Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          P23zyNfKqSVOP+OAafBPymjpPri9YE6WAt2VHMxYlmQ=
Subject key identifier:   98:1D:52:F4:2E:4E:3A:0A:93:23:F8:F6:3C:DB:64:0B:F6:7D:9C:CE
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       01976D3E30DD70D277F0202BD96E616AB482
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0579
Signing time:             Sat 14 Jun 2025 07:01:21 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:21 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:21 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: 5Whr/Lr2ZampBtsH+TWHFGlj3IsZAKR+YOUJZK9fgRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:30:dd:70:d2:77:f0:20:2b:d9:6e:61:6a:b4:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 14 07:01:21 2025 GMT
            Not After : Jun 15 07:01:21 2025 GMT
        Subject: CN=981d52f42e4e3a0a9323f8f63cdb640bf67d9cce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8e:dc:74:d8:f5:18:e5:cb:3c:0f:d9:97:f5:
                    80:d3:4c:43:42:13:67:a8:18:d3:8b:d1:9b:a8:3d:
                    58:c4:c9:82:f7:d4:f1:33:33:84:da:56:01:57:9e:
                    45:55:38:84:19:15:4b:16:29:7b:b9:a8:52:2a:66:
                    80:35:56:90:bf:27:e7:a8:90:e3:bd:63:9e:0f:52:
                    06:91:e0:74:2d:7e:1f:be:96:ac:35:de:77:28:64:
                    53:d7:cf:d5:8a:f6:89:90:22:b5:00:9d:39:75:98:
                    6b:1c:e7:9d:17:5b:cc:92:37:25:1a:50:56:01:af:
                    65:43:7b:2a:a7:c9:b3:80:7e:9a:94:79:cf:ce:cc:
                    71:28:93:04:c7:03:e3:3f:48:c3:dc:2a:5d:b4:3d:
                    47:48:44:51:8e:91:17:85:cb:9a:8a:f1:43:7a:ad:
                    b1:35:16:9f:20:ae:fe:19:5a:27:74:f5:ec:7f:a6:
                    a8:50:96:11:f4:86:8f:57:62:32:4d:b4:6c:8a:40:
                    61:bb:1d:f2:07:3b:d2:ea:ab:2a:a7:36:8b:9a:17:
                    c0:cc:cb:f7:fc:da:f3:a9:a3:6c:e3:8f:d1:89:c3:
                    28:eb:ab:13:4f:02:c1:5a:45:15:ab:32:4b:c2:64:
                    be:8d:7a:2f:90:44:af:79:63:0b:3f:13:e8:2f:0b:
                    7e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:1D:52:F4:2E:4E:3A:0A:93:23:F8:F6:3C:DB:64:0B:F6:7D:9C:CE
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:3a:d1:88:fa:d7:13:c2:f5:49:c3:88:5c:c5:89:f9:41:2d:
         ab:04:3d:71:24:24:4e:19:05:cd:44:9e:58:40:58:cc:9c:94:
         88:a5:cf:55:18:92:7f:38:6a:12:c4:0e:bf:8c:5a:7d:b0:51:
         1e:aa:7f:ea:1c:56:4f:a6:a3:73:e9:0d:44:10:c2:5e:01:52:
         6f:92:64:68:9a:e1:b9:5e:8c:a1:13:75:14:83:ac:25:3c:ea:
         0d:b6:0a:1d:91:64:55:85:01:60:6f:32:5e:90:55:c5:d1:4b:
         0f:03:d6:71:bc:34:7e:0c:08:fd:73:ca:90:73:62:63:3e:1d:
         80:da:4d:2a:c1:a6:dc:6a:a9:ec:fd:64:ad:c6:a9:7e:c2:ea:
         77:e1:f8:ba:75:f8:2b:db:91:96:47:db:e4:ec:f7:68:f1:af:
         d9:bc:07:79:13:d8:7c:54:5e:38:0b:f9:1f:81:87:01:94:ba:
         ad:ed:b5:0a:ec:72:2b:c9:cb:eb:4b:12:69:2c:72:ef:53:66:
         49:0b:95:03:32:90:0b:37:c7:a8:54:92:39:f5:6e:89:ae:08:
         09:ef:15:7a:9c:f6:63:05:55:08:16:31:68:5c:3e:62:dc:8e:
         b3:8c:54:90:67:08:c7:f5:15:13:16:50:31:e3:bf:a2:af:8b:
         bf:8f:f5:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPjDdcNJ38CAr2W5harSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjE0MDcwMTIxWhcNMjUwNjE1MDcwMTIxWjAzMTEwLwYDVQQD
Eyg5ODFkNTJmNDJlNGUzYTBhOTMyM2Y4ZjYzY2RiNjQwYmY2N2Q5Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp47cdNj1GOXLPA/Zl/WA00xDQhNn
qBjTi9GbqD1YxMmC99TxMzOE2lYBV55FVTiEGRVLFil7uahSKmaANVaQvyfnqJDj
vWOeD1IGkeB0LX4fvpasNd53KGRT18/VivaJkCK1AJ05dZhrHOedF1vMkjclGlBW
Aa9lQ3sqp8mzgH6alHnPzsxxKJMExwPjP0jD3CpdtD1HSERRjpEXhcuaivFDeq2x
NRafIK7+GVondPXsf6aoUJYR9IaPV2IyTbRsikBhux3yBzvS6qsqpzaLmhfAzMv3
/NrzqaNs44/RicMo66sTTwLBWkUVqzJLwmS+jXovkESveWMLPxPoLwt+pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgdUvQuTjoKkyP49jzbZAv2fZzOMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTrRiPrX
E8L1ScOIXMWJ+UEtqwQ9cSQkThkFzUSeWEBYzJyUiKXPVRiSfzhqEsQOv4xafbBR
Hqp/6hxWT6ajc+kNRBDCXgFSb5JkaJrhuV6MoRN1FIOsJTzqDbYKHZFkVYUBYG8y
XpBVxdFLDwPWcbw0fgwI/XPKkHNiYz4dgNpNKsGm3Gqp7P1krcapfsLqd+H4unX4
K9uRlkfb5Oz3aPGv2bwHeRPYfFReOAv5H4GHAZS6re21CuxyK8nL60sSaSxy71Nm
SQuVAzKQCzfHqFSSOfVuia4ICe8Vepz2YwVVCBYxaFw+YtyOs4xUkGcIx/UVExZQ
MeO/oq+Lv4/17A==
-----END CERTIFICATE-----