Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
File:                     riYajfUykscw4q4d_PxP4_92sdA.mft (raw, json)
Hash identifier:          dmH873f+Xr20PW9Bsva1QhfFEctcpgaa7o0OhehAeXw=
Subject key identifier:   D9:66:3D:0E:CF:FF:72:92:E0:EE:2B:93:6C:1E:AF:E4:7F:58:FC:A0
Authority key identifier: AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
Certificate issuer:       /CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Certificate serial:       01974D0D8E35372722F09DA9D9CAF67B4BA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
Manifest number:          1585
Signing time:             Sun 08 Jun 2025 01:00:23 +0000
Manifest this update:     Sun 08 Jun 2025 01:00:23 +0000
Manifest next update:     Mon 09 Jun 2025 01:00:23 +0000
Files and hashes:         1: riYajfUykscw4q4d_PxP4_92sdA.crl (hash: 4Fcv7vlBC91/kWGD9xTKzXKaCS6ZBlkWNTSmSGTAXxo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 01:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:0d:8e:35:37:27:22:f0:9d:a9:d9:ca:f6:7b:4b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
        Validity
            Not Before: Jun  8 01:00:23 2025 GMT
            Not After : Jun  9 01:00:23 2025 GMT
        Subject: CN=d9663d0ecfff7292e0ee2b936c1eafe47f58fca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fd:f5:0b:04:45:2c:3a:bf:9a:2a:33:b7:9c:
                    40:56:4e:d9:5b:ca:c4:7c:a6:53:92:b8:a5:bb:c5:
                    91:13:3b:10:8d:a6:ca:79:c1:6c:b4:de:9e:d3:d7:
                    f2:c3:af:04:d2:d0:a1:5a:6f:8e:32:e7:08:c6:07:
                    e7:87:7e:d4:61:f5:ac:3a:1a:d5:88:fc:14:6f:af:
                    60:04:00:8f:e4:da:21:db:5e:7b:e5:5f:46:53:7d:
                    e1:48:27:36:a3:13:a6:e6:2e:a9:6e:9d:2c:44:c4:
                    5a:8a:17:83:54:2a:24:94:1c:74:06:07:0f:6f:cb:
                    45:07:d3:4c:06:32:c0:6c:66:40:47:96:0e:c2:cc:
                    47:fc:78:21:ec:b2:1e:90:04:bc:d9:9b:c0:f4:a5:
                    12:0f:f0:ee:ca:3c:80:b6:62:05:f9:b9:d7:32:d4:
                    a2:a1:29:01:c7:fd:a9:7d:fc:88:ef:72:6e:38:ae:
                    d3:25:68:30:0f:13:92:81:36:ff:f3:cc:16:99:43:
                    8c:05:d5:e2:16:fb:c3:d0:3e:de:33:98:f0:85:57:
                    6e:28:b7:70:84:cd:5c:43:75:49:0a:d0:c1:9b:13:
                    18:81:57:71:fa:a8:d4:0d:5b:ab:a3:c8:8c:dd:13:
                    53:38:79:cd:95:42:07:c0:3a:a9:eb:ec:72:23:0b:
                    15:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:66:3D:0E:CF:FF:72:92:E0:EE:2B:93:6C:1E:AF:E4:7F:58:FC:A0
            X509v3 Authority Key Identifier:
                keyid:AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:79:51:cc:21:98:04:33:84:d7:1d:d0:8b:8d:e7:d4:c2:f6:
         d4:96:f0:a5:24:ef:78:5d:b6:6a:d5:55:f4:57:c9:e5:0a:93:
         58:84:8d:b2:a7:5c:10:ad:6c:57:74:c0:4c:24:c5:8b:39:7b:
         f1:ea:79:7e:5f:ed:cd:e8:36:51:76:ac:f2:65:e0:a8:9d:53:
         43:2e:76:8d:1b:93:18:17:44:43:ec:ca:89:ff:dc:61:0c:8a:
         7b:fc:87:d3:8b:34:be:d3:e7:48:2d:d3:95:95:87:c0:fb:04:
         ab:35:f5:9a:c5:0c:94:5c:91:ab:c0:b3:b0:1c:b2:38:c5:ff:
         46:08:93:ae:92:0b:86:d9:40:5d:f2:68:64:db:2b:5a:86:49:
         6a:44:ce:d7:42:8c:2c:90:95:a3:69:b7:93:28:01:b9:29:15:
         48:c2:bb:f7:4e:9c:28:8d:ce:1f:8c:00:9f:15:9a:3b:54:03:
         f2:e1:a4:16:0c:1b:f1:1c:11:31:c6:3d:e6:cf:15:1b:24:1b:
         25:2a:86:80:21:a9:eb:d1:0c:5e:62:26:eb:38:8d:b4:ce:66:
         50:d7:28:2e:ab:41:4c:e4:c1:db:d9:19:2d:99:8e:43:8c:b4:
         86:0b:63:26:4c:16:97:0b:78:12:db:fe:c3:4b:6a:94:73:85:
         bb:39:80:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNDY41Nyci8J2p2cr2e0ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjYxYThkZjUzMjkyYzczMGUyYWUxZGZjZmM0ZmUzZmY3
NmIxZDAwHhcNMjUwNjA4MDEwMDIzWhcNMjUwNjA5MDEwMDIzWjAzMTEwLwYDVQQD
EyhkOTY2M2QwZWNmZmY3MjkyZTBlZTJiOTM2YzFlYWZlNDdmNThmY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP31CwRFLDq/miozt5xAVk7ZW8rE
fKZTkrilu8WREzsQjabKecFstN6e09fyw68E0tChWm+OMucIxgfnh37UYfWsOhrV
iPwUb69gBACP5Noh21575V9GU33hSCc2oxOm5i6pbp0sRMRaiheDVCoklBx0BgcP
b8tFB9NMBjLAbGZAR5YOwsxH/Hgh7LIekAS82ZvA9KUSD/DuyjyAtmIF+bnXMtSi
oSkBx/2pffyI73JuOK7TJWgwDxOSgTb/88wWmUOMBdXiFvvD0D7eM5jwhVduKLdw
hM1cQ3VJCtDBmxMYgVdx+qjUDVuro8iM3RNTOHnNlUIHwDqp6+xyIwsVZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlmPQ7P/3KS4O4rk2wer+R/WPygMB8GA1UdIwQY
MBaAFK4mGo31MpLHMOKuHfz8T+P/drHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQt
NTY5NWQ4OWQ3YjM2LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQtNTY5NWQ4OWQ3YjM2
LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqXlRzCGY
BDOE1x3Qi43n1ML21JbwpSTveF22atVV9FfJ5QqTWISNsqdcEK1sV3TATCTFizl7
8ep5fl/tzeg2UXas8mXgqJ1TQy52jRuTGBdEQ+zKif/cYQyKe/yH04s0vtPnSC3T
lZWHwPsEqzX1msUMlFyRq8CzsByyOMX/RgiTrpILhtlAXfJoZNsrWoZJakTO10KM
LJCVo2m3kygBuSkVSMK7906cKI3OH4wAnxWaO1QD8uGkFgwb8RwRMcY95s8VGyQb
JSqGgCGp69EMXmIm6ziNtM5mUNcoLqtBTOTB29kZLZmOQ4y0hgtjJkwWlwt4Etv+
w0tqlHOFuzmAbg==
-----END CERTIFICATE-----