Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
File:                     RGMFqaHfoG26hXtD8N6eYi9JUaM.mft (raw, json)
Hash identifier:          XkCPEHi57bLMKbiBCmPYSnHbvvSiJXTLDoOpcujBJPc=
Subject key identifier:   8D:76:8E:7E:36:2D:EB:BF:47:09:E6:97:11:F4:09:7F:16:6B:CD:38
Authority key identifier: 44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3
Certificate issuer:       /CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
Certificate serial:       0197488D18ABE3B7B85116FD70B45A065E83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
Manifest number:          0A0A
Signing time:             Sat 07 Jun 2025 04:01:35 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:35 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:35 +0000
Files and hashes:         1: RGMFqaHfoG26hXtD8N6eYi9JUaM.crl (hash: THmK+0s3fS6KtG6VuzxSTgCDULiFUtBF5kHX8usbF48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:18:ab:e3:b7:b8:51:16:fd:70:b4:5a:06:5e:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=446305a9a1dfa06dba857b43f0de9e622f4951a3
        Validity
            Not Before: Jun  7 04:01:35 2025 GMT
            Not After : Jun  8 04:01:35 2025 GMT
        Subject: CN=8d768e7e362debbf4709e69711f4097f166bcd38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fc:72:14:e0:4b:25:08:36:10:cd:1d:03:79:
                    ef:3e:4b:8c:03:c0:34:65:80:a0:aa:bb:9b:b9:ea:
                    22:01:ca:8d:9e:98:46:92:c3:6c:e0:1e:fc:77:93:
                    a7:12:3e:79:f6:ef:e8:07:1a:a1:de:1e:28:f8:ca:
                    04:e3:0a:a8:01:55:c2:1b:c0:e6:82:ea:16:a4:5e:
                    21:e7:56:1b:9e:d2:00:f1:a6:b9:1c:60:ea:ac:4c:
                    31:25:41:69:56:4f:c7:1c:a1:9b:3e:15:b7:2b:07:
                    77:41:c0:bf:0a:05:57:81:69:3b:1d:8d:df:cd:aa:
                    68:6a:34:f5:7a:12:87:48:3a:74:fc:db:6b:62:cf:
                    f1:3e:17:db:b6:3b:62:2d:46:12:f0:9f:13:65:b3:
                    ac:ad:3c:f8:36:d8:d2:d1:b6:a6:3a:a0:88:c3:2c:
                    75:06:50:3a:0a:24:f3:7a:a2:ce:bc:77:03:00:4b:
                    7a:b8:94:59:98:6a:d6:b7:5c:c5:42:c6:a1:b8:58:
                    ab:12:ff:1c:ba:14:e0:f2:c4:13:a2:22:bf:19:1a:
                    19:61:39:e8:cc:e7:b0:45:68:21:c2:8c:09:97:b3:
                    85:ca:56:96:c1:3c:86:b4:1b:49:8f:2e:b7:0e:d3:
                    8b:c8:b4:6d:f5:ed:1e:79:7d:65:a3:cf:c4:d2:fa:
                    f5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:76:8E:7E:36:2D:EB:BF:47:09:E6:97:11:F4:09:7F:16:6B:CD:38
            X509v3 Authority Key Identifier:
                keyid:44:63:05:A9:A1:DF:A0:6D:BA:85:7B:43:F0:DE:9E:62:2F:49:51:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RGMFqaHfoG26hXtD8N6eYi9JUaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2d4858-dbcf-46d1-86d3-0c867457692b/1/RGMFqaHfoG26hXtD8N6eYi9JUaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:c4:89:00:06:0c:52:99:2f:fa:2e:ca:60:46:c7:96:dc:0e:
         e8:6e:9b:45:c6:e2:c4:25:aa:b7:93:3b:53:95:b4:c3:15:4d:
         06:a8:d5:a6:57:60:0b:c6:0b:af:cc:eb:e2:61:e8:5c:af:29:
         4f:17:6e:f7:b5:fd:30:9e:bd:b1:8a:e8:22:81:bd:c6:5f:8c:
         24:1a:eb:f8:20:bb:f7:9f:5e:f9:64:3e:c8:96:ec:6c:96:ef:
         90:85:49:b7:91:97:e3:6d:e7:14:4e:6c:4c:ec:a7:bf:34:5f:
         7d:6f:cd:2c:11:47:20:e8:bc:74:59:62:b2:14:17:14:ea:0e:
         2f:2f:5a:b8:42:12:40:f7:8a:8f:1c:13:df:5b:e5:98:ac:d6:
         80:09:37:96:46:3f:26:60:af:cb:70:af:e6:a7:00:52:eb:af:
         12:d1:3f:58:21:ce:fb:42:2c:a6:c9:83:e4:b6:9b:71:96:a9:
         53:8e:18:a3:ad:93:38:5b:b4:be:0d:f3:79:67:b5:0b:f8:12:
         52:35:47:bf:59:b6:3c:f9:79:97:26:cd:0a:2b:29:c3:72:d8:
         cb:4f:06:56:24:e2:a4:e2:59:2b:82:c4:20:33:a6:22:73:37:
         f9:5e:c9:56:a3:c0:80:a4:34:09:e6:a1:dd:44:4a:58:65:b6:
         52:a1:1d:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjRir47e4URb9cLRaBl6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NjMwNWE5YTFkZmEwNmRiYTg1N2I0M2YwZGU5ZTYyMmY0
OTUxYTMwHhcNMjUwNjA3MDQwMTM1WhcNMjUwNjA4MDQwMTM1WjAzMTEwLwYDVQQD
Eyg4ZDc2OGU3ZTM2MmRlYmJmNDcwOWU2OTcxMWY0MDk3ZjE2NmJjZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfxyFOBLJQg2EM0dA3nvPkuMA8A0
ZYCgqrubueoiAcqNnphGksNs4B78d5OnEj559u/oBxqh3h4o+MoE4wqoAVXCG8Dm
guoWpF4h51YbntIA8aa5HGDqrEwxJUFpVk/HHKGbPhW3Kwd3QcC/CgVXgWk7HY3f
zapoajT1ehKHSDp0/NtrYs/xPhfbtjtiLUYS8J8TZbOsrTz4NtjS0bamOqCIwyx1
BlA6CiTzeqLOvHcDAEt6uJRZmGrWt1zFQsahuFirEv8cuhTg8sQToiK/GRoZYTno
zOewRWghwowJl7OFylaWwTyGtBtJjy63DtOLyLRt9e0eeX1lo8/E0vr1/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI12jn42Leu/RwnmlxH0CX8Wa804MB8GA1UdIwQY
MBaAFERjBamh36BtuoV7Q/DenmIvSVGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMt
MGM4Njc0NTc2OTJiLzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yZDQ4NTgtZGJjZi00NmQxLTg2ZDMtMGM4Njc0NTc2OTJi
LzEvUkdNRnFhSGZvRzI2aFh0RDhONmVZaTlKVWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsSJAAYM
Upkv+i7KYEbHltwO6G6bRcbixCWqt5M7U5W0wxVNBqjVpldgC8YLr8zr4mHoXK8p
Txdu97X9MJ69sYroIoG9xl+MJBrr+CC7959e+WQ+yJbsbJbvkIVJt5GX423nFE5s
TOynvzRffW/NLBFHIOi8dFlishQXFOoOLy9auEISQPeKjxwT31vlmKzWgAk3lkY/
JmCvy3Cv5qcAUuuvEtE/WCHO+0IspsmD5LabcZapU44Yo62TOFu0vg3zeWe1C/gS
UjVHv1m2PPl5lybNCispw3LYy08GViTipOJZK4LEIDOmInM3+V7JVqPAgKQ0Ceah
3URKWGW2UqEd3g==
-----END CERTIFICATE-----