Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          PkryTrp7GH6gBkyiNuZWAE+9agrUs+PqOInmzyNdW9k=
Subject key identifier:   5A:FC:DE:96:1F:E4:06:88:DA:81:0C:51:26:C3:32:AB:5B:D1:67:EF
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       019755A3532E5B6F518A9459F33BB5F81A43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          033B
Signing time:             Mon 09 Jun 2025 17:00:56 +0000
Manifest this update:     Mon 09 Jun 2025 17:00:56 +0000
Manifest next update:     Tue 10 Jun 2025 17:00:56 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: hfWnZW52ffS19Dtr2BeyF64vm4zaFxdL9GdbCHzDVm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:a3:53:2e:5b:6f:51:8a:94:59:f3:3b:b5:f8:1a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Jun  9 17:00:56 2025 GMT
            Not After : Jun 10 17:00:56 2025 GMT
        Subject: CN=5afcde961fe40688da810c5126c332ab5bd167ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4f:53:57:57:5c:28:a4:77:48:d7:06:3e:52:
                    84:1c:cc:37:60:dd:e6:c9:33:48:23:30:7a:68:1d:
                    3d:68:24:51:df:48:3d:8e:d5:63:45:cd:6b:65:50:
                    c3:8a:cb:52:10:40:d4:38:92:62:40:1e:d7:86:63:
                    d0:6a:25:d9:53:78:82:43:fc:57:27:bd:96:56:2f:
                    75:3d:42:1a:1f:83:21:fa:cb:fd:80:fe:16:46:df:
                    49:ee:37:a3:4e:9b:e8:9e:96:da:a7:61:5e:45:49:
                    43:2f:dd:9d:35:5c:4f:a6:de:af:0f:8d:62:11:ca:
                    55:01:97:51:dd:59:91:00:7e:56:a4:1b:b6:74:94:
                    82:f1:4b:a0:6e:47:fe:7a:ae:f0:a6:bd:b6:4d:3e:
                    6b:4f:ee:95:d8:06:64:2f:38:e9:72:b6:8b:16:53:
                    c1:9e:05:e9:4e:fc:92:2c:51:5e:c1:03:2e:2d:fa:
                    ae:6b:76:f4:ab:43:d8:c6:ed:a7:59:e7:bc:b2:d2:
                    0d:96:45:b7:ba:f5:6e:c2:e9:35:e9:de:45:e4:42:
                    3a:79:99:be:88:76:36:d4:f4:01:4a:3c:f2:5c:83:
                    1d:33:f9:44:4b:f7:44:f3:3c:8c:58:26:71:42:26:
                    95:8e:02:5a:c0:d6:74:21:a2:80:86:8f:9b:40:e0:
                    b2:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:FC:DE:96:1F:E4:06:88:DA:81:0C:51:26:C3:32:AB:5B:D1:67:EF
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:7b:72:79:a0:ed:de:e8:61:9c:f7:5d:a7:ce:cd:c5:a2:c6:
         9c:3c:4f:b8:be:ed:bd:f0:23:8d:e9:f7:37:22:6d:ea:a6:ec:
         53:e4:42:f0:2b:a5:24:73:fc:bd:e4:71:a0:bc:e4:81:cd:d4:
         ff:f0:1e:e5:ce:d6:4a:b6:9d:dd:bf:e8:0c:0c:62:16:53:d7:
         75:85:8f:38:01:ad:bf:8e:cb:e2:c8:f7:5f:39:bb:11:d9:2e:
         de:2b:4d:c3:17:34:be:41:46:5a:d3:f4:e5:a0:2b:59:cf:fd:
         a3:1a:3e:94:84:53:f6:2c:2a:7c:47:22:61:39:8f:f0:8c:ec:
         bf:f5:8b:6a:a8:29:72:55:cc:f2:ff:53:df:79:ae:40:e2:f2:
         ec:a8:8d:be:7b:8f:43:14:51:ad:88:a1:4f:ff:1d:e3:34:cf:
         fd:c7:70:3e:41:b2:95:07:18:41:bf:41:0d:35:de:9c:9c:ae:
         da:bc:1f:62:c0:ac:89:82:0e:bb:df:50:04:2c:b9:55:0f:80:
         4c:5a:cf:4f:2b:e1:d4:96:9e:a1:43:f4:57:b1:38:2b:4b:6c:
         b6:25:76:b0:ea:05:f6:dc:ed:ae:64:d2:a2:86:34:9e:a5:36:
         de:c3:91:31:cd:1e:fa:ee:5c:05:45:34:e0:2b:9b:02:1b:79:
         d1:01:89:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVo1MuW29RipRZ8zu1+BpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjUwNjA5MTcwMDU2WhcNMjUwNjEwMTcwMDU2WjAzMTEwLwYDVQQD
Eyg1YWZjZGU5NjFmZTQwNjg4ZGE4MTBjNTEyNmMzMzJhYjViZDE2N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U9TV1dcKKR3SNcGPlKEHMw3YN3m
yTNIIzB6aB09aCRR30g9jtVjRc1rZVDDistSEEDUOJJiQB7XhmPQaiXZU3iCQ/xX
J72WVi91PUIaH4Mh+sv9gP4WRt9J7jejTpvonpbap2FeRUlDL92dNVxPpt6vD41i
EcpVAZdR3VmRAH5WpBu2dJSC8Uugbkf+eq7wpr22TT5rT+6V2AZkLzjpcraLFlPB
ngXpTvySLFFewQMuLfqua3b0q0PYxu2nWee8stINlkW3uvVuwuk16d5F5EI6eZm+
iHY21PQBSjzyXIMdM/lES/dE8zyMWCZxQiaVjgJawNZ0IaKAho+bQOCygwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFr83pYf5AaI2oEMUSbDMqtb0WfvMB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwHtyeaDt
3uhhnPddp87NxaLGnDxPuL7tvfAjjen3NyJt6qbsU+RC8CulJHP8veRxoLzkgc3U
//Ae5c7WSrad3b/oDAxiFlPXdYWPOAGtv47L4sj3Xzm7Edku3itNwxc0vkFGWtP0
5aArWc/9oxo+lIRT9iwqfEciYTmP8Izsv/WLaqgpclXM8v9T33muQOLy7KiNvnuP
QxRRrYihT/8d4zTP/cdwPkGylQcYQb9BDTXenJyu2rwfYsCsiYIOu99QBCy5VQ+A
TFrPTyvh1JaeoUP0V7E4K0tstiV2sOoF9tztrmTSooY0nqU23sORMc0e+u5cBUU0
4CubAht50QGJrw==
-----END CERTIFICATE-----