Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          KnsiMNt4vEMwVok0A9x804bG+Y2Mni2Gm7PaXcwbAaA=
Subject key identifier:   5B:A7:BF:8A:F7:A0:97:94:17:6D:54:33:44:17:FC:18:D5:7E:69:1E
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       01975800A501ECD6DA0BF8B875764300E880
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          056E
Signing time:             Tue 10 Jun 2025 04:02:06 +0000
Manifest this update:     Tue 10 Jun 2025 04:02:06 +0000
Manifest next update:     Wed 11 Jun 2025 04:02:06 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: aqVkmHFjVipFPZEBvc/sBBaT8bxgoU3zKPCowu+3o3w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:a5:01:ec:d6:da:0b:f8:b8:75:76:43:00:e8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 10 04:02:06 2025 GMT
            Not After : Jun 11 04:02:06 2025 GMT
        Subject: CN=5ba7bf8af7a09794176d54334417fc18d57e691e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ff:ce:6d:b1:0f:1f:63:1c:4f:f9:02:72:91:
                    ec:d4:02:a9:3b:94:ea:5c:b0:21:41:d4:c6:c1:3b:
                    15:69:41:8e:70:cf:b0:91:7e:67:11:f1:bd:1b:55:
                    c0:b4:c3:26:ff:1f:01:2f:5a:fe:93:05:b3:2b:5c:
                    42:57:cd:e8:b9:4f:3a:ee:fa:fd:ac:79:3f:b1:58:
                    69:a2:38:40:19:78:bf:9d:66:dd:f3:ad:07:f1:3b:
                    55:36:56:9e:07:0e:6b:ee:a4:5b:18:19:0d:02:0d:
                    d1:67:91:69:c4:3f:29:bc:9d:12:c8:14:cf:93:63:
                    6b:6f:ed:dd:ac:b7:2a:c0:48:c1:84:1f:37:7f:f3:
                    2e:00:6e:1f:f6:31:f5:f6:8b:2a:c5:79:0c:17:f8:
                    e6:80:1c:f9:35:08:c6:2b:7c:43:61:11:c9:e1:c1:
                    8d:76:60:1f:bf:47:d8:e8:81:a6:f8:ca:98:13:2f:
                    6a:44:05:ef:2c:66:2a:3c:d5:25:47:92:61:be:12:
                    84:16:1d:09:33:57:ab:6b:52:df:46:05:94:0a:96:
                    60:07:ec:42:9d:df:26:18:db:38:d2:75:dc:0a:ca:
                    3c:57:73:96:e8:9b:84:64:72:7e:1b:2e:57:b1:e2:
                    76:65:ef:84:1b:c2:a7:98:c6:c4:ee:64:45:4b:77:
                    c9:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A7:BF:8A:F7:A0:97:94:17:6D:54:33:44:17:FC:18:D5:7E:69:1E
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:1a:57:16:1b:40:3c:88:18:8e:a2:40:41:e3:de:32:65:b4:
         cc:af:96:b5:5c:86:98:76:c3:95:4b:8d:22:6c:19:7c:7e:da:
         82:81:d8:9d:db:29:b6:1b:5d:ed:2e:5a:4f:76:42:bb:98:30:
         b6:37:9c:71:6d:c0:0f:b6:61:fe:a4:52:f0:0b:6f:1a:d7:7a:
         40:a1:26:93:02:cc:42:86:7b:8e:22:b6:11:1b:f0:90:51:0e:
         78:a9:31:1c:5b:e6:7c:76:23:8f:47:19:d9:3d:84:4c:e2:21:
         dd:46:3f:dc:20:93:39:d1:6a:ae:97:b8:bd:2f:bd:f0:e0:a8:
         d2:34:e7:24:7d:7d:bd:68:7e:c1:30:dd:b8:15:6a:4f:c4:60:
         b7:9e:4e:4e:d8:df:c8:f5:cb:27:89:90:a4:01:87:e5:bb:6e:
         28:43:84:9e:a9:4c:49:bf:1c:6f:96:cc:a0:a1:df:31:67:9f:
         dd:1a:97:8b:76:be:12:ac:b9:c0:6a:04:c8:4e:05:08:9a:d8:
         a7:e6:b7:a9:74:9d:4b:c2:1e:68:5f:cb:00:69:33:b1:b5:51:
         90:6f:29:28:d0:4e:f3:87:9b:ab:0f:0f:ef:7f:83:03:54:9b:
         7e:6b:df:c5:23:9e:eb:9f:5a:25:9a:1e:fe:1a:8d:dc:19:f9:
         34:5d:4c:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYAKUB7NbaC/i4dXZDAOiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjEwMDQwMjA2WhcNMjUwNjExMDQwMjA2WjAzMTEwLwYDVQQD
Eyg1YmE3YmY4YWY3YTA5Nzk0MTc2ZDU0MzM0NDE3ZmMxOGQ1N2U2OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf/ObbEPH2McT/kCcpHs1AKpO5Tq
XLAhQdTGwTsVaUGOcM+wkX5nEfG9G1XAtMMm/x8BL1r+kwWzK1xCV83ouU867vr9
rHk/sVhpojhAGXi/nWbd860H8TtVNlaeBw5r7qRbGBkNAg3RZ5FpxD8pvJ0SyBTP
k2Nrb+3drLcqwEjBhB83f/MuAG4f9jH19osqxXkMF/jmgBz5NQjGK3xDYRHJ4cGN
dmAfv0fY6IGm+MqYEy9qRAXvLGYqPNUlR5JhvhKEFh0JM1era1LfRgWUCpZgB+xC
nd8mGNs40nXcCso8V3OW6JuEZHJ+Gy5XseJ2Ze+EG8KnmMbE7mRFS3fJRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFunv4r3oJeUF21UM0QX/BjVfmkeMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhpXFhtA
PIgYjqJAQePeMmW0zK+WtVyGmHbDlUuNImwZfH7agoHYndspthtd7S5aT3ZCu5gw
tjeccW3AD7Zh/qRS8AtvGtd6QKEmkwLMQoZ7jiK2ERvwkFEOeKkxHFvmfHYjj0cZ
2T2ETOIh3UY/3CCTOdFqrpe4vS+98OCo0jTnJH19vWh+wTDduBVqT8Rgt55OTtjf
yPXLJ4mQpAGH5btuKEOEnqlMSb8cb5bMoKHfMWef3RqXi3a+Eqy5wGoEyE4FCJrY
p+a3qXSdS8IeaF/LAGkzsbVRkG8pKNBO84ebqw8P73+DA1SbfmvfxSOe659aJZoe
/hqN3Bn5NF1Mlg==
-----END CERTIFICATE-----