Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          Z5JZxNCLDwnCW6jEahCfZsj+rfHS64+Og+NjsnRnl4A=
Subject key identifier:   FC:07:5B:EC:31:63:34:FF:24:09:0D:1F:34:1A:9E:96:87:22:3C:D8
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       01974F6A21F6F7889CC2671A5DBE9DFFBE61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0B2E
Signing time:             Sun 08 Jun 2025 12:00:44 +0000
Manifest this update:     Sun 08 Jun 2025 12:00:44 +0000
Manifest next update:     Mon 09 Jun 2025 12:00:44 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: yk/ZBHvBS+EhdA3VnBzQyAVCdKavwCrH65mRK1QLWBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:6a:21:f6:f7:88:9c:c2:67:1a:5d:be:9d:ff:be:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Jun  8 12:00:44 2025 GMT
            Not After : Jun  9 12:00:44 2025 GMT
        Subject: CN=fc075bec316334ff24090d1f341a9e9687223cd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f6:d4:75:3b:e8:60:14:3a:f5:60:e5:f5:e5:
                    b1:7a:cb:1c:ed:45:4e:ae:d6:d7:ae:16:76:e9:40:
                    b3:2e:e1:71:65:0a:2e:e9:97:32:a7:53:22:48:7a:
                    22:c5:b8:a0:26:f9:45:fb:7e:ba:a5:c6:f2:bb:80:
                    94:3f:fd:48:98:06:b7:24:68:5a:f9:11:00:9e:ff:
                    bd:49:15:98:af:c5:61:e1:ff:22:a8:49:dc:ca:e2:
                    ec:64:72:16:80:2d:8e:1f:6b:ff:0e:49:e2:1c:b6:
                    09:38:48:07:e0:0e:29:cd:7f:80:7e:37:44:41:e2:
                    3a:aa:d2:a6:07:3c:04:3b:49:4c:2f:37:94:77:51:
                    b1:dd:a3:8f:95:61:05:08:73:ac:b4:e4:20:65:af:
                    c5:86:35:a9:5d:22:d0:b7:06:72:b2:42:61:43:92:
                    6f:2a:8e:ee:be:dc:5a:68:a9:d2:07:14:5a:68:00:
                    16:b4:8d:67:e7:75:7f:54:22:0a:51:2c:6f:c6:84:
                    8a:e8:9f:eb:c6:d6:1d:7e:bf:2d:7d:8c:d2:69:a9:
                    fe:a6:25:e9:15:1a:92:7f:95:93:08:c0:a4:05:5a:
                    93:4c:51:3c:66:98:5c:26:2c:b5:4f:57:b7:8f:ee:
                    7c:40:9c:64:b0:2c:29:da:df:07:fa:28:e8:ec:e4:
                    03:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:07:5B:EC:31:63:34:FF:24:09:0D:1F:34:1A:9E:96:87:22:3C:D8
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:1a:8b:dc:dd:2d:53:67:99:f9:fe:e5:ec:ad:85:a9:b6:fb:
         1a:29:07:b2:1e:b6:87:cd:ac:4c:39:17:11:ba:34:c6:e3:9f:
         d7:8d:00:7f:16:80:56:6d:ce:91:30:a4:8e:ff:3c:23:df:e5:
         ff:71:ad:ea:b6:83:2d:8b:eb:e9:6c:99:73:86:ad:70:e7:23:
         ae:c2:37:a6:2b:ff:82:d9:f5:a8:25:ad:15:96:3b:db:61:1f:
         b4:89:6a:44:13:d7:1f:54:0a:f0:d5:65:5c:2b:79:ce:32:e4:
         8e:02:1f:f2:95:36:3f:f4:21:d0:06:0e:15:34:b6:9b:50:92:
         70:92:d3:08:bb:f8:a3:6a:4c:ed:13:ae:bc:81:fc:54:75:79:
         52:e6:31:11:2a:49:cd:ce:24:b0:2e:8b:eb:d5:65:c7:66:56:
         c2:d9:61:55:9c:a3:73:8d:30:69:54:1e:43:db:fc:2e:92:dd:
         96:e5:04:43:03:a5:08:45:ef:a0:92:a9:00:d7:3a:0d:cc:b1:
         c6:68:d1:34:b0:96:c5:53:81:fc:e3:2b:c9:92:2c:72:24:70:
         76:2e:f3:6e:62:97:31:dd:f0:2b:21:fa:de:89:02:23:13:62:
         11:cf:b8:f9:4c:48:34:a0:98:88:cd:ed:76:9d:58:a0:dc:7c:
         28:b9:d4:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPaiH294icwmcaXb6d/75hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjUwNjA4MTIwMDQ0WhcNMjUwNjA5MTIwMDQ0WjAzMTEwLwYDVQQD
EyhmYzA3NWJlYzMxNjMzNGZmMjQwOTBkMWYzNDFhOWU5Njg3MjIzY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/bUdTvoYBQ69WDl9eWxessc7UVO
rtbXrhZ26UCzLuFxZQou6Zcyp1MiSHoixbigJvlF+366pcbyu4CUP/1ImAa3JGha
+REAnv+9SRWYr8Vh4f8iqEncyuLsZHIWgC2OH2v/DkniHLYJOEgH4A4pzX+AfjdE
QeI6qtKmBzwEO0lMLzeUd1Gx3aOPlWEFCHOstOQgZa/FhjWpXSLQtwZyskJhQ5Jv
Ko7uvtxaaKnSBxRaaAAWtI1n53V/VCIKUSxvxoSK6J/rxtYdfr8tfYzSaan+piXp
FRqSf5WTCMCkBVqTTFE8ZphcJiy1T1e3j+58QJxksCwp2t8H+ijo7OQD7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwHW+wxYzT/JAkNHzQanpaHIjzYMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxqL3N0t
U2eZ+f7l7K2Fqbb7GikHsh62h82sTDkXEbo0xuOf140AfxaAVm3OkTCkjv88I9/l
/3Gt6raDLYvr6WyZc4atcOcjrsI3piv/gtn1qCWtFZY722EftIlqRBPXH1QK8NVl
XCt5zjLkjgIf8pU2P/Qh0AYOFTS2m1CScJLTCLv4o2pM7ROuvIH8VHV5UuYxESpJ
zc4ksC6L69Vlx2ZWwtlhVZyjc40waVQeQ9v8LpLdluUEQwOlCEXvoJKpANc6Dcyx
xmjRNLCWxVOB/OMryZIsciRwdi7zbmKXMd3wKyH63okCIxNiEc+4+UxINKCYiM3t
dp1YoNx8KLnU0g==
-----END CERTIFICATE-----