Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          xfqV1wera3TLesGaoWouvq75Wiu0yXszzBnArf24mvI=
Subject key identifier:   68:84:23:CE:48:94:91:A7:9D:1C:40:79:BB:79:24:F0:D4:02:2F:63
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       01976F2C3F712BAD8F2B09EC10D6EAA14F64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          0645
Signing time:             Sat 14 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:59 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: XImQ5PpFt0j7VgQGcipTXbma0Wlk1VwDUXtcei53VM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:3f:71:2b:ad:8f:2b:09:ec:10:d6:ea:a1:4f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Jun 14 16:00:59 2025 GMT
            Not After : Jun 15 16:00:59 2025 GMT
        Subject: CN=688423ce489491a79d1c4079bb7924f0d4022f63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9d:db:40:47:10:e2:01:1b:ad:65:9b:89:a1:
                    d4:fd:70:7c:09:fb:63:eb:84:c0:1d:75:e1:53:88:
                    41:c5:43:cf:ff:e1:b2:db:bf:c0:f6:71:04:32:c3:
                    e1:af:7b:d8:5e:6d:ef:3e:02:2b:2f:e7:14:44:83:
                    9e:7f:fa:df:5d:32:6d:68:82:29:0c:bd:91:a5:97:
                    7d:36:e9:11:4a:43:91:5e:02:94:10:cd:ff:93:0d:
                    26:80:24:aa:b3:03:74:cc:1b:8b:e6:c5:7c:4b:aa:
                    e3:50:0d:1c:62:4b:27:91:38:38:5b:b0:a1:8e:5f:
                    d9:a2:8e:4a:69:86:64:ec:41:e5:1c:0c:e2:4d:f1:
                    22:1e:2f:3b:ca:4a:91:2a:3d:6d:46:c7:0c:74:9d:
                    dd:8e:7c:94:d8:96:32:90:95:62:8a:1b:78:ec:2e:
                    ca:60:8d:fd:cd:cd:d7:83:28:d2:54:ea:9c:83:c9:
                    e6:c5:ec:e4:3c:b7:a8:af:29:cc:90:4c:ad:3a:a1:
                    7b:5f:e1:17:32:2d:42:6a:bf:aa:54:9b:fc:8d:85:
                    59:3c:c1:1b:c6:68:9b:7a:fc:54:20:93:4f:e6:4a:
                    7a:17:52:40:aa:d0:05:99:04:1f:92:10:63:61:bf:
                    b3:c5:9b:5c:08:72:f9:b6:62:3f:5a:21:cc:89:08:
                    44:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:84:23:CE:48:94:91:A7:9D:1C:40:79:BB:79:24:F0:D4:02:2F:63
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:df:23:3c:4c:9f:b9:61:e0:eb:ce:9b:7e:df:14:d2:55:c0:
         ad:85:8f:94:8a:1c:b3:b3:6e:0b:d4:3e:d6:dd:eb:f4:03:88:
         18:99:e6:63:67:73:af:71:10:ac:ff:5a:d0:6f:30:dd:c6:4d:
         3c:a7:c3:f1:e3:da:5e:a0:45:27:53:76:c2:3b:2d:8a:48:b9:
         0e:e9:6d:6e:fc:c9:fb:ab:f1:ab:53:76:78:35:2d:96:71:2b:
         0b:2f:81:89:cb:1b:6c:b5:db:c1:6b:e0:e9:a5:a3:f5:bb:2f:
         cb:36:92:ee:a4:1c:e0:bc:9b:30:67:dd:d1:c1:e5:9c:60:56:
         e0:f8:ba:87:20:7e:16:ae:38:58:2e:87:11:cd:71:91:ff:25:
         60:0e:a3:c4:09:cc:4a:50:a8:41:86:d0:9c:fe:b2:65:10:7f:
         23:95:0d:45:55:4f:70:54:6a:c6:97:69:14:dc:65:b3:60:d7:
         51:68:18:5d:33:20:ac:06:5d:bb:28:f8:d5:74:f6:c3:17:e0:
         04:44:a8:65:f4:bd:ac:fc:3b:c7:66:fc:71:e0:de:31:b6:5b:
         95:a5:32:5c:4d:bd:2d:a9:e8:e1:dc:c6:18:a5:d9:3c:ca:99:
         cd:13:9d:cc:01:9b:15:35:43:5a:63:c0:57:48:1d:9d:f2:db:
         82:b8:92:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLD9xK62PKwnsENbqoU9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjUwNjE0MTYwMDU5WhcNMjUwNjE1MTYwMDU5WjAzMTEwLwYDVQQD
Eyg2ODg0MjNjZTQ4OTQ5MWE3OWQxYzQwNzliYjc5MjRmMGQ0MDIyZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ3bQEcQ4gEbrWWbiaHU/XB8Cftj
64TAHXXhU4hBxUPP/+Gy27/A9nEEMsPhr3vYXm3vPgIrL+cURIOef/rfXTJtaIIp
DL2RpZd9NukRSkORXgKUEM3/kw0mgCSqswN0zBuL5sV8S6rjUA0cYksnkTg4W7Ch
jl/Zoo5KaYZk7EHlHAziTfEiHi87ykqRKj1tRscMdJ3djnyU2JYykJViiht47C7K
YI39zc3XgyjSVOqcg8nmxezkPLeorynMkEytOqF7X+EXMi1Car+qVJv8jYVZPMEb
xmibevxUIJNP5kp6F1JAqtAFmQQfkhBjYb+zxZtcCHL5tmI/WiHMiQhEEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiEI85IlJGnnRxAebt5JPDUAi9jMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm98jPEyf
uWHg686bft8U0lXArYWPlIocs7NuC9Q+1t3r9AOIGJnmY2dzr3EQrP9a0G8w3cZN
PKfD8ePaXqBFJ1N2wjstiki5DultbvzJ+6vxq1N2eDUtlnErCy+BicsbbLXbwWvg
6aWj9bsvyzaS7qQc4LybMGfd0cHlnGBW4Pi6hyB+Fq44WC6HEc1xkf8lYA6jxAnM
SlCoQYbQnP6yZRB/I5UNRVVPcFRqxpdpFNxls2DXUWgYXTMgrAZduyj41XT2wxfg
BESoZfS9rPw7x2b8ceDeMbZblaUyXE29Lano4dzGGKXZPMqZzROdzAGbFTVDWmPA
V0gdnfLbgriSGA==
-----END CERTIFICATE-----