Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          Nb+j9oSNy35WJkidD5iNz3YWL8QG5TUmJwrmIGvMfB4=
Subject key identifier:   04:41:81:E6:8F:06:7F:FA:01:77:CA:17:AE:6E:FA:9D:82:B0:E3:2C
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       019759803388C22F9858FA88133BD61B3EEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          033D
Signing time:             Tue 10 Jun 2025 11:01:03 +0000
Manifest this update:     Tue 10 Jun 2025 11:01:03 +0000
Manifest next update:     Wed 11 Jun 2025 11:01:03 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: 1qbuPBotk3vxAOfjUf6/d4M3x3v6c1o6Be7R2P+QGLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:80:33:88:c2:2f:98:58:fa:88:13:3b:d6:1b:3e:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Jun 10 11:01:03 2025 GMT
            Not After : Jun 11 11:01:03 2025 GMT
        Subject: CN=044181e68f067ffa0177ca17ae6efa9d82b0e32c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:14:7f:c6:07:8f:2b:a7:a0:5c:e3:ac:22:f1:
                    65:3e:1d:1c:c8:83:57:b9:bf:6c:cc:3f:0a:4a:c5:
                    e8:36:45:6a:51:24:58:6b:a6:d4:1d:f0:3c:73:74:
                    51:06:bb:91:7d:bc:9b:f7:6e:d0:4a:e4:ba:32:bc:
                    ed:db:a6:55:6e:b1:fc:30:f3:d6:4d:cf:75:dc:b0:
                    06:0a:6b:e0:73:60:c1:6a:cf:36:28:16:70:9d:6e:
                    d2:e3:fb:c4:38:c9:5b:04:74:c3:75:94:47:19:b4:
                    91:f2:97:5b:de:03:76:30:69:dd:63:d7:f3:42:ee:
                    dd:8f:ff:88:cd:d7:10:7b:04:09:3a:1d:5c:bb:b1:
                    57:ab:3d:ee:f0:4e:43:bb:3c:e0:d6:36:77:77:44:
                    c8:52:16:d0:23:93:b7:69:25:0f:95:ee:fc:41:3d:
                    98:27:98:09:d9:8f:18:10:14:45:80:16:76:01:8d:
                    29:d8:53:fe:1f:46:0b:9d:98:3d:03:23:b8:cf:f4:
                    3e:5a:2f:42:af:31:99:41:1f:d5:d2:22:00:25:bf:
                    8f:fd:3b:aa:3e:ef:87:7a:f9:6a:74:25:b2:55:08:
                    31:22:53:e3:3b:17:91:9b:48:53:0b:2f:43:f6:fc:
                    27:8c:88:6f:7f:38:6c:31:e1:c2:b7:e0:c6:b8:e4:
                    f4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:41:81:E6:8F:06:7F:FA:01:77:CA:17:AE:6E:FA:9D:82:B0:E3:2C
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:7c:49:9b:87:05:96:ff:a6:50:ef:1e:d0:d3:d8:1f:bd:01:
         c9:d3:cd:0f:92:02:c3:26:09:3b:9c:cb:54:06:09:03:a9:10:
         dd:85:94:8b:b8:1a:6e:58:55:14:f4:cc:2f:d3:e1:ab:95:1a:
         f4:d4:2b:71:2a:b4:18:e2:a6:c4:ea:53:98:50:35:c5:37:2f:
         c9:31:44:e9:66:48:1c:11:21:d9:11:69:9d:34:be:a7:e9:19:
         00:1a:40:72:de:ae:3b:85:51:fe:2e:86:24:2b:bb:61:98:34:
         c0:90:20:1f:fd:25:a4:0a:3b:32:d2:6a:06:46:a7:ed:4e:b0:
         ea:98:f0:fb:c3:56:23:88:c6:e2:8c:84:63:e2:60:c8:fe:fe:
         d5:9a:d6:aa:44:ff:ec:f9:cd:3f:1c:68:45:9a:72:ac:9f:45:
         d2:05:7d:b1:bf:4c:06:04:c1:a9:fb:76:4d:c5:36:18:4f:ee:
         c7:24:ea:42:1c:b7:69:71:68:4c:dc:16:19:f8:7c:b7:e7:ae:
         99:19:d2:93:a6:6d:d1:28:c8:fc:47:72:cf:6f:de:db:72:b5:
         13:1c:66:b5:a9:65:37:4a:1c:b5:8c:83:41:c7:a3:98:90:e5:
         fd:0d:ea:34:98:77:0c:c4:ee:d8:ca:12:33:c0:f7:cd:3f:4a:
         24:69:29:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZgDOIwi+YWPqIEzvWGz7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjUwNjEwMTEwMTAzWhcNMjUwNjExMTEwMTAzWjAzMTEwLwYDVQQD
EygwNDQxODFlNjhmMDY3ZmZhMDE3N2NhMTdhZTZlZmE5ZDgyYjBlMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRR/xgePK6egXOOsIvFlPh0cyINX
ub9szD8KSsXoNkVqUSRYa6bUHfA8c3RRBruRfbyb927QSuS6Mrzt26ZVbrH8MPPW
Tc913LAGCmvgc2DBas82KBZwnW7S4/vEOMlbBHTDdZRHGbSR8pdb3gN2MGndY9fz
Qu7dj/+IzdcQewQJOh1cu7FXqz3u8E5Duzzg1jZ3d0TIUhbQI5O3aSUPle78QT2Y
J5gJ2Y8YEBRFgBZ2AY0p2FP+H0YLnZg9AyO4z/Q+Wi9CrzGZQR/V0iIAJb+P/Tuq
Pu+HevlqdCWyVQgxIlPjOxeRm0hTCy9D9vwnjIhvfzhsMeHCt+DGuOT07QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARBgeaPBn/6AXfKF65u+p2CsOMsMB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3xJm4cF
lv+mUO8e0NPYH70BydPND5ICwyYJO5zLVAYJA6kQ3YWUi7gablhVFPTML9Phq5Ua
9NQrcSq0GOKmxOpTmFA1xTcvyTFE6WZIHBEh2RFpnTS+p+kZABpAct6uO4VR/i6G
JCu7YZg0wJAgH/0lpAo7MtJqBkan7U6w6pjw+8NWI4jG4oyEY+JgyP7+1ZrWqkT/
7PnNPxxoRZpyrJ9F0gV9sb9MBgTBqft2TcU2GE/uxyTqQhy3aXFoTNwWGfh8t+eu
mRnSk6Zt0SjI/Edyz2/e23K1ExxmtallN0octYyDQcejmJDl/Q3qNJh3DMTu2MoS
M8D3zT9KJGkpEA==
-----END CERTIFICATE-----