 GMT
        Subject: CN=aff7da0ff53386da5174ad0a0ed4c6952fcd9e12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f0:7f:74:32:35:86:1e:99:ec:f4:df:b1:37:
                    ff:95:b9:5b:a6:47:53:16:ec:98:6c:57:9e:36:55:
                    6f:c3:9d:37:08:e6:ab:be:07:ed:1d:a8:17:e1:88:
                    f5:e1:7b:96:2e:7f:1e:6f:aa:f2:27:26:3c:fd:6e:
                    fe:03:ea:9e:24:b1:0f:68:41:89:32:88:bc:2e:28:
                    3c:e2:fb:16:b2:b6:0a:8e:e1:fd:55:3f:3b:66:d2:
                    88:1e:32:ec:32:4c:6d:31:9f:03:11:fc:a3:74:1d:
                    2b:c1:72:70:d5:c4:3a:0e:1a:07:97:b1:29:19:58:
                    59:64:ea:5a:f3:d0:23:80:39:30:c4:71:f4:18:aa:
                    96:93:a5:bc:96:34:5e:40:fd:8d:d7:5d:f1:dc:55:
                    78:9b:b7:02:c9:fd:e2:ed:08:34:99:31:d3:66:c6:
                    17:9a:35:26:32:25:d0:5b:ca:4b:b9:6d:9c:29:66:
                    6e:ed:cb:44:ef:3e:52:1e:ec:c7:86:3b:b7:7f:bb:
                    c3:fc:72:20:6b:da:81:97:2a:db:ba:02:9b:ee:7a:
                    8b:58:e2:6d:5d:69:1b:75:d2:ec:44:3e:cd:74:b0:
                    2b:24:b4:66:d2:c9:22:79:b9:d2:94:c0:68:38:73:
                    21:9e:ba:55:97:a3:14:8d:98:04:59:d9:3d:23:5b:
                    99:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F7:DA:0F:F5:33:86:DA:51:74:AD:0A:0E:D4:C6:95:2F:CD:9E:12
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:c8:ea:a7:03:da:4e:7d:14:92:2a:e2:41:f0:71:70:28:ee:
         de:68:68:d9:b2:f5:ec:00:4d:6d:cc:b7:f4:86:93:0a:e6:2b:
         78:07:48:02:74:ec:f4:f8:5e:32:5b:e1:a2:3d:cd:09:9c:fd:
         5f:01:9d:cf:b0:34:3a:be:86:85:4c:56:0f:e6:27:f5:37:c5:
         02:99:9a:93:91:a0:02:e2:e8:2c:6a:f4:39:01:3e:19:d7:91:
         12:31:67:5e:21:47:ca:99:89:1a:b2:c0:af:17:de:3a:6f:93:
         f4:c2:8a:95:ac:2c:33:fd:e2:51:de:5e:6c:ee:20:e0:a4:14:
         1a:78:4b:2a:35:9f:d0:7f:48:41:62:39:48:96:6e:db:15:87:
         3d:f6:71:3d:71:04:7c:5d:91:86:16:8b:0c:7b:4e:80:80:f0:
         71:5b:27:fe:23:21:19:e6:40:3c:2c:41:d2:53:27:70:4f:31:
         b4:5c:37:19:3b:f9:e0:4e:f6:76:a5:fb:78:06:8b:49:86:3b:
         d9:3e:fa:ea:3e:2d:18:b2:58:ff:8c:aa:32:53:4f:f9:5a:ec:
         5a:a0:5a:91:ea:cd:f2:75:25:e2:ec:dd:01:0e:5e:6d:26:b3:
         4c:2d:db:4d:2f:b3:65:01:c3:f3:6e:38:35:e9:19:85:09:c7:
         a5:6b:9a:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiFOeac/LUkwqEZp2ZXo7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNjEyMDMwMDI2WhcNMjUwNjEzMDMwMDI2WjAzMTEwLwYDVQQD
EyhhZmY3ZGEwZmY1MzM4NmRhNTE3NGFkMGEwZWQ0YzY5NTJmY2Q5ZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/B/dDI1hh6Z7PTfsTf/lblbpkdT
FuyYbFeeNlVvw503COarvgftHagX4Yj14XuWLn8eb6ryJyY8/W7+A+qeJLEPaEGJ
Moi8Lig84vsWsrYKjuH9VT87ZtKIHjLsMkxtMZ8DEfyjdB0rwXJw1cQ6DhoHl7Ep
GVhZZOpa89AjgDkwxHH0GKqWk6W8ljReQP2N113x3FV4m7cCyf3i7Qg0mTHTZsYX
mjUmMiXQW8pLuW2cKWZu7ctE7z5SHuzHhju3f7vD/HIga9qBlyrbugKb7nqLWOJt
XWkbddLsRD7NdLArJLRm0skiebnSlMBoOHMhnrpVl6MUjZgEWdk9I1uZwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/32g/1M4baUXStCg7UxpUvzZ4SMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKMjqpwPa
Tn0UkiriQfBxcCju3mho2bL17ABNbcy39IaTCuYreAdIAnTs9PheMlvhoj3NCZz9
XwGdz7A0Or6GhUxWD+Yn9TfFApmak5GgAuLoLGr0OQE+GdeREjFnXiFHypmJGrLA
rxfeOm+T9MKKlawsM/3iUd5ebO4g4KQUGnhLKjWf0H9IQWI5SJZu2xWHPfZxPXEE
fF2RhhaLDHtOgIDwcVsn/iMhGeZAPCxB0lMncE8xtFw3GTv54E72dqX7eAaLSYY7
2T766j4tGLJY/4yqMlNP+VrsWqBakerN8nUl4uzdAQ5ebSazTC3bTS+zZQHD8244
NekZhQnHpWua/g==
-----END CERTIFICATE-----