Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          cfpjnVua7rzIqNlL32zUtC0hI+3qEUYgcaR5XkbA9Z8=
Subject key identifier:   8D:E5:08:0E:5F:B6:41:AD:55:D9:ED:0E:58:1D:FE:7A:66:0F:4B:0E
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       01974A7AED55E296728931751ADD46AE684F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0182
Signing time:             Sat 07 Jun 2025 13:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:59 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: tb3zjYW0G9Z9hooPb582EbgbPeh/pCvzRGpFYpGiwx8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:ed:55:e2:96:72:89:31:75:1a:dd:46:ae:68:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Jun  7 13:00:59 2025 GMT
            Not After : Jun  8 13:00:59 2025 GMT
        Subject: CN=8de5080e5fb641ad55d9ed0e581dfe7a660f4b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:dc:f0:46:51:4d:b3:6f:c0:3b:22:0a:ed:09:
                    1a:80:87:d7:7b:f7:0c:1b:9b:45:ae:27:2e:83:d4:
                    6a:65:58:f9:1e:95:26:48:02:bd:ef:81:f1:23:ff:
                    5c:7c:fa:fb:82:f8:45:df:1d:45:bf:ff:25:82:86:
                    a4:7c:1a:f7:b0:74:65:09:8b:a2:05:82:15:33:8b:
                    55:0e:8e:7f:f1:23:ff:b7:78:b8:09:dc:1f:37:d3:
                    fc:ef:04:dd:67:d8:d4:c7:3d:17:fe:8c:94:15:a1:
                    c1:88:61:e3:d6:67:21:34:e2:3c:10:7a:b4:45:53:
                    36:3e:52:37:de:16:45:9b:25:6e:f0:e7:f8:30:03:
                    e2:04:c9:e6:bc:be:ad:ea:32:e0:68:ea:3b:fa:97:
                    6e:0a:0f:23:09:1f:cd:17:63:0d:b9:fe:08:84:1a:
                    4c:ec:3c:cf:cd:42:cf:09:2f:7c:73:88:22:1e:00:
                    a1:49:ad:51:58:58:1d:cc:27:2e:45:7e:af:1f:6c:
                    02:7a:86:12:7b:9b:e9:17:52:85:6b:43:89:2e:31:
                    e5:af:53:1e:44:27:52:ee:5e:06:09:70:59:8d:b8:
                    1b:d6:7a:6a:23:f1:2b:ea:f4:bc:28:2c:33:6d:60:
                    11:25:0a:70:aa:3a:07:0f:00:99:08:fb:11:28:17:
                    ea:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:E5:08:0E:5F:B6:41:AD:55:D9:ED:0E:58:1D:FE:7A:66:0F:4B:0E
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:02:9c:0b:0e:90:d1:58:82:6e:9d:1f:eb:5b:d9:c1:2b:e3:
         e5:7c:89:fc:50:8e:bc:f3:c3:77:eb:c3:5c:5a:e2:e5:27:a5:
         92:2d:e1:fe:4d:4e:65:bd:8e:bd:75:67:2e:b8:03:fd:a1:ac:
         6c:13:28:c0:a2:59:fb:73:03:59:bb:c3:75:74:6d:a6:b2:c6:
         a9:1a:28:a9:93:ec:17:ab:6f:d8:83:45:04:fd:c8:d1:68:8e:
         c3:06:b6:27:32:fa:79:fa:fd:fc:6d:af:25:28:af:fa:07:52:
         a1:05:d2:d6:03:9b:17:98:fb:1b:68:b7:55:8c:96:50:da:ab:
         d8:3f:a8:a7:03:ba:c0:e9:79:1f:5d:f6:47:6a:5b:f4:a8:93:
         00:8f:d5:2f:7e:51:0b:c6:20:09:33:94:60:5d:c6:23:90:d3:
         34:29:40:f2:14:af:38:e3:d5:ba:e6:f5:f9:a0:b3:d3:75:cb:
         27:c1:e2:d3:1b:56:cf:ac:47:10:34:93:d5:90:c6:45:16:bd:
         3c:f7:27:71:70:06:f0:71:0a:a7:93:33:e1:e5:78:03:93:59:
         23:10:40:3b:7c:25:81:d2:29:b6:c9:fe:f4:53:eb:d9:6c:fa:
         9d:4c:7c:80:4f:7f:53:65:61:2f:20:d6:0f:e1:d0:30:c5:de:
         3c:fc:a0:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeu1V4pZyiTF1Gt1GrmhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUwNjA3MTMwMDU5WhcNMjUwNjA4MTMwMDU5WjAzMTEwLwYDVQQD
Eyg4ZGU1MDgwZTVmYjY0MWFkNTVkOWVkMGU1ODFkZmU3YTY2MGY0YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNzwRlFNs2/AOyIK7QkagIfXe/cM
G5tFricug9RqZVj5HpUmSAK974HxI/9cfPr7gvhF3x1Fv/8lgoakfBr3sHRlCYui
BYIVM4tVDo5/8SP/t3i4CdwfN9P87wTdZ9jUxz0X/oyUFaHBiGHj1mchNOI8EHq0
RVM2PlI33hZFmyVu8Of4MAPiBMnmvL6t6jLgaOo7+pduCg8jCR/NF2MNuf4IhBpM
7DzPzULPCS98c4giHgChSa1RWFgdzCcuRX6vH2wCeoYSe5vpF1KFa0OJLjHlr1Me
RCdS7l4GCXBZjbgb1npqI/Er6vS8KCwzbWARJQpwqjoHDwCZCPsRKBfqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3lCA5ftkGtVdntDlgd/npmD0sOMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfAKcCw6Q
0ViCbp0f61vZwSvj5XyJ/FCOvPPDd+vDXFri5Selki3h/k1OZb2OvXVnLrgD/aGs
bBMowKJZ+3MDWbvDdXRtprLGqRooqZPsF6tv2INFBP3I0WiOwwa2JzL6efr9/G2v
JSiv+gdSoQXS1gObF5j7G2i3VYyWUNqr2D+opwO6wOl5H132R2pb9KiTAI/VL35R
C8YgCTOUYF3GI5DTNClA8hSvOOPVuub1+aCz03XLJ8Hi0xtWz6xHEDST1ZDGRRa9
PPcncXAG8HEKp5Mz4eV4A5NZIxBAO3wlgdIptsn+9FPr2Wz6nUx8gE9/U2VhLyDW
D+HQMMXePPygQQ==
-----END CERTIFICATE-----