Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          PC5dusl+ffYVfejhSNVmIpqDs41LI2KPB71YGRBIHdk=
Subject key identifier:   66:39:17:0E:06:BC:1D:19:33:01:9C:24:41:76:15:25:E0:A1:85:69
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       0197488CB91D22D7632B0B44FEDC66A5440F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0E11
Signing time:             Sat 07 Jun 2025 04:01:11 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:11 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:11 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: Ui9fDys6jD45RcrmfwRHmmFq2zxA10z6jtrnEhF8Ws4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:b9:1d:22:d7:63:2b:0b:44:fe:dc:66:a5:44:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Jun  7 04:01:11 2025 GMT
            Not After : Jun  8 04:01:11 2025 GMT
        Subject: CN=6639170e06bc1d1933019c2441761525e0a18569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:4c:e9:ef:03:9a:05:bf:25:a1:f7:98:00:f6:
                    ce:ba:4a:33:9f:83:79:b2:d6:b8:ee:34:69:57:5c:
                    3c:61:3a:d5:ae:f7:01:40:e1:ed:40:66:35:e2:a7:
                    bf:a8:e0:97:f4:05:29:c9:03:d8:82:3c:4c:e8:de:
                    43:c2:d5:79:82:b6:a9:12:a2:74:e5:3a:c9:84:1c:
                    d9:eb:0c:47:7d:88:e0:57:1b:a2:81:72:b6:7c:bf:
                    b8:c2:a2:1a:0d:a2:4e:50:fe:06:66:95:8e:2a:9a:
                    4f:1d:ef:37:27:26:e2:9e:08:15:11:af:26:12:94:
                    5b:f4:e1:30:58:e9:5f:33:a1:e2:98:ff:f8:9f:0d:
                    df:20:08:b3:87:e4:eb:bf:a4:bf:cd:3b:cc:97:e1:
                    f9:bb:5f:8c:01:17:1f:4a:b7:43:d2:1f:19:bb:b9:
                    de:00:5b:e7:78:e5:5f:76:85:b6:ea:b7:58:56:a4:
                    9d:3c:1c:7c:76:9a:1a:44:03:24:ac:67:6a:2c:b9:
                    c4:1f:01:0c:5b:1c:43:4e:43:20:d9:6c:93:11:5c:
                    db:12:ab:ff:3c:e9:88:b4:72:d4:0f:95:1e:62:26:
                    99:95:9d:19:83:38:a8:40:20:ab:ff:a6:33:9d:72:
                    a3:84:12:3d:1d:ac:f3:4a:93:8d:28:a4:c8:e0:36:
                    80:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:39:17:0E:06:BC:1D:19:33:01:9C:24:41:76:15:25:E0:A1:85:69
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:db:f2:d2:f2:c5:23:46:14:c5:b3:99:68:20:94:36:f8:9a:
         89:6b:5d:93:a2:f5:5f:64:5e:2b:b0:4b:7d:fa:4a:68:04:1a:
         ca:28:7d:ab:47:38:75:eb:03:1a:d3:f6:ed:79:6c:6d:21:00:
         9c:dd:61:fb:08:93:73:bf:24:e7:33:a8:e1:1e:82:e5:b2:f9:
         e0:05:16:5c:ae:9f:d6:a5:a4:06:95:93:1b:2c:6d:d5:58:df:
         cd:20:b3:ca:41:d9:d2:3d:d8:33:f0:35:dc:a8:b9:a8:1a:15:
         da:b1:ca:32:94:21:23:92:bd:88:a2:a4:5a:f1:07:e1:96:94:
         ca:c4:b6:93:39:ae:a5:1d:e4:07:e2:66:1b:5d:31:43:0a:fe:
         f0:2a:28:e8:0c:17:d3:ca:dc:55:60:bc:ed:b5:53:c9:ec:93:
         32:5a:8a:8a:b9:27:b7:2c:09:de:09:60:a7:e5:bb:49:20:e9:
         08:72:38:cb:8a:50:39:0d:42:98:f5:e3:75:45:d0:e3:4f:21:
         87:2e:24:75:cb:44:b5:fe:83:95:0a:a5:a6:c0:3d:51:14:5e:
         2c:44:c5:9b:b8:15:60:cd:5c:a2:1d:72:68:4d:c1:b0:0b:31:
         f0:51:fb:58:55:7d:31:cd:4e:9a:e4:06:26:45:cf:53:c7:3e:
         48:a3:13:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjLkdItdjKwtE/txmpUQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUwNjA3MDQwMTExWhcNMjUwNjA4MDQwMTExWjAzMTEwLwYDVQQD
Eyg2NjM5MTcwZTA2YmMxZDE5MzMwMTljMjQ0MTc2MTUyNWUwYTE4NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60zp7wOaBb8lofeYAPbOukozn4N5
sta47jRpV1w8YTrVrvcBQOHtQGY14qe/qOCX9AUpyQPYgjxM6N5DwtV5grapEqJ0
5TrJhBzZ6wxHfYjgVxuigXK2fL+4wqIaDaJOUP4GZpWOKppPHe83JybinggVEa8m
EpRb9OEwWOlfM6HimP/4nw3fIAizh+Trv6S/zTvMl+H5u1+MARcfSrdD0h8Zu7ne
AFvneOVfdoW26rdYVqSdPBx8dpoaRAMkrGdqLLnEHwEMWxxDTkMg2WyTEVzbEqv/
POmItHLUD5UeYiaZlZ0ZgzioQCCr/6YznXKjhBI9HazzSpONKKTI4DaAXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGY5Fw4GvB0ZMwGcJEF2FSXgoYVpMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNvy0vLF
I0YUxbOZaCCUNviaiWtdk6L1X2ReK7BLffpKaAQayih9q0c4desDGtP27XlsbSEA
nN1h+wiTc78k5zOo4R6C5bL54AUWXK6f1qWkBpWTGyxt1VjfzSCzykHZ0j3YM/A1
3Ki5qBoV2rHKMpQhI5K9iKKkWvEH4ZaUysS2kzmupR3kB+JmG10xQwr+8Coo6AwX
08rcVWC87bVTyeyTMlqKirkntywJ3glgp+W7SSDpCHI4y4pQOQ1CmPXjdUXQ408h
hy4kdctEtf6DlQqlpsA9URReLETFm7gVYM1coh1yaE3BsAsx8FH7WFV9Mc1OmuQG
JkXPU8c+SKMT2g==
-----END CERTIFICATE-----