Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          wA37Y3Zk5Ym9DRvA9oN4RTZz7p8muJn45ToHK9KFmxI=
Subject key identifier:   40:68:80:9C:D9:90:C8:C3:C0:DA:84:BE:9D:E4:32:60:5B:6E:E1:19
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       0197466716624C778FE8396B1D4A2177D663
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1578
Signing time:             Fri 06 Jun 2025 18:00:50 +0000
Manifest this update:     Fri 06 Jun 2025 18:00:50 +0000
Manifest next update:     Sat 07 Jun 2025 18:00:50 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: HFY1EFJVC7EdvfDjCFniXJljkN0uEva5mFZsR7c+wvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 18:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:67:16:62:4c:77:8f:e8:39:6b:1d:4a:21:77:d6:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Jun  6 18:00:50 2025 GMT
            Not After : Jun  7 18:00:50 2025 GMT
        Subject: CN=4068809cd990c8c3c0da84be9de432605b6ee119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:58:c9:43:1e:4e:38:2a:c6:e0:39:df:e6:f3:
                    07:30:ff:15:97:3c:1a:c5:8c:13:5f:e3:39:23:e3:
                    ab:7a:cf:fa:a3:65:34:92:72:04:be:a8:19:54:92:
                    44:dd:8a:25:47:c8:57:84:3f:45:5d:03:7b:67:1c:
                    5c:e7:cb:81:07:5d:eb:4d:5c:b2:34:81:58:20:6b:
                    c4:5c:ed:1f:d6:6b:db:92:ce:33:1a:6d:b0:dc:6e:
                    09:c3:79:3d:75:69:6c:bb:53:df:1e:a7:e4:55:a8:
                    ac:5d:f1:d4:14:3e:8c:ea:5f:46:a1:a3:26:20:fe:
                    fd:42:e5:13:26:09:a8:f9:2c:e9:74:ef:ae:d6:9d:
                    c6:e5:c1:cd:b8:59:ff:e3:d8:06:72:1f:e3:bc:16:
                    0b:e9:b3:8f:2b:00:09:fc:47:fb:29:f9:d4:a9:9d:
                    3d:62:d8:d7:42:69:57:17:86:50:7c:c7:fb:c8:19:
                    26:07:42:a0:69:c5:59:a4:2c:c2:60:43:da:66:da:
                    cc:eb:17:77:73:5e:f3:49:b5:76:c8:57:60:da:ee:
                    5b:8d:ba:a7:5a:63:b5:c4:5b:3a:60:25:f4:40:25:
                    63:e0:f3:08:53:35:5b:8d:34:a2:55:02:05:ac:2b:
                    f6:69:e9:9a:38:ee:bf:96:f5:96:4e:34:37:8f:58:
                    6b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:68:80:9C:D9:90:C8:C3:C0:DA:84:BE:9D:E4:32:60:5B:6E:E1:19
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:90:1c:73:80:fc:1d:4e:e9:27:e3:11:18:3d:99:70:e9:16:
         ea:30:8a:ce:63:28:2f:8a:a8:ff:3d:d7:ad:cc:25:87:de:0b:
         f5:c2:99:52:71:66:8f:c4:6e:32:32:83:98:46:00:5a:89:0a:
         48:dd:72:c8:9f:8f:ec:c9:5e:09:55:4b:b0:3e:d7:6a:43:17:
         ef:96:24:20:8f:fc:65:48:b9:1c:70:e0:b8:f0:e9:18:bb:a2:
         2c:69:a9:bd:ee:ce:24:36:28:81:47:e0:6e:ce:54:ec:33:17:
         5d:7f:e6:7e:6f:6f:47:d8:f0:80:3f:65:c8:71:ca:37:b5:cc:
         ea:a3:cd:18:cd:d9:43:5b:92:be:a3:91:6c:30:63:de:22:95:
         11:a6:1b:7e:42:b6:f1:45:50:8c:73:f0:b2:f0:5c:35:bf:86:
         66:e0:9e:53:66:3d:e7:f9:12:5d:b9:15:b7:e3:a3:c0:08:5e:
         75:e1:b6:8a:52:fc:e3:19:76:d9:db:a9:22:64:55:e4:31:99:
         16:e2:00:1f:fe:50:a3:6c:c1:9f:59:93:76:b1:67:bb:96:55:
         42:fe:c4:83:d4:0c:5e:d7:4d:75:96:6d:87:42:0d:43:cb:d5:
         c9:ca:fa:75:a8:cf:ae:13:2e:ee:47:6a:22:d6:f2:8f:1d:bf:
         8b:45:fe:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGZxZiTHeP6DlrHUohd9ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUwNjA2MTgwMDUwWhcNMjUwNjA3MTgwMDUwWjAzMTEwLwYDVQQD
Eyg0MDY4ODA5Y2Q5OTBjOGMzYzBkYTg0YmU5ZGU0MzI2MDViNmVlMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ljJQx5OOCrG4Dnf5vMHMP8Vlzwa
xYwTX+M5I+Ores/6o2U0knIEvqgZVJJE3YolR8hXhD9FXQN7Zxxc58uBB13rTVyy
NIFYIGvEXO0f1mvbks4zGm2w3G4Jw3k9dWlsu1PfHqfkVaisXfHUFD6M6l9GoaMm
IP79QuUTJgmo+SzpdO+u1p3G5cHNuFn/49gGch/jvBYL6bOPKwAJ/Ef7KfnUqZ09
YtjXQmlXF4ZQfMf7yBkmB0KgacVZpCzCYEPaZtrM6xd3c17zSbV2yFdg2u5bjbqn
WmO1xFs6YCX0QCVj4PMIUzVbjTSiVQIFrCv2aemaOO6/lvWWTjQ3j1hrIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBogJzZkMjDwNqEvp3kMmBbbuEZMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5Acc4D8
HU7pJ+MRGD2ZcOkW6jCKzmMoL4qo/z3Xrcwlh94L9cKZUnFmj8RuMjKDmEYAWokK
SN1yyJ+P7MleCVVLsD7XakMX75YkII/8ZUi5HHDguPDpGLuiLGmpve7OJDYogUfg
bs5U7DMXXX/mfm9vR9jwgD9lyHHKN7XM6qPNGM3ZQ1uSvqORbDBj3iKVEaYbfkK2
8UVQjHPwsvBcNb+GZuCeU2Y95/kSXbkVt+OjwAhedeG2ilL84xl22dupImRV5DGZ
FuIAH/5Qo2zBn1mTdrFnu5ZVQv7Eg9QMXtdNdZZth0INQ8vVycr6dajPrhMu7kdq
Itbyjx2/i0X+ig==
-----END CERTIFICATE-----