Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          MXIBnBdwxBg+qU65jpUgsxk/JJycCXw7TCLoJ3Zicyk=
Subject key identifier:   80:35:F3:18:C2:F1:09:6C:F8:17:B0:1E:A3:6B:39:01:71:E4:66:DD
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       01976515E729977F363E9F819068FE7FEE4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          0343
Signing time:             Thu 12 Jun 2025 17:00:23 +0000
Manifest this update:     Thu 12 Jun 2025 17:00:23 +0000
Manifest next update:     Fri 13 Jun 2025 17:00:23 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: R1+kHzGk46dCBLvooKJugCP4pLjDvBgbnl6eiQ1RsJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 15:17:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:15:e7:29:97:7f:36:3e:9f:81:90:68:fe:7f:ee:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Jun 12 17:00:23 2025 GMT
            Not After : Jun 13 17:00:23 2025 GMT
        Subject: CN=8035f318c2f1096cf817b01ea36b390171e466dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:79:9d:6c:e7:e4:7f:ad:e7:91:05:96:23:ff:
                    cf:94:07:30:8b:20:97:f8:30:1f:14:66:19:54:86:
                    ad:71:f8:94:6d:74:0d:1b:55:62:06:f4:a3:ee:6f:
                    16:90:16:63:1d:f7:3c:8b:23:1d:4b:71:d5:a3:1e:
                    17:2d:f8:17:00:dc:f6:9c:bd:fa:87:0e:83:66:8e:
                    f1:d6:85:2c:70:ed:1b:8a:5b:90:f9:7d:5c:ab:e5:
                    cb:a3:c0:12:c7:ce:ff:57:ac:6e:40:37:41:3f:f6:
                    64:22:b8:10:62:84:be:ea:11:2d:da:3f:83:a2:c1:
                    5e:92:f4:fa:4a:de:11:68:fe:6f:12:5b:44:ad:02:
                    82:76:52:0b:f0:a8:dc:ed:16:02:24:e2:ce:61:b1:
                    99:fa:42:02:7e:5d:2e:42:8e:56:a7:3a:4a:5c:ca:
                    3f:5f:93:c8:8d:59:3d:e1:57:93:af:1f:39:a9:c8:
                    23:f4:c5:0d:5b:8d:d5:6c:1e:19:71:45:ca:4c:2b:
                    77:8d:1a:9d:c3:83:49:f7:e2:ea:a3:e1:dc:02:d2:
                    5b:ba:e4:27:c1:e3:95:10:fe:14:8e:93:14:46:6f:
                    0b:1b:a6:06:e6:f6:11:d2:33:f1:9a:ea:51:9c:cf:
                    7e:1e:37:a0:78:08:2b:70:39:1a:b2:d9:cd:48:34:
                    73:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:35:F3:18:C2:F1:09:6C:F8:17:B0:1E:A3:6B:39:01:71:E4:66:DD
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:33:ec:6d:ea:03:44:27:d9:4a:24:9d:2e:32:ec:57:3d:2a:
         28:25:f0:c0:c1:29:e1:b7:91:6d:97:07:97:4a:eb:dc:21:19:
         e2:7b:ab:d7:51:8a:22:fe:e7:d0:24:80:43:49:9d:57:a2:c5:
         38:0d:41:f1:b5:a2:96:d7:6e:2a:8a:9d:fa:eb:4c:b1:d5:26:
         dd:b2:7a:f6:fb:b2:3f:15:b3:4a:fe:4a:9f:4e:9d:40:e9:a0:
         ba:fa:75:ef:ac:f9:85:f2:7b:13:b8:ad:a4:4c:49:b1:33:e5:
         24:08:4f:d1:37:0b:be:7b:11:16:50:03:e5:8e:c2:cd:59:00:
         f5:f9:3c:59:aa:8e:d6:c8:8d:11:ed:a7:e5:92:73:a5:9c:5b:
         d7:41:96:10:96:61:79:48:da:01:fd:da:d6:be:bf:6c:0e:ce:
         f0:18:a6:f4:35:8b:4e:ca:b1:ac:70:a8:e4:79:71:e5:a6:16:
         e4:15:39:39:3a:7e:40:fb:3c:dc:b7:33:29:56:4d:b0:b9:bf:
         4d:57:91:19:6e:ce:2c:0c:6f:bb:3b:b1:e4:64:74:f7:a5:13:
         47:61:a1:50:c5:d1:ba:17:b2:d2:4f:e0:b4:ec:1a:6c:29:cf:
         08:72:dd:c8:66:bb:22:17:e2:94:95:c9:3b:46:5a:4d:04:fe:
         1f:c3:d3:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlFecpl382Pp+BkGj+f+5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjUwNjEyMTcwMDIzWhcNMjUwNjEzMTcwMDIzWjAzMTEwLwYDVQQD
Eyg4MDM1ZjMxOGMyZjEwOTZjZjgxN2IwMWVhMzZiMzkwMTcxZTQ2NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43mdbOfkf63nkQWWI//PlAcwiyCX
+DAfFGYZVIatcfiUbXQNG1ViBvSj7m8WkBZjHfc8iyMdS3HVox4XLfgXANz2nL36
hw6DZo7x1oUscO0biluQ+X1cq+XLo8ASx87/V6xuQDdBP/ZkIrgQYoS+6hEt2j+D
osFekvT6St4RaP5vEltErQKCdlIL8Kjc7RYCJOLOYbGZ+kICfl0uQo5WpzpKXMo/
X5PIjVk94VeTrx85qcgj9MUNW43VbB4ZcUXKTCt3jRqdw4NJ9+Lqo+HcAtJbuuQn
weOVEP4UjpMURm8LG6YG5vYR0jPxmupRnM9+HjegeAgrcDkastnNSDRzXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIA18xjC8Qls+BewHqNrOQFx5GbdMB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTPsbeoD
RCfZSiSdLjLsVz0qKCXwwMEp4beRbZcHl0rr3CEZ4nur11GKIv7n0CSAQ0mdV6LF
OA1B8bWiltduKoqd+utMsdUm3bJ69vuyPxWzSv5Kn06dQOmguvp176z5hfJ7E7it
pExJsTPlJAhP0TcLvnsRFlAD5Y7CzVkA9fk8WaqO1siNEe2n5ZJzpZxb10GWEJZh
eUjaAf3a1r6/bA7O8Bim9DWLTsqxrHCo5Hlx5aYW5BU5OTp+QPs83LczKVZNsLm/
TVeRGW7OLAxvuzux5GR096UTR2GhUMXRuhey0k/gtOwabCnPCHLdyGa7IhfilJXJ
O0ZaTQT+H8PThA==
-----END CERTIFICATE-----