Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          ENcU8etHSLp1YSbGlgfYeaTrR+tPk9UOsmEG9Fu5jdU=
Subject key identifier:   07:4F:39:CB:BB:06:5F:66:2C:80:CE:9A:BE:27:DC:1F:6D:19:F2:08
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       01976A7338325C8237EDF993B914A367BE95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          05BA
Signing time:             Fri 13 Jun 2025 18:00:25 +0000
Manifest this update:     Fri 13 Jun 2025 18:00:25 +0000
Manifest next update:     Sat 14 Jun 2025 18:00:25 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: zlJhRd1CGwJDz0TpxbkaUk9WX/6pjQj8sKVRtQZpStk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:73:38:32:5c:82:37:ed:f9:93:b9:14:a3:67:be:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 13 18:00:25 2025 GMT
            Not After : Jun 14 18:00:25 2025 GMT
        Subject: CN=074f39cbbb065f662c80ce9abe27dc1f6d19f208
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3e:1f:f2:7e:b3:3c:53:20:58:22:6f:36:2d:
                    ec:c4:66:cb:01:63:19:bd:ba:9b:ee:90:c3:42:a8:
                    06:d5:cc:4e:03:3f:77:a8:b9:d4:f1:4c:5c:f4:7e:
                    2e:2b:05:34:e1:16:9d:a7:0c:d4:69:e6:f3:8e:a7:
                    b4:85:9f:94:e1:27:55:f7:2c:33:85:2b:4f:c0:b7:
                    6a:3e:dd:1b:1c:83:3a:85:66:39:1e:cf:46:c9:cc:
                    d0:f6:3c:c8:69:2c:c6:5f:1d:d5:09:e2:7d:11:81:
                    5f:8b:b5:f6:ec:a5:39:d7:a9:5d:75:3a:bf:23:72:
                    e9:aa:b8:11:bd:09:71:f8:bc:15:08:dc:bd:e2:a5:
                    96:76:f3:7a:34:82:be:35:3b:3c:20:6a:3d:39:cc:
                    4a:3c:93:bc:25:55:b3:d7:95:8b:f6:18:47:fe:c7:
                    65:4b:2b:30:54:60:f0:f1:34:57:1d:22:a7:84:c7:
                    74:8e:c6:df:bb:1d:3e:a9:7c:ae:5d:0f:11:0d:63:
                    64:5d:3e:01:aa:ca:e1:2a:df:88:69:6b:ec:d3:d3:
                    f1:5a:6b:03:42:11:ff:8a:b0:7f:7c:de:b1:7e:a1:
                    f4:55:a6:28:65:59:02:72:bb:82:ac:36:a6:52:1d:
                    17:b6:39:20:33:19:05:59:52:2d:84:51:2e:3e:de:
                    ff:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:4F:39:CB:BB:06:5F:66:2C:80:CE:9A:BE:27:DC:1F:6D:19:F2:08
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:f1:de:09:b6:73:a7:d8:45:5c:3a:ab:dc:2c:fb:1a:2f:b4:
         00:a5:ba:38:fc:19:82:4d:bc:4e:5f:06:97:a9:aa:cc:35:96:
         42:81:d3:a6:28:05:d9:8e:7c:3d:c6:cb:57:2f:ca:e0:4c:0e:
         f0:a5:cd:f3:ad:3a:8b:09:cd:14:41:d9:75:b5:84:0a:44:07:
         94:ed:ac:43:83:f3:d7:39:26:e5:42:e4:82:43:bd:cc:e6:b7:
         e7:d2:50:76:d6:0a:45:5d:ca:f1:44:df:8b:9a:ad:60:fc:17:
         26:7b:28:70:62:fc:b4:be:60:39:3a:d8:6b:fc:e9:fb:14:5f:
         2c:ca:2c:e6:23:96:27:e5:30:23:7a:ba:29:0c:f9:7b:d5:37:
         ba:b3:28:63:26:55:ee:c6:97:07:10:f4:44:84:66:ce:3e:a2:
         1e:69:93:b9:67:42:d8:98:4f:85:ed:08:80:21:f5:a6:97:dc:
         75:38:ff:e9:17:7d:43:2f:42:bd:0f:17:b7:2e:af:ae:64:4d:
         67:aa:10:82:39:55:6e:31:06:9a:dc:80:4f:fd:f6:19:ad:6c:
         2f:9a:2d:fc:fe:fb:95:d2:f0:ab:8a:65:83:de:c4:2d:f8:58:
         80:29:a9:1f:e5:58:a7:0e:a4:7e:f2:83:fc:ce:60:fc:72:86:
         18:01:3d:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqczgyXII37fmTuRSjZ76VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNjEzMTgwMDI1WhcNMjUwNjE0MTgwMDI1WjAzMTEwLwYDVQQD
EygwNzRmMzljYmJiMDY1ZjY2MmM4MGNlOWFiZTI3ZGMxZjZkMTlmMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT4f8n6zPFMgWCJvNi3sxGbLAWMZ
vbqb7pDDQqgG1cxOAz93qLnU8Uxc9H4uKwU04RadpwzUaebzjqe0hZ+U4SdV9ywz
hStPwLdqPt0bHIM6hWY5Hs9GyczQ9jzIaSzGXx3VCeJ9EYFfi7X27KU516lddTq/
I3LpqrgRvQlx+LwVCNy94qWWdvN6NIK+NTs8IGo9OcxKPJO8JVWz15WL9hhH/sdl
SyswVGDw8TRXHSKnhMd0jsbfux0+qXyuXQ8RDWNkXT4BqsrhKt+IaWvs09PxWmsD
QhH/irB/fN6xfqH0VaYoZVkCcruCrDamUh0XtjkgMxkFWVIthFEuPt7/oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdPOcu7Bl9mLIDOmr4n3B9tGfIIMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/HeCbZz
p9hFXDqr3Cz7Gi+0AKW6OPwZgk28Tl8Gl6mqzDWWQoHTpigF2Y58PcbLVy/K4EwO
8KXN8606iwnNFEHZdbWECkQHlO2sQ4Pz1zkm5ULkgkO9zOa359JQdtYKRV3K8UTf
i5qtYPwXJnsocGL8tL5gOTrYa/zp+xRfLMos5iOWJ+UwI3q6KQz5e9U3urMoYyZV
7saXBxD0RIRmzj6iHmmTuWdC2JhPhe0IgCH1ppfcdTj/6Rd9Qy9CvQ8Xty6vrmRN
Z6oQgjlVbjEGmtyAT/32Ga1sL5ot/P77ldLwq4plg97ELfhYgCmpH+VYpw6kfvKD
/M5g/HKGGAE9wA==
-----END CERTIFICATE-----