Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          qCrVdxkBpCTab8WtlcGAtlXwzYiuFT8Oqcah0Pxfo4Y=
Subject key identifier:   98:A3:67:02:6B:49:E4:FC:B5:60:4D:84:4B:C2:69:23:C1:AE:AB:6A
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       019766CD46EA18DA20CC360A57825CFC451E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          1588
Signing time:             Fri 13 Jun 2025 01:00:18 +0000
Manifest this update:     Fri 13 Jun 2025 01:00:18 +0000
Manifest next update:     Sat 14 Jun 2025 01:00:18 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: uka7esWK7Il/kzP4BxGKUJlf9wjJb9oj5MyGubsn0yk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 01:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:cd:46:ea:18:da:20:cc:36:0a:57:82:5c:fc:45:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Jun 13 01:00:18 2025 GMT
            Not After : Jun 14 01:00:18 2025 GMT
        Subject: CN=98a367026b49e4fcb5604d844bc26923c1aeab6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a2:b4:80:3e:10:58:c7:24:e0:40:1b:ce:3e:
                    50:7e:5c:85:e3:79:1f:93:2d:04:c9:72:12:2f:8c:
                    1d:2a:8c:ab:48:ba:f7:73:2f:38:38:0a:91:e3:df:
                    2b:64:74:93:af:34:ea:f1:9d:7e:b4:c5:a5:5f:9d:
                    3a:62:a5:da:cb:bd:1c:46:b8:4e:d0:46:5c:27:b8:
                    f7:ae:67:d3:ed:b9:20:0b:9f:a0:42:50:0c:be:51:
                    ab:f0:d0:c1:c0:99:cb:89:f0:1b:d1:4a:31:fa:23:
                    35:68:c6:5a:0f:13:dc:cc:a4:22:6a:6b:5d:ac:b1:
                    a3:87:2d:c0:21:6a:80:47:db:1c:f7:b7:b2:65:35:
                    9c:54:04:f7:ae:a7:42:36:c8:93:0b:50:da:3a:c8:
                    cf:3d:d4:9a:f9:97:b7:3c:8d:15:50:0d:38:8b:2b:
                    73:d2:96:2f:08:0a:11:6d:c3:7d:54:e6:94:af:62:
                    6b:60:b0:99:00:7b:67:0d:68:80:6a:a0:b3:b2:34:
                    1c:a9:5b:b7:bc:38:35:a9:89:69:2d:d3:08:48:00:
                    cb:3f:d6:a8:dd:b0:4d:05:05:3b:fb:57:fc:34:50:
                    d6:c9:27:9e:cf:30:12:7d:41:a7:89:f5:02:e5:55:
                    e0:08:04:bb:c4:14:da:7b:83:bc:ff:a0:4a:70:cc:
                    7a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A3:67:02:6B:49:E4:FC:B5:60:4D:84:4B:C2:69:23:C1:AE:AB:6A
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:f5:2b:c6:e2:8c:0b:28:03:1e:33:e9:39:fe:4d:6f:2e:8b:
         cc:4c:80:63:35:03:07:22:ad:99:f4:bd:4c:93:bb:a0:7e:3f:
         f0:98:36:25:76:40:b4:4c:1a:43:e3:36:b3:08:53:dd:09:d8:
         25:22:7b:cf:6f:23:66:c3:c4:80:5f:9f:5f:02:cf:2b:ea:ba:
         8a:47:17:60:5f:55:be:f2:e2:1f:90:db:78:de:55:38:fc:51:
         0f:cd:ed:3a:69:2d:34:2e:4a:18:cb:63:89:fa:fc:74:c3:43:
         2f:33:18:97:2d:9a:d2:5d:e8:37:c5:2d:df:19:6d:af:fc:cd:
         38:97:1e:03:5a:1a:c4:f9:9f:ba:be:cb:71:b6:61:6c:76:98:
         d1:5c:72:81:ec:9c:e0:ed:d9:e0:46:52:5a:9e:92:41:23:9b:
         1a:2f:1b:a8:b9:c4:46:84:a0:74:96:36:d1:e4:cd:31:2a:da:
         08:21:c8:73:ac:22:5d:ba:e8:4d:e3:ff:09:09:cd:e7:3e:8d:
         71:ed:b4:50:bb:c4:57:c5:92:bc:11:84:83:c9:83:07:cf:de:
         68:26:8f:c2:db:8c:7e:c3:f3:6c:44:79:08:1f:ee:9f:a6:66:
         42:86:dd:80:c7:d5:3d:7d:4b:a9:34:0b:b6:27:0b:4e:55:17:
         28:13:61:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmzUbqGNogzDYKV4Jc/EUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwNjEzMDEwMDE4WhcNMjUwNjE0MDEwMDE4WjAzMTEwLwYDVQQD
Eyg5OGEzNjcwMjZiNDllNGZjYjU2MDRkODQ0YmMyNjkyM2MxYWVhYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKK0gD4QWMck4EAbzj5QflyF43kf
ky0EyXISL4wdKoyrSLr3cy84OAqR498rZHSTrzTq8Z1+tMWlX506YqXay70cRrhO
0EZcJ7j3rmfT7bkgC5+gQlAMvlGr8NDBwJnLifAb0Uox+iM1aMZaDxPczKQiamtd
rLGjhy3AIWqAR9sc97eyZTWcVAT3rqdCNsiTC1DaOsjPPdSa+Ze3PI0VUA04iytz
0pYvCAoRbcN9VOaUr2JrYLCZAHtnDWiAaqCzsjQcqVu3vDg1qYlpLdMISADLP9ao
3bBNBQU7+1f8NFDWySeezzASfUGnifUC5VXgCAS7xBTae4O8/6BKcMx6eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJijZwJrSeT8tWBNhEvCaSPBrqtqMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATPUrxuKM
CygDHjPpOf5Nby6LzEyAYzUDByKtmfS9TJO7oH4/8Jg2JXZAtEwaQ+M2swhT3QnY
JSJ7z28jZsPEgF+fXwLPK+q6ikcXYF9VvvLiH5DbeN5VOPxRD83tOmktNC5KGMtj
ifr8dMNDLzMYly2a0l3oN8Ut3xltr/zNOJceA1oaxPmfur7LcbZhbHaY0Vxygeyc
4O3Z4EZSWp6SQSObGi8bqLnERoSgdJY20eTNMSraCCHIc6wiXbroTeP/CQnN5z6N
ce20ULvEV8WSvBGEg8mDB8/eaCaPwtuMfsPzbER5CB/un6ZmQobdgMfVPX1LqTQL
ticLTlUXKBNh5g==
-----END CERTIFICATE-----