Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          WZgdIMRNQyckRWyWn7FViM86wBGApPRI1ypY2p22HeI=
Subject key identifier:   57:DD:91:BB:98:B7:8E:10:37:21:31:02:BF:05:5F:4F:86:CC:65:5F
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       019769CEB2940B137EF1024A3724C6732B0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          07A2
Signing time:             Fri 13 Jun 2025 15:00:43 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:43 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:43 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: DXdLuP5+EMPRcWrZs1b6L8iqS0ceP+rWtdMAg18/buE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:b2:94:0b:13:7e:f1:02:4a:37:24:c6:73:2b:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Jun 13 15:00:43 2025 GMT
            Not After : Jun 14 15:00:43 2025 GMT
        Subject: CN=57dd91bb98b78e1037213102bf055f4f86cc655f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c9:51:b5:a4:4c:c1:f6:2a:46:c5:80:76:8b:
                    4e:f3:c2:64:4c:0a:d0:5b:5d:29:fd:4f:0d:b4:0c:
                    5d:4a:96:b1:54:c2:8a:60:0e:27:30:21:30:69:23:
                    a1:34:e0:e3:ee:61:8c:d4:81:96:10:16:b7:0e:d3:
                    c8:ab:98:49:0d:02:e4:44:57:72:52:34:25:7a:6f:
                    16:5e:1d:0b:e0:9e:7e:24:bb:af:cc:f3:cd:72:ec:
                    e4:d5:27:19:4b:72:6b:45:bb:bc:1f:25:4c:de:ed:
                    c5:92:8f:85:43:d0:e6:41:eb:b5:6a:6e:ff:e8:b9:
                    aa:cd:b7:0d:08:3d:5f:ab:60:2e:8f:cc:fc:63:03:
                    17:12:7b:c1:ff:8f:b2:a7:0f:d3:28:e7:d5:a8:0b:
                    41:18:b7:04:36:af:7b:a2:fe:17:e9:29:1d:10:72:
                    f6:a5:76:9e:ac:8b:10:8a:d9:36:ae:1b:c2:7b:0e:
                    20:8b:11:0a:51:ad:4d:bc:4a:f7:ad:98:77:3c:a3:
                    e1:0b:28:74:49:a4:dc:f5:f0:f5:fa:1a:ff:c2:a8:
                    56:16:ec:5b:0c:1f:57:61:5f:96:2d:b2:5f:21:b5:
                    f2:e3:ee:e7:87:02:a1:89:d3:6a:8a:40:96:f5:bb:
                    64:4a:fd:b4:e8:ea:1c:46:f5:f8:62:7a:1f:da:7a:
                    ce:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DD:91:BB:98:B7:8E:10:37:21:31:02:BF:05:5F:4F:86:CC:65:5F
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:74:df:7e:e0:47:2e:c1:87:44:ee:24:0d:e9:60:84:c5:08:
         4b:ee:8d:75:3e:d4:eb:54:9f:2b:69:0d:98:3d:32:1c:02:5e:
         04:df:6a:ff:02:bd:67:76:16:30:d6:cf:4e:64:2e:45:69:05:
         98:67:ae:3d:94:cf:9a:57:97:1d:10:d7:67:0a:88:aa:05:da:
         83:2c:d7:c2:b2:9b:4e:a6:e7:8b:62:7d:0d:21:cd:e6:25:de:
         73:ab:6a:5a:df:aa:3f:0e:64:1f:81:49:55:9e:3f:c0:b7:4a:
         d3:fb:62:69:c3:49:b4:8b:5a:7e:c2:87:d2:04:d6:66:f9:77:
         58:ba:18:17:79:55:56:d6:59:31:1b:ee:97:46:e5:44:9f:04:
         b4:b3:9e:db:01:77:05:5e:7b:81:d2:0e:f4:f8:8e:4b:a9:a8:
         3a:af:2b:12:ae:77:52:e2:81:b7:82:97:99:30:49:ca:93:76:
         83:06:af:38:f1:1e:fb:bf:71:3b:35:ea:f4:4a:09:a6:3c:22:
         d2:e8:32:aa:d2:c3:e6:6f:08:f1:43:35:16:e1:bd:58:ab:d6:
         81:34:74:24:fe:d4:30:ce:c8:ab:9b:30:c2:32:26:0a:be:c8:
         41:c4:5f:56:c0:a2:c8:9f:03:ae:5d:2e:16:ab:8d:94:9d:bf:
         ce:6f:83:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzrKUCxN+8QJKNyTGcysMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUwNjEzMTUwMDQzWhcNMjUwNjE0MTUwMDQzWjAzMTEwLwYDVQQD
Eyg1N2RkOTFiYjk4Yjc4ZTEwMzcyMTMxMDJiZjA1NWY0Zjg2Y2M2NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8lRtaRMwfYqRsWAdotO88JkTArQ
W10p/U8NtAxdSpaxVMKKYA4nMCEwaSOhNODj7mGM1IGWEBa3DtPIq5hJDQLkRFdy
UjQlem8WXh0L4J5+JLuvzPPNcuzk1ScZS3JrRbu8HyVM3u3Fko+FQ9DmQeu1am7/
6LmqzbcNCD1fq2Auj8z8YwMXEnvB/4+ypw/TKOfVqAtBGLcENq97ov4X6SkdEHL2
pXaerIsQitk2rhvCew4gixEKUa1NvEr3rZh3PKPhCyh0SaTc9fD1+hr/wqhWFuxb
DB9XYV+WLbJfIbXy4+7nhwKhidNqikCW9btkSv206OocRvX4Ynof2nrO2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfdkbuYt44QNyExAr8FX0+GzGVfMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnTffuBH
LsGHRO4kDelghMUIS+6NdT7U61SfK2kNmD0yHAJeBN9q/wK9Z3YWMNbPTmQuRWkF
mGeuPZTPmleXHRDXZwqIqgXagyzXwrKbTqbni2J9DSHN5iXec6tqWt+qPw5kH4FJ
VZ4/wLdK0/tiacNJtItafsKH0gTWZvl3WLoYF3lVVtZZMRvul0blRJ8EtLOe2wF3
BV57gdIO9PiOS6moOq8rEq53UuKBt4KXmTBJypN2gwavOPEe+79xOzXq9EoJpjwi
0ugyqtLD5m8I8UM1FuG9WKvWgTR0JP7UMM7Iq5swwjImCr7IQcRfVsCiyJ8Drl0u
FquNlJ2/zm+Dhg==
-----END CERTIFICATE-----