Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          GUg/zr65sLFxXIeVGtZWDB/iV1Dj0dOFtz5awwD0jv0=
Subject key identifier:   F9:B1:4E:34:44:9E:CB:1A:6E:62:A3:B0:AD:04:BF:C0:C8:DD:37:04
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019769619FF45984D1339D58A80EF322BD6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0577
Signing time:             Fri 13 Jun 2025 13:01:34 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:34 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:34 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: E9R2BZ4sijG2vGiAgbhhr9Ezb6JWqrzqKps9C0BrIeM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:9f:f4:59:84:d1:33:9d:58:a8:0e:f3:22:bd:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 13 13:01:34 2025 GMT
            Not After : Jun 14 13:01:34 2025 GMT
        Subject: CN=f9b14e34449ecb1a6e62a3b0ad04bfc0c8dd3704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7e:8b:b0:6a:f2:27:06:04:8c:5e:d5:17:5d:
                    c1:e0:1d:15:f3:59:18:ed:e2:a9:65:61:8c:fa:01:
                    96:e5:3f:e4:fc:bc:ec:3e:8d:bf:80:01:de:64:b6:
                    03:6d:5f:85:05:41:d1:39:f6:f4:0e:d8:9d:f0:e3:
                    d9:d1:00:ca:4e:7a:9e:d6:c8:bc:98:64:57:d3:c2:
                    2b:bf:68:09:b7:84:0c:eb:1d:c5:2b:08:a0:07:73:
                    d6:cc:01:59:2d:20:7d:d4:4c:b8:2f:09:7c:f8:1d:
                    7c:bb:1b:ff:d5:4a:3f:c7:11:2e:cb:b8:d3:f8:5f:
                    b0:da:36:83:04:f6:f1:a6:1e:1f:c7:ae:43:59:56:
                    1d:f6:3d:e1:0f:93:1e:67:3e:b1:8d:79:d7:ef:92:
                    18:c1:b3:90:4d:27:64:99:21:6f:d2:ac:1e:91:cb:
                    c9:c7:92:74:8b:06:72:74:7a:cd:60:a5:f1:38:dd:
                    e2:8a:bf:9e:27:ed:07:3b:0d:e3:01:fb:9c:67:b9:
                    70:c1:38:bb:f2:a0:0f:fc:8c:61:76:fe:82:e5:8c:
                    19:93:4a:20:0d:60:33:97:43:48:6c:16:5f:8a:f8:
                    78:ac:e2:57:63:51:dd:50:9a:e2:49:74:54:53:88:
                    ae:b2:89:c2:4e:aa:4c:51:80:cd:5c:73:3b:c7:2a:
                    e5:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:B1:4E:34:44:9E:CB:1A:6E:62:A3:B0:AD:04:BF:C0:C8:DD:37:04
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:1c:64:26:49:6c:70:67:0e:0d:88:28:0c:50:8e:4a:28:f6:
         19:97:7d:f5:87:fb:ed:38:b3:27:3f:fe:ab:a4:70:3c:d0:37:
         f5:c3:1b:c1:5f:74:08:10:c5:8e:54:df:56:53:f3:07:5d:e6:
         2c:a2:01:90:a6:ec:90:ca:b2:9b:bd:9a:b7:8a:36:a9:07:e1:
         b8:01:8a:54:05:93:59:85:7c:f5:ba:5f:d0:d6:8f:e3:af:88:
         74:4e:46:d0:10:33:d5:b2:15:88:d2:67:4c:62:ee:2f:02:3d:
         ab:4c:f3:eb:fc:1e:14:4e:b6:86:c9:2d:d8:a6:6a:14:77:40:
         1a:9a:bb:4e:da:ed:9c:ba:1d:51:50:84:95:5a:70:5c:e7:be:
         41:52:3a:b0:e4:a2:7e:fb:3b:f1:fd:7c:be:0e:ac:93:95:70:
         e5:84:1f:bd:3b:f1:6d:b9:33:ad:48:0a:20:5a:0f:7f:0d:bd:
         ed:a4:d4:77:d9:e3:48:d5:bc:fe:e9:80:61:f8:fe:25:65:e6:
         79:0c:c3:aa:4d:59:c3:16:f1:6a:54:88:dc:42:81:70:dd:fb:
         c3:05:7a:29:01:cf:f6:31:e9:fb:95:32:49:19:f9:33:3e:34:
         b5:d3:58:48:a5:5b:e5:af:22:2e:70:99:b1:82:15:53:2a:11:
         55:b0:a8:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYZ/0WYTRM51YqA7zIr1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjEzMTMwMTM0WhcNMjUwNjE0MTMwMTM0WjAzMTEwLwYDVQQD
EyhmOWIxNGUzNDQ0OWVjYjFhNmU2MmEzYjBhZDA0YmZjMGM4ZGQzNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu36LsGryJwYEjF7VF13B4B0V81kY
7eKpZWGM+gGW5T/k/LzsPo2/gAHeZLYDbV+FBUHROfb0Dtid8OPZ0QDKTnqe1si8
mGRX08Irv2gJt4QM6x3FKwigB3PWzAFZLSB91Ey4Lwl8+B18uxv/1Uo/xxEuy7jT
+F+w2jaDBPbxph4fx65DWVYd9j3hD5MeZz6xjXnX75IYwbOQTSdkmSFv0qwekcvJ
x5J0iwZydHrNYKXxON3iir+eJ+0HOw3jAfucZ7lwwTi78qAP/Ixhdv6C5YwZk0og
DWAzl0NIbBZfivh4rOJXY1HdUJriSXRUU4iusonCTqpMUYDNXHM7xyrlnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmxTjREnssabmKjsK0Ev8DI3TcEMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxxkJkls
cGcODYgoDFCOSij2GZd99Yf77TizJz/+q6RwPNA39cMbwV90CBDFjlTfVlPzB13m
LKIBkKbskMqym72at4o2qQfhuAGKVAWTWYV89bpf0NaP46+IdE5G0BAz1bIViNJn
TGLuLwI9q0zz6/weFE62hskt2KZqFHdAGpq7TtrtnLodUVCElVpwXOe+QVI6sOSi
fvs78f18vg6sk5Vw5YQfvTvxbbkzrUgKIFoPfw297aTUd9njSNW8/umAYfj+JWXm
eQzDqk1ZwxbxalSI3EKBcN37wwV6KQHP9jHp+5UySRn5Mz40tdNYSKVb5a8iLnCZ
sYIVUyoRVbCokQ==
-----END CERTIFICATE-----