Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          le+LGqwH+qPH4bMPwlp4gVll11Q1qebFrNPEiewVnfQ=
Subject key identifier:   CC:A2:D8:83:0B:65:DC:C0:13:E1:7E:85:F8:8B:8F:B0:EB:54:B1:26
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019769CEA9C48D8D3B433BBC73D30207BD57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          0F09
Signing time:             Fri 13 Jun 2025 15:00:40 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:40 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:40 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: w3mEgv/SRtQHc+yQAT4k+o6LFCUOYDBApsMnhWKnclQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:a9:c4:8d:8d:3b:43:3b:bc:73:d3:02:07:bd:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Jun 13 15:00:40 2025 GMT
            Not After : Jun 14 15:00:40 2025 GMT
        Subject: CN=cca2d8830b65dcc013e17e85f88b8fb0eb54b126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:de:51:b3:e6:ae:39:3c:54:47:1a:b0:ac:9c:
                    55:7f:e5:c0:33:50:f7:17:b7:83:6b:a1:8f:d6:d6:
                    0a:0f:50:48:d0:de:41:9a:63:74:9d:cb:a5:85:f0:
                    de:2b:b0:6d:7c:47:37:43:58:2d:81:c8:fd:4d:fc:
                    5a:b8:37:55:f7:9f:cc:a9:02:31:2e:60:3e:6b:33:
                    f9:5a:a6:0e:12:52:25:d8:9f:a7:59:f3:77:2d:0a:
                    38:56:b0:a2:c9:88:b3:93:d4:8f:8a:d3:6a:88:04:
                    eb:f9:a9:6f:a2:2b:88:bd:fd:f3:1d:92:f9:94:ee:
                    6f:60:d9:92:63:3e:43:8e:1a:33:0a:ce:0c:61:f3:
                    7e:cc:18:36:67:30:f1:7c:c7:8f:3a:31:da:37:b7:
                    4c:ec:ad:7d:82:15:23:85:f4:d5:9a:b0:15:dc:d6:
                    f7:ce:3d:bc:a9:3e:b9:b1:71:db:3f:12:17:9a:cc:
                    f1:fa:0d:1a:06:44:12:c3:16:37:e8:3d:f7:9f:9d:
                    40:5d:3c:90:01:df:43:63:d8:9d:4c:3e:de:59:6e:
                    23:66:44:b7:b4:96:f7:9f:08:64:51:0b:c2:5d:7a:
                    e0:71:d2:e4:e7:f0:ce:2d:aa:7e:dd:8b:59:e0:6a:
                    2d:a9:2d:c4:c5:cd:26:bc:d9:fb:08:b4:15:25:e6:
                    65:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:A2:D8:83:0B:65:DC:C0:13:E1:7E:85:F8:8B:8F:B0:EB:54:B1:26
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:a2:f7:f7:bb:ca:e6:bb:fe:ae:b1:c7:9d:a5:c6:a1:40:e2:
         2c:f8:1a:35:cd:c6:0e:af:e7:5f:bc:3a:76:7e:5f:d2:d8:2a:
         79:c3:26:41:35:84:16:7e:d5:95:80:a8:67:6c:4c:85:be:4b:
         4f:be:1f:40:c9:a1:cf:7f:e3:e1:0d:39:45:60:aa:3b:f9:f1:
         fd:e4:ac:51:26:47:32:ac:6d:44:3d:20:c8:33:b9:16:a7:2c:
         e4:0c:a8:8e:82:8b:a8:b6:6a:36:e3:40:29:23:97:57:f2:7a:
         5e:80:bc:e0:ee:0a:38:11:50:6f:4d:ac:82:89:7c:49:b3:66:
         ff:bf:3f:21:36:a6:f5:d0:f4:5f:8d:cc:75:a7:e9:d0:50:9b:
         14:3e:53:c9:63:bb:81:ce:36:fd:8f:ed:6e:3a:06:ef:c5:b3:
         99:da:0d:c5:82:87:a5:5e:20:94:9d:4b:a8:d9:5b:39:75:a5:
         0c:c8:75:87:df:60:b0:ca:7a:50:f1:9b:f2:56:59:44:bd:6f:
         1e:06:dd:aa:d9:bc:17:12:97:64:c7:95:de:4b:d7:a0:41:dc:
         56:3a:c8:e3:04:6d:a6:6d:d0:7f:75:e7:0a:1d:89:82:a3:b4:
         9f:5c:14:df:10:6c:08:8d:41:f5:a0:8a:92:8a:54:f2:54:78:
         fc:ec:54:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzqnEjY07Qzu8c9MCB71XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjUwNjEzMTUwMDQwWhcNMjUwNjE0MTUwMDQwWjAzMTEwLwYDVQQD
EyhjY2EyZDg4MzBiNjVkY2MwMTNlMTdlODVmODhiOGZiMGViNTRiMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN5Rs+auOTxURxqwrJxVf+XAM1D3
F7eDa6GP1tYKD1BI0N5BmmN0nculhfDeK7BtfEc3Q1gtgcj9TfxauDdV95/MqQIx
LmA+azP5WqYOElIl2J+nWfN3LQo4VrCiyYizk9SPitNqiATr+alvoiuIvf3zHZL5
lO5vYNmSYz5DjhozCs4MYfN+zBg2ZzDxfMePOjHaN7dM7K19ghUjhfTVmrAV3Nb3
zj28qT65sXHbPxIXmszx+g0aBkQSwxY36D33n51AXTyQAd9DY9idTD7eWW4jZkS3
tJb3nwhkUQvCXXrgcdLk5/DOLap+3YtZ4GotqS3Exc0mvNn7CLQVJeZlWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyi2IMLZdzAE+F+hfiLj7DrVLEmMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqL397vK
5rv+rrHHnaXGoUDiLPgaNc3GDq/nX7w6dn5f0tgqecMmQTWEFn7VlYCoZ2xMhb5L
T74fQMmhz3/j4Q05RWCqO/nx/eSsUSZHMqxtRD0gyDO5Fqcs5AyojoKLqLZqNuNA
KSOXV/J6XoC84O4KOBFQb02sgol8SbNm/78/ITam9dD0X43Mdafp0FCbFD5TyWO7
gc42/Y/tbjoG78WzmdoNxYKHpV4glJ1LqNlbOXWlDMh1h99gsMp6UPGb8lZZRL1v
Hgbdqtm8FxKXZMeV3kvXoEHcVjrI4wRtpm3Qf3XnCh2JgqO0n1wU3xBsCI1B9aCK
kopU8lR4/OxUZw==
-----END CERTIFICATE-----