Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          tLdGfm7s+9ymQRWKYInXgvnt1DgQBG1RzXVKu9lL/Kw=
Subject key identifier:   07:9B:A5:DB:85:07:AE:6F:E8:66:AA:7A:E4:C8:B1:ED:1B:24:12:82
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       01975B37889B8B9A7020E004AAB083647999
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          1582
Signing time:             Tue 10 Jun 2025 19:00:55 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:55 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:55 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: xaK0PDro5uxRChe4yMUCXgd/VE0GIHABNjozB8fnFq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:88:9b:8b:9a:70:20:e0:04:aa:b0:83:64:79:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Jun 10 19:00:55 2025 GMT
            Not After : Jun 11 19:00:55 2025 GMT
        Subject: CN=079ba5db8507ae6fe866aa7ae4c8b1ed1b241282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:76:86:c3:07:fc:27:4a:b8:91:11:63:d3:5c:
                    05:f6:76:68:6c:c4:bc:66:af:bd:32:01:52:81:e7:
                    2f:7b:6f:af:cf:66:98:9e:b9:a1:ab:08:8e:41:20:
                    2c:c1:cf:99:6d:b0:03:ae:64:6b:a5:37:74:05:ba:
                    f7:56:21:29:58:43:ee:66:29:78:c6:35:eb:bb:48:
                    67:d3:1e:2d:b5:71:8f:ca:e2:b2:28:a4:4d:ab:1e:
                    e1:bc:04:53:e0:e5:40:c0:6b:eb:59:90:e5:60:65:
                    8f:fc:08:b1:72:7e:05:d7:eb:75:f4:44:f5:16:cb:
                    04:c3:5c:ba:7f:77:1e:c0:ca:8a:ed:5b:b9:dd:ca:
                    6f:0a:de:f6:b1:f6:f8:30:3d:84:06:7c:60:f9:a9:
                    e9:b1:03:d2:b2:f0:8e:86:0d:f5:12:33:4d:15:8c:
                    f3:96:4f:88:9c:3b:9e:6a:d9:7c:2d:af:bb:96:74:
                    52:8c:5b:ca:02:01:88:e9:e9:41:d4:ed:00:3b:55:
                    f0:d8:2e:4e:f1:01:c7:23:4d:78:eb:52:40:17:04:
                    8a:18:6c:a7:7e:8d:61:f9:df:27:e4:e1:d0:36:3c:
                    b3:31:43:f7:f8:6e:d7:a4:46:f6:9d:b4:b1:cd:f6:
                    98:a4:9b:8d:16:11:ac:74:02:70:c5:bb:e7:f3:83:
                    1e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:9B:A5:DB:85:07:AE:6F:E8:66:AA:7A:E4:C8:B1:ED:1B:24:12:82
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:e0:d4:28:6e:41:5f:a8:0c:2b:90:94:4d:be:e1:b8:3f:fb:
         c5:46:14:bc:ed:91:b2:aa:27:04:83:a2:25:7e:94:f9:d3:14:
         b9:af:56:ea:14:59:80:8d:92:25:1d:7f:8a:3a:ee:f1:91:2f:
         4f:19:dd:42:e0:99:74:a6:c5:d2:42:76:e2:1a:06:cc:4f:2a:
         96:f0:b2:26:fa:0c:f5:fc:f5:17:ae:4f:2f:da:b9:e0:13:44:
         eb:b0:4d:e3:28:cf:b1:7a:76:bc:47:c7:91:e1:0f:76:ce:74:
         21:55:a2:71:43:39:42:26:eb:21:30:b6:9a:2a:91:ea:f7:7d:
         26:42:99:c7:8d:a2:68:ed:b3:ea:15:dd:b8:f4:98:79:a5:5e:
         3b:33:03:19:5e:ff:a3:fd:c0:52:da:b8:c2:77:3e:e5:82:b6:
         dd:82:b2:64:63:cb:8f:55:f9:a6:d5:76:2b:8c:a8:30:cb:2f:
         fd:44:26:3d:a6:0a:43:97:65:08:c7:18:34:54:1b:55:9d:d2:
         b8:03:77:96:62:2f:a2:c9:9b:48:0d:85:e2:fa:bd:55:ef:45:
         4b:80:c9:de:7a:35:66:cb:a5:f2:57:d3:1e:4c:26:61:40:57:
         8e:8c:c2:46:14:4d:de:22:44:88:15:8c:9e:82:31:f6:55:a9:
         36:78:98:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbN4ibi5pwIOAEqrCDZHmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwNjEwMTkwMDU1WhcNMjUwNjExMTkwMDU1WjAzMTEwLwYDVQQD
EygwNzliYTVkYjg1MDdhZTZmZTg2NmFhN2FlNGM4YjFlZDFiMjQxMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnaGwwf8J0q4kRFj01wF9nZobMS8
Zq+9MgFSgecve2+vz2aYnrmhqwiOQSAswc+ZbbADrmRrpTd0Bbr3ViEpWEPuZil4
xjXru0hn0x4ttXGPyuKyKKRNqx7hvART4OVAwGvrWZDlYGWP/Aixcn4F1+t19ET1
FssEw1y6f3cewMqK7Vu53cpvCt72sfb4MD2EBnxg+anpsQPSsvCOhg31EjNNFYzz
lk+InDueatl8La+7lnRSjFvKAgGI6elB1O0AO1Xw2C5O8QHHI01461JAFwSKGGyn
fo1h+d8n5OHQNjyzMUP3+G7XpEb2nbSxzfaYpJuNFhGsdAJwxbvn84MeLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAebpduFB65v6GaqeuTIse0bJBKCMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeDUKG5B
X6gMK5CUTb7huD/7xUYUvO2RsqonBIOiJX6U+dMUua9W6hRZgI2SJR1/ijru8ZEv
TxndQuCZdKbF0kJ24hoGzE8qlvCyJvoM9fz1F65PL9q54BNE67BN4yjPsXp2vEfH
keEPds50IVWicUM5QibrITC2miqR6vd9JkKZx42iaO2z6hXduPSYeaVeOzMDGV7/
o/3AUtq4wnc+5YK23YKyZGPLj1X5ptV2K4yoMMsv/UQmPaYKQ5dlCMcYNFQbVZ3S
uAN3lmIvosmbSA2F4vq9Ve9FS4DJ3no1Zsul8lfTHkwmYUBXjozCRhRN3iJEiBWM
noIx9lWpNniYWw==
-----END CERTIFICATE-----