Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          jGr/gdcXGqDm3qqTioHTcDW9g+zpW5X5sT4XFvfyAC8=
Subject key identifier:   BD:64:D8:34:A1:06:C4:B3:28:B9:73:39:C8:5C:95:C8:79:0A:1B:3A
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       01974A7B735A1D0A549FC0736862EAAF2C07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          1293
Signing time:             Sat 07 Jun 2025 13:01:33 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:33 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:33 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: Szfobdi/4FNodQk7KeCd7xFv8LMQgBhLOKstEKIPILc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:73:5a:1d:0a:54:9f:c0:73:68:62:ea:af:2c:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Jun  7 13:01:33 2025 GMT
            Not After : Jun  8 13:01:33 2025 GMT
        Subject: CN=bd64d834a106c4b328b97339c85c95c8790a1b3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a4:ba:a1:fd:92:d3:d3:96:86:53:1a:93:e6:
                    c7:41:26:42:40:55:a2:1a:4d:0f:54:10:d3:12:2e:
                    85:4b:84:38:80:33:6b:57:56:bf:ea:6c:9f:6e:a4:
                    68:ae:34:6a:81:45:d1:c0:37:d4:35:24:93:9d:99:
                    72:a2:f9:f7:35:ab:c2:79:b5:5d:d1:4c:a8:1f:11:
                    b5:08:53:42:12:65:9e:3c:7d:e0:4d:ed:cf:68:b0:
                    58:45:b2:0e:e5:83:a7:20:c1:cc:a7:51:ad:af:c8:
                    d3:b4:e3:a1:d8:0e:f3:bb:81:d8:7d:21:17:86:66:
                    57:71:1e:89:3d:17:19:1e:64:35:61:be:7a:e0:c8:
                    5d:3d:66:b4:9d:04:b1:be:1c:87:e5:b7:73:ec:54:
                    92:25:10:e9:86:64:0a:1d:b1:6c:c4:cb:ab:d9:80:
                    52:40:3e:d0:3e:20:26:92:90:09:78:97:10:69:59:
                    f5:2f:3f:70:05:54:8e:0a:af:5f:ec:71:7f:89:68:
                    3c:db:d8:f6:7a:a0:40:9b:f0:19:6c:fb:6b:52:93:
                    32:f4:ee:88:87:c5:57:9a:0b:e7:35:70:6a:5b:21:
                    72:f2:6b:4b:24:f0:d2:c2:93:d3:df:9e:04:d9:ed:
                    45:4b:fd:9e:ed:19:43:10:d7:3e:8c:8e:35:ef:ce:
                    bd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:64:D8:34:A1:06:C4:B3:28:B9:73:39:C8:5C:95:C8:79:0A:1B:3A
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:c4:ff:85:d7:8e:de:60:da:0a:10:22:3c:30:c5:02:b4:d5:
         db:da:38:fd:63:87:54:62:a7:c8:0e:7c:b9:7d:40:c7:d9:82:
         b9:08:65:50:c4:dd:32:30:30:b1:30:51:3f:0c:22:11:c2:13:
         94:d7:74:07:a0:4f:6c:5f:62:e3:bb:24:30:b1:ea:4a:7d:7d:
         23:b2:e8:6f:f9:8f:b9:4a:95:91:eb:89:51:36:7d:49:9c:f6:
         78:bb:bf:c9:52:d2:2e:1f:84:fd:36:52:47:ca:27:2b:d9:ad:
         1a:92:37:cd:29:d8:77:1a:fb:25:f7:c9:ef:15:70:eb:c9:c9:
         c0:44:e7:29:26:d7:92:e7:c3:ca:36:60:d6:98:71:e6:cc:f5:
         94:b7:80:04:46:af:43:a5:eb:58:52:80:d1:e8:f1:54:87:37:
         25:8b:b5:37:01:1e:fb:3d:14:09:31:de:30:8d:8d:12:3d:ca:
         24:78:c8:9a:09:5e:c4:9a:67:b3:7c:85:d6:8c:dd:ae:7c:09:
         6a:df:26:be:f4:87:7c:f2:d2:11:ff:c6:7b:72:39:90:ad:cd:
         e2:e8:e0:2f:08:2c:30:33:03:0b:ab:96:19:27:86:b8:34:c0:
         be:f8:1d:b9:d4:4c:ce:1b:82:29:c6:db:59:a1:d2:25:29:f2:
         df:d6:e1:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe3NaHQpUn8BzaGLqrywHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUwNjA3MTMwMTMzWhcNMjUwNjA4MTMwMTMzWjAzMTEwLwYDVQQD
EyhiZDY0ZDgzNGExMDZjNGIzMjhiOTczMzljODVjOTVjODc5MGExYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqS6of2S09OWhlMak+bHQSZCQFWi
Gk0PVBDTEi6FS4Q4gDNrV1a/6myfbqRorjRqgUXRwDfUNSSTnZlyovn3NavCebVd
0UyoHxG1CFNCEmWePH3gTe3PaLBYRbIO5YOnIMHMp1Gtr8jTtOOh2A7zu4HYfSEX
hmZXcR6JPRcZHmQ1Yb564MhdPWa0nQSxvhyH5bdz7FSSJRDphmQKHbFsxMur2YBS
QD7QPiAmkpAJeJcQaVn1Lz9wBVSOCq9f7HF/iWg829j2eqBAm/AZbPtrUpMy9O6I
h8VXmgvnNXBqWyFy8mtLJPDSwpPT354E2e1FS/2e7RlDENc+jI417869sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1k2DShBsSzKLlzOchclch5Chs6MB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAscT/hdeO
3mDaChAiPDDFArTV29o4/WOHVGKnyA58uX1Ax9mCuQhlUMTdMjAwsTBRPwwiEcIT
lNd0B6BPbF9i47skMLHqSn19I7Lob/mPuUqVkeuJUTZ9SZz2eLu/yVLSLh+E/TZS
R8onK9mtGpI3zSnYdxr7JffJ7xVw68nJwETnKSbXkufDyjZg1phx5sz1lLeABEav
Q6XrWFKA0ejxVIc3JYu1NwEe+z0UCTHeMI2NEj3KJHjImglexJpns3yF1ozdrnwJ
at8mvvSHfPLSEf/Ge3I5kK3N4ujgLwgsMDMDC6uWGSeGuDTAvvgdudRMzhuCKcbb
WaHSJSny39bh5g==
-----END CERTIFICATE-----