Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          Hk70n+fq/h5oYG/UTAgxP5ct8NDUvNAw/cutJRRug+E=
Subject key identifier:   47:DA:84:57:F4:2E:2A:10:ED:CF:23:83:52:22:D9:7A:DA:10:61:B8
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       01975121BD10135BB195228FC708A0BD7F9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          05C0
Signing time:             Sun 08 Jun 2025 20:00:54 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:54 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:54 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: ZERu964sU5/hc66cVYRiYlNZauqNlB6eVNW+eTuTT6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:bd:10:13:5b:b1:95:22:8f:c7:08:a0:bd:7f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: Jun  8 20:00:54 2025 GMT
            Not After : Jun  9 20:00:54 2025 GMT
        Subject: CN=47da8457f42e2a10edcf23835222d97ada1061b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8d:70:41:0c:2f:69:ef:4a:8a:f8:f1:c2:8f:
                    a0:ff:3a:8b:d5:f2:f5:0d:b6:a6:fb:ec:c0:0c:1a:
                    54:b4:58:2d:f5:e1:08:97:fe:bc:1b:a2:e4:f9:94:
                    b6:07:d7:83:32:22:8f:9b:ab:ff:61:43:93:7f:db:
                    06:f1:40:e1:b5:97:10:69:89:e5:a4:d2:35:e2:7c:
                    67:e3:9d:af:bf:40:21:e0:24:c6:6a:be:04:0f:71:
                    b0:82:1d:59:01:17:3e:8d:7f:ed:73:44:d6:99:fc:
                    ca:95:de:cc:1b:4e:b5:29:e6:a2:be:7d:5d:99:f2:
                    ee:f5:0a:49:4b:88:67:d9:af:ca:11:25:77:73:aa:
                    82:ab:6a:73:cc:ba:dd:2d:04:8d:94:42:ed:22:b2:
                    01:fb:54:3f:0e:d7:86:9c:1d:eb:38:28:31:bf:c5:
                    58:eb:22:72:28:b0:c0:d2:d6:70:d8:24:1e:39:9e:
                    dc:23:f5:b6:71:b3:2d:3a:74:7e:c4:18:69:00:0f:
                    67:28:77:a3:5e:c2:c1:11:b0:0b:e2:e3:0a:5f:05:
                    30:72:af:95:3e:58:bd:ad:39:65:61:c7:a9:17:d8:
                    38:20:8d:c4:38:52:37:aa:45:e7:10:67:f7:04:a7:
                    74:e4:38:48:2b:ee:bc:4b:03:06:f3:c9:31:d4:3d:
                    9a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:DA:84:57:F4:2E:2A:10:ED:CF:23:83:52:22:D9:7A:DA:10:61:B8
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:1e:54:a6:f4:e0:d9:15:6a:a0:19:36:02:be:4f:7b:04:3a:
         52:e2:ab:7d:f3:4a:ea:a3:c9:4f:bf:70:19:f7:0d:43:f3:2d:
         9f:f4:bf:8e:44:76:fd:54:b2:c7:c4:7d:9d:3a:cc:e0:f2:1a:
         e8:b3:95:9a:01:b2:ca:49:ec:a4:34:97:c8:0e:99:a2:fb:35:
         41:ab:09:21:e1:03:75:31:eb:3a:da:b3:c2:45:2a:77:cf:50:
         db:34:89:84:9e:f0:c7:0d:fb:84:6f:28:e0:ec:82:15:f8:da:
         5c:e9:aa:78:38:ee:13:a5:ff:0c:69:e2:01:d9:25:50:2f:f2:
         2a:e6:26:5f:0d:7e:fb:93:6c:c6:a7:81:49:d5:eb:91:82:19:
         ae:c8:54:a0:83:66:d8:cb:67:21:3e:28:f4:7b:30:e3:29:2e:
         bb:00:59:3a:d9:21:9c:c5:34:cf:8f:2e:00:f9:0d:4c:a9:f1:
         6f:61:bf:11:8a:d2:ad:f8:40:ca:dc:5e:93:d4:ac:6f:ad:f1:
         f2:ca:f5:a2:34:07:f1:15:2c:4b:db:69:e7:1e:89:37:3e:5c:
         75:81:da:ff:7d:e8:34:7f:4c:21:2a:9a:b3:75:ff:f4:05:c5:
         02:fb:0c:0e:40:37:20:db:06:c7:6b:be:ae:ca:cc:70:81:2c:
         0c:4f:b2:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIb0QE1uxlSKPxwigvX+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjUwNjA4MjAwMDU0WhcNMjUwNjA5MjAwMDU0WjAzMTEwLwYDVQQD
Eyg0N2RhODQ1N2Y0MmUyYTEwZWRjZjIzODM1MjIyZDk3YWRhMTA2MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs41wQQwvae9Kivjxwo+g/zqL1fL1
Dbam++zADBpUtFgt9eEIl/68G6Lk+ZS2B9eDMiKPm6v/YUOTf9sG8UDhtZcQaYnl
pNI14nxn452vv0Ah4CTGar4ED3Gwgh1ZARc+jX/tc0TWmfzKld7MG061Keaivn1d
mfLu9QpJS4hn2a/KESV3c6qCq2pzzLrdLQSNlELtIrIB+1Q/DteGnB3rOCgxv8VY
6yJyKLDA0tZw2CQeOZ7cI/W2cbMtOnR+xBhpAA9nKHejXsLBEbAL4uMKXwUwcq+V
Pli9rTllYcepF9g4II3EOFI3qkXnEGf3BKd05DhIK+68SwMG88kx1D2auwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfahFf0LioQ7c8jg1Ii2XraEGG4MB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApB5UpvTg
2RVqoBk2Ar5PewQ6UuKrffNK6qPJT79wGfcNQ/Mtn/S/jkR2/VSyx8R9nTrM4PIa
6LOVmgGyyknspDSXyA6Zovs1QasJIeEDdTHrOtqzwkUqd89Q2zSJhJ7wxw37hG8o
4OyCFfjaXOmqeDjuE6X/DGniAdklUC/yKuYmXw1++5NsxqeBSdXrkYIZrshUoINm
2MtnIT4o9Hsw4ykuuwBZOtkhnMU0z48uAPkNTKnxb2G/EYrSrfhAytxek9Ssb63x
8sr1ojQH8RUsS9tp5x6JNz5cdYHa/33oNH9MISqas3X/9AXFAvsMDkA3INsGx2u+
rsrMcIEsDE+yYw==
-----END CERTIFICATE-----