Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
File:                     14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft (raw, json)
Hash identifier:          TzRjJBStIjiZFISNbb8AsUIczPrZ+5But+OTviu9VBI=
Subject key identifier:   09:26:56:0A:5F:C1:1E:93:CA:CD:14:D4:21:10:46:82:E2:41:24:70
Authority key identifier: D7:88:85:19:81:CF:B3:C1:56:24:B6:E9:7F:60:A3:D9:91:D6:D9:69
Certificate issuer:       /CN=d788851981cfb3c15624b6e97f60a3d991d6d969
Certificate serial:       01974C324A45FC0E26D4BFE4014A71757CB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
Manifest number:          0454
Signing time:             Sat 07 Jun 2025 21:00:53 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:53 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:53 +0000
Files and hashes:         1: 14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl (hash: 0MIo4GFPndEFKlDeTKaiMEsnpsRObL9mmwdpOXdP/Ao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:32:4a:45:fc:0e:26:d4:bf:e4:01:4a:71:75:7c:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d788851981cfb3c15624b6e97f60a3d991d6d969
        Validity
            Not Before: Jun  7 21:00:53 2025 GMT
            Not After : Jun  8 21:00:53 2025 GMT
        Subject: CN=0926560a5fc11e93cacd14d421104682e2412470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:19:64:ef:74:ac:57:20:1f:95:09:29:18:bf:
                    a8:5f:83:a6:d1:94:88:d3:7d:a8:49:30:7b:c4:64:
                    60:76:6a:34:1c:91:1e:94:ad:b5:16:d9:78:f3:ff:
                    85:9f:89:0a:63:dd:ec:27:2b:6c:fd:e1:ef:bf:58:
                    68:dc:71:ad:ce:17:11:9b:40:ab:f8:eb:0c:29:13:
                    5b:1c:42:2d:73:3e:4d:54:2c:07:14:39:e7:19:b9:
                    bc:b1:c8:a0:b6:7c:8e:80:48:88:2c:34:34:c1:70:
                    59:24:60:30:e9:53:12:05:9d:8b:89:d8:5d:e9:10:
                    9a:45:e3:13:4b:15:8f:d0:e0:11:df:f6:3c:b4:31:
                    72:ae:12:4e:da:c0:52:56:33:ae:36:9f:06:0f:26:
                    ac:18:a4:fa:cb:c9:38:96:4e:86:c0:d6:17:50:85:
                    82:12:4c:27:ec:39:a1:6d:de:4c:ad:06:52:5e:a4:
                    c7:22:6a:1c:89:cf:80:4e:2d:e2:78:1f:0f:0c:53:
                    42:8c:00:75:e3:10:15:37:ba:89:66:93:03:19:f5:
                    eb:6b:dd:ae:22:4a:0b:ed:ad:4a:76:76:8b:21:78:
                    ff:5e:a4:83:0c:07:5d:76:db:21:ba:b5:6e:dd:b1:
                    2c:24:37:4d:c9:53:7b:fd:98:c9:d7:2a:c3:9c:d6:
                    29:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:26:56:0A:5F:C1:1E:93:CA:CD:14:D4:21:10:46:82:E2:41:24:70
            X509v3 Authority Key Identifier:
                keyid:D7:88:85:19:81:CF:B3:C1:56:24:B6:E9:7F:60:A3:D9:91:D6:D9:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0e2311-f9a1-4896-9d98-d08004493d14/1/14iFGYHPs8FWJLbpf2Cj2ZHW2Wk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:88:bf:b3:b9:39:65:69:a2:d9:54:2d:d5:b8:9b:91:04:f9:
         2d:b8:28:78:44:c8:91:31:84:d3:ef:cc:2b:43:35:26:9c:cb:
         bd:bd:d8:7b:cc:83:dc:ce:ed:84:a1:31:5b:cd:fb:c1:c9:b9:
         dc:92:7e:f2:08:91:90:d3:7c:f7:66:59:18:ec:43:fe:83:76:
         8e:6f:aa:20:aa:d2:82:ed:24:7a:d5:6d:42:6f:70:22:ba:9d:
         cd:9c:62:ac:05:10:bb:f2:53:ba:e8:fb:79:a9:7f:3e:51:e9:
         81:ff:8b:18:7a:38:7f:17:aa:cd:34:6f:5b:6c:29:3f:27:e3:
         7e:d1:d3:44:2a:50:d7:84:04:6d:d9:11:98:08:84:b0:66:16:
         e4:98:cf:95:e8:58:f5:98:3c:8e:f7:55:c9:a3:01:5f:ff:36:
         fd:61:3d:e1:92:e3:8f:5d:26:b6:93:eb:56:34:da:f9:fb:3c:
         95:58:4b:74:98:f4:89:39:5e:6a:aa:20:75:1f:94:79:61:22:
         e3:91:09:41:24:7a:04:71:45:a9:77:be:7d:0b:eb:20:f0:0d:
         78:b2:f4:cd:78:6d:4b:ce:14:9f:e6:eb:cd:bb:f6:a5:26:9a:
         fa:62:ad:4e:1f:11:e3:d9:5b:46:db:e2:6e:d3:fd:fd:bc:a6:
         78:14:93:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMkpF/A4m1L/kAUpxdXy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ODg4NTE5ODFjZmIzYzE1NjI0YjZlOTdmNjBhM2Q5OTFk
NmQ5NjkwHhcNMjUwNjA3MjEwMDUzWhcNMjUwNjA4MjEwMDUzWjAzMTEwLwYDVQQD
EygwOTI2NTYwYTVmYzExZTkzY2FjZDE0ZDQyMTEwNDY4MmUyNDEyNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxlk73SsVyAflQkpGL+oX4Om0ZSI
032oSTB7xGRgdmo0HJEelK21Ftl48/+Fn4kKY93sJyts/eHvv1ho3HGtzhcRm0Cr
+OsMKRNbHEItcz5NVCwHFDnnGbm8scigtnyOgEiILDQ0wXBZJGAw6VMSBZ2Lidhd
6RCaReMTSxWP0OAR3/Y8tDFyrhJO2sBSVjOuNp8GDyasGKT6y8k4lk6GwNYXUIWC
Ekwn7Dmhbd5MrQZSXqTHImocic+ATi3ieB8PDFNCjAB14xAVN7qJZpMDGfXra92u
IkoL7a1KdnaLIXj/XqSDDAdddtshurVu3bEsJDdNyVN7/ZjJ1yrDnNYpNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkmVgpfwR6Tys0U1CEQRoLiQSRwMB8GA1UdIwQY
MBaAFNeIhRmBz7PBViS26X9go9mR1tlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZTIzMTEtZjlhMS00ODk2LTlkOTgt
ZDA4MDA0NDkzZDE0LzEvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZTIzMTEtZjlhMS00ODk2LTlkOTgtZDA4MDA0NDkzZDE0
LzEvMTRpRkdZSFBzOEZXSkxicGYyQ2oyWkhXMldrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ4i/s7k5
ZWmi2VQt1bibkQT5LbgoeETIkTGE0+/MK0M1JpzLvb3Ye8yD3M7thKExW837wcm5
3JJ+8giRkNN892ZZGOxD/oN2jm+qIKrSgu0ketVtQm9wIrqdzZxirAUQu/JTuuj7
eal/PlHpgf+LGHo4fxeqzTRvW2wpPyfjftHTRCpQ14QEbdkRmAiEsGYW5JjPlehY
9Zg8jvdVyaMBX/82/WE94ZLjj10mtpPrVjTa+fs8lVhLdJj0iTleaqogdR+UeWEi
45EJQSR6BHFFqXe+fQvrIPANeLL0zXhtS84Un+brzbv2pSaa+mKtTh8R49lbRtvi
btP9/bymeBSTlQ==
-----END CERTIFICATE-----