Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          d2HAXF55XtgBuH3Mv08yGMLNHLrIyRzLQI8x0MOyqmw=
Subject key identifier:   A0:EC:ED:45:33:73:C9:D5:33:6A:6F:93:DA:3B:46:EF:B4:CE:19:8D
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       01976A05A6593AF08CB2DA6046C088E5D5A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0CC5
Signing time:             Fri 13 Jun 2025 16:00:44 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:44 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:44 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: kKa1HpzLKo3Uxb8/pcccgAa5DlAIerjG+OFmstE0v3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:a6:59:3a:f0:8c:b2:da:60:46:c0:88:e5:d5:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Jun 13 16:00:44 2025 GMT
            Not After : Jun 14 16:00:44 2025 GMT
        Subject: CN=a0eced453373c9d5336a6f93da3b46efb4ce198d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:eb:29:19:37:ff:4a:64:05:b2:52:64:1b:76:
                    4a:38:74:d7:33:65:b9:dd:cd:32:36:be:80:30:9a:
                    e9:23:5e:f2:79:77:fc:db:9d:27:dc:f4:51:9d:ad:
                    16:00:13:8f:4e:15:40:ae:bb:b5:05:97:4a:39:4c:
                    d2:76:23:17:9a:df:41:14:fd:77:1d:7c:fe:7f:9d:
                    9e:7b:fe:15:62:71:f1:3f:7d:cb:24:8f:ff:30:56:
                    2e:fe:27:22:ee:da:91:71:d8:31:2e:fe:75:6e:35:
                    9b:02:d1:4e:5d:d8:96:bf:62:ff:51:79:d5:be:30:
                    78:c5:ab:d1:39:8e:a7:31:35:bd:b6:40:86:c2:96:
                    fa:77:38:74:10:5a:cf:94:23:d7:2c:51:63:85:05:
                    14:94:bb:fc:a0:f2:88:32:9f:46:0d:14:72:b7:ae:
                    2e:9f:5b:8a:92:f9:a6:f4:7b:d3:b0:43:71:bd:26:
                    1c:35:5e:81:68:47:29:11:09:de:09:79:bc:b2:e8:
                    f3:27:53:c0:7b:3e:26:83:b0:3b:ed:a3:96:3f:75:
                    3f:39:05:90:a3:7e:fb:95:81:1d:38:98:6d:f2:b7:
                    91:7e:8e:3d:d9:60:67:db:51:c2:5b:7c:04:51:44:
                    c2:7b:11:83:3d:25:c2:bd:11:d3:dd:18:47:fc:f4:
                    e4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:EC:ED:45:33:73:C9:D5:33:6A:6F:93:DA:3B:46:EF:B4:CE:19:8D
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:7b:b3:02:d9:2c:36:83:84:6d:3c:f2:2f:9b:4c:14:72:04:
         a3:ed:41:9c:19:c3:7e:42:ff:a3:2c:b1:d6:e7:2b:6e:33:51:
         9f:24:35:66:2f:e8:4f:db:3d:e9:2d:99:a0:db:57:3e:1c:ed:
         fd:45:81:59:00:16:52:01:ab:e6:4f:2f:32:f5:8d:1f:23:c9:
         84:c4:06:9f:26:fc:0c:51:af:42:e9:55:6d:a3:91:11:1b:26:
         57:d6:38:a2:ff:dd:17:ae:56:19:93:bb:4e:99:8f:0c:ce:e2:
         11:0e:ee:32:1a:99:d7:ed:09:3a:4b:69:3e:d3:c1:a8:98:8c:
         c5:a7:81:67:66:5c:8e:63:51:07:91:f8:63:78:eb:61:42:6a:
         ac:46:02:86:f4:1e:39:10:46:05:25:a3:63:82:74:53:18:00:
         5c:ff:a6:76:2c:38:42:a7:94:59:cf:5e:29:13:92:36:24:2d:
         48:21:e0:2a:5d:35:be:42:d8:e0:51:22:c1:f9:c4:20:b3:a4:
         60:2b:9a:5e:c4:06:77:09:dd:d4:54:26:31:30:d0:8c:87:51:
         d3:22:0b:3b:1f:e6:75:9c:67:2c:56:2b:02:72:c3:c4:60:02:
         d7:6a:96:4c:ee:55:ae:36:fd:ce:10:48:c3:53:b8:4f:87:a7:
         a5:77:c4:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBaZZOvCMstpgRsCI5dWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjUwNjEzMTYwMDQ0WhcNMjUwNjE0MTYwMDQ0WjAzMTEwLwYDVQQD
EyhhMGVjZWQ0NTMzNzNjOWQ1MzM2YTZmOTNkYTNiNDZlZmI0Y2UxOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOspGTf/SmQFslJkG3ZKOHTXM2W5
3c0yNr6AMJrpI17yeXf8250n3PRRna0WABOPThVArru1BZdKOUzSdiMXmt9BFP13
HXz+f52ee/4VYnHxP33LJI//MFYu/ici7tqRcdgxLv51bjWbAtFOXdiWv2L/UXnV
vjB4xavROY6nMTW9tkCGwpb6dzh0EFrPlCPXLFFjhQUUlLv8oPKIMp9GDRRyt64u
n1uKkvmm9HvTsENxvSYcNV6BaEcpEQneCXm8sujzJ1PAez4mg7A77aOWP3U/OQWQ
o377lYEdOJht8reRfo492WBn21HCW3wEUUTCexGDPSXCvRHT3RhH/PTkQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDs7UUzc8nVM2pvk9o7Ru+0zhmNMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnuzAtks
NoOEbTzyL5tMFHIEo+1BnBnDfkL/oyyx1ucrbjNRnyQ1Zi/oT9s96S2ZoNtXPhzt
/UWBWQAWUgGr5k8vMvWNHyPJhMQGnyb8DFGvQulVbaORERsmV9Y4ov/dF65WGZO7
TpmPDM7iEQ7uMhqZ1+0JOktpPtPBqJiMxaeBZ2ZcjmNRB5H4Y3jrYUJqrEYChvQe
ORBGBSWjY4J0UxgAXP+mdiw4QqeUWc9eKROSNiQtSCHgKl01vkLY4FEiwfnEILOk
YCuaXsQGdwnd1FQmMTDQjIdR0yILOx/mdZxnLFYrAnLDxGAC12qWTO5Vrjb9zhBI
w1O4T4enpXfEwg==
-----END CERTIFICATE-----