Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
File:                     K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft (raw, json)
Hash identifier:          zdHZEhrA8UjxIw1pIL9k1KKfufhCAH9nIUYsSKB3Wqk=
Subject key identifier:   1C:ED:18:42:66:9A:5B:96:4F:4B:B9:B8:C7:93:EE:1B:2B:D2:5A:92
Authority key identifier: 2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F
Certificate issuer:       /CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
Certificate serial:       01974A7A902943FAAD66D6615C1D7ABFE5AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
Manifest number:          0696
Signing time:             Sat 07 Jun 2025 13:00:35 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:35 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:35 +0000
Files and hashes:         1: K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl (hash: kF6lM1Et3G4XpwdS47HnLMbj58/cZaiyQzoUPSNvAj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:90:29:43:fa:ad:66:d6:61:5c:1d:7a:bf:e5:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
        Validity
            Not Before: Jun  7 13:00:35 2025 GMT
            Not After : Jun  8 13:00:35 2025 GMT
        Subject: CN=1ced1842669a5b964f4bb9b8c793ee1b2bd25a92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e0:96:cd:92:a8:2a:d6:18:55:71:36:58:d3:
                    c3:5e:d8:ce:d4:6e:bc:c4:f6:ae:87:d3:f7:ad:c4:
                    87:33:1b:f6:d2:de:bc:f6:3a:f1:34:b1:e1:51:a5:
                    84:05:dc:2c:e0:45:23:52:3d:85:91:2a:c9:79:be:
                    7f:4a:9f:21:ae:da:1a:ff:ed:de:30:16:cb:6f:33:
                    4a:b8:04:19:fb:ea:ae:ed:3f:1b:da:06:bb:0e:92:
                    68:58:26:c4:0c:be:6f:66:94:3c:ab:ac:2f:13:12:
                    24:59:88:da:d1:99:ff:2b:9d:08:8c:d4:62:2d:79:
                    25:44:00:ee:f0:6c:ea:83:c1:05:fe:bd:7a:a2:a4:
                    d9:a5:7c:e8:6d:06:f2:ce:96:02:13:7f:3a:a5:01:
                    23:9e:ec:97:e9:5f:38:4a:5c:e3:41:7b:12:cb:aa:
                    dc:b7:e7:28:56:12:35:5e:f1:4b:61:0a:be:2b:73:
                    4d:4c:7e:5e:a7:08:e9:a2:dc:30:37:4a:66:11:78:
                    da:22:6d:ac:de:b0:b9:29:ac:2b:40:e3:d2:77:74:
                    5b:2c:19:dc:42:db:58:f5:0a:85:74:7e:fc:e3:ee:
                    e2:55:f0:1a:7b:61:38:d5:22:0f:e9:16:e2:74:8e:
                    70:66:76:1d:f6:19:d6:f8:21:9e:8d:fd:06:aa:a3:
                    f9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:ED:18:42:66:9A:5B:96:4F:4B:B9:B8:C7:93:EE:1B:2B:D2:5A:92
            X509v3 Authority Key Identifier:
                keyid:2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:17:a4:f0:c2:3c:1f:28:4f:97:25:05:06:02:1e:55:60:fe:
         a9:35:23:df:03:5b:7d:e9:9d:d9:e3:1b:66:15:44:ed:f2:de:
         2c:49:d0:c6:86:7c:29:30:76:5c:93:e6:d6:16:ea:42:0d:3c:
         27:16:6d:3a:e3:38:5c:3a:29:d7:72:c8:07:a8:f5:d4:48:7e:
         3e:2b:47:bd:97:bc:27:cb:45:ef:39:03:01:82:94:2b:ed:69:
         3d:ac:6a:06:1a:5b:d6:0d:e9:58:ad:a5:8c:76:53:c8:ef:3f:
         3e:98:0a:a8:f0:2a:00:1a:bb:bf:50:40:2e:c4:c3:2b:9b:5f:
         2a:4c:6b:30:95:2f:92:cf:5b:d1:80:1f:fd:41:68:93:2e:b5:
         13:c9:ce:08:1f:4b:d8:bb:79:3a:8d:bd:46:15:79:29:48:ab:
         0f:d4:bb:f2:a6:46:62:aa:83:4f:36:55:ec:3b:22:7f:6b:8a:
         41:c4:5f:d6:a2:b5:31:f0:30:fc:29:4a:4b:34:11:bd:8a:c5:
         14:6d:a6:f8:11:8c:0a:f1:5b:c3:72:2a:cb:8f:90:6a:4a:c1:
         af:0e:09:b0:05:81:e3:61:80:3a:c5:80:88:d0:63:44:b3:05:
         33:59:18:fb:69:b1:8e:0c:ed:af:bf:d8:c7:b1:7d:3d:5f:8e:
         b4:04:dd:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKepApQ/qtZtZhXB16v+WvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNTdiMGRiMDAxNmZlNjI1MDk1ZGYwYzZlNTdmZTA3ZjFj
ZjI4OWYwHhcNMjUwNjA3MTMwMDM1WhcNMjUwNjA4MTMwMDM1WjAzMTEwLwYDVQQD
EygxY2VkMTg0MjY2OWE1Yjk2NGY0YmI5YjhjNzkzZWUxYjJiZDI1YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueCWzZKoKtYYVXE2WNPDXtjO1G68
xPauh9P3rcSHMxv20t689jrxNLHhUaWEBdws4EUjUj2FkSrJeb5/Sp8hrtoa/+3e
MBbLbzNKuAQZ++qu7T8b2ga7DpJoWCbEDL5vZpQ8q6wvExIkWYja0Zn/K50IjNRi
LXklRADu8Gzqg8EF/r16oqTZpXzobQbyzpYCE386pQEjnuyX6V84SlzjQXsSy6rc
t+coVhI1XvFLYQq+K3NNTH5epwjpotwwN0pmEXjaIm2s3rC5KawrQOPSd3RbLBnc
QttY9QqFdH784+7iVfAae2E41SIP6RbidI5wZnYd9hnW+CGejf0GqqP5NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBztGEJmmluWT0u5uMeT7hsr0lqSMB8GA1UdIwQY
MBaAFCtXsNsAFv5iUJXfDG5X/gfxzyifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgt
ZjQ0ZjM1YjdhOTVkLzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgtZjQ0ZjM1YjdhOTVk
LzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBek8MI8
HyhPlyUFBgIeVWD+qTUj3wNbfemd2eMbZhVE7fLeLEnQxoZ8KTB2XJPm1hbqQg08
JxZtOuM4XDop13LIB6j11Eh+PitHvZe8J8tF7zkDAYKUK+1pPaxqBhpb1g3pWK2l
jHZTyO8/PpgKqPAqABq7v1BALsTDK5tfKkxrMJUvks9b0YAf/UFoky61E8nOCB9L
2Lt5Oo29RhV5KUirD9S78qZGYqqDTzZV7Dsif2uKQcRf1qK1MfAw/ClKSzQRvYrF
FG2m+BGMCvFbw3Iqy4+QakrBrw4JsAWB42GAOsWAiNBjRLMFM1kY+2mxjgztr7/Y
x7F9PV+OtATdow==
-----END CERTIFICATE-----