Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          i42TSY9ATN50p+ZB14zvjQnud8iEfpCBJNKTOJfEi7g=
Subject key identifier:   6C:24:68:FF:96:7A:E6:09:34:72:70:68:5C:E5:0E:E6:42:D5:29:DD
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       01976C98946E1B3F81ABDA19273AE6F83F03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          121F
Signing time:             Sat 14 Jun 2025 04:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:28 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: gIMVQYLbpPJLJyjctigwMflJUpCGR7gqpJp4IhR5bWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:94:6e:1b:3f:81:ab:da:19:27:3a:e6:f8:3f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Jun 14 04:00:28 2025 GMT
            Not After : Jun 15 04:00:28 2025 GMT
        Subject: CN=6c2468ff967ae609347270685ce50ee642d529dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5f:51:9e:df:9a:93:51:5f:de:08:fe:f6:a8:
                    6f:6b:29:3d:33:c4:b5:97:a7:6f:40:18:8a:b8:cb:
                    4e:d4:ad:dd:b1:05:f4:2e:35:e2:1d:13:88:99:68:
                    cd:20:b6:c8:40:96:4b:50:92:7c:fa:54:83:7b:af:
                    04:e4:51:53:36:66:77:25:fb:d8:37:1e:88:2b:dd:
                    80:21:ca:72:6e:64:42:ae:6c:c6:3b:94:4e:ac:40:
                    b0:80:71:d8:a2:b6:15:52:bc:8b:33:38:54:2b:9b:
                    c6:4e:fd:b0:9c:1a:17:c7:ca:22:e3:b9:aa:d7:7e:
                    43:10:a4:e5:9d:91:36:8b:54:3c:c9:94:53:38:df:
                    2e:dd:08:23:d2:ae:c4:b7:60:fd:d5:bd:a8:14:0b:
                    36:0f:81:68:96:38:5d:fd:8d:ee:1e:55:73:94:93:
                    e9:5f:f8:c1:c8:0d:3a:c9:ee:9c:f0:47:87:cd:b9:
                    42:4c:79:20:a6:d0:b2:2c:09:d3:25:6e:53:9a:6d:
                    a8:33:ad:e5:b4:66:ca:9f:ae:71:f4:8c:16:ac:13:
                    6a:45:ab:12:9c:02:9e:56:95:ba:2e:b0:39:f3:fc:
                    8d:36:00:bc:44:ae:4d:e4:f7:42:c3:f0:33:7c:95:
                    d8:be:b8:a3:84:a7:e5:d7:fc:2f:8e:b7:6a:41:6e:
                    1e:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:24:68:FF:96:7A:E6:09:34:72:70:68:5C:E5:0E:E6:42:D5:29:DD
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:d6:64:38:f5:72:cd:50:f2:4d:bd:cd:69:33:f3:9f:1d:70:
         04:50:df:5d:ca:c4:17:1c:8e:fb:01:7f:76:ee:49:69:94:35:
         6c:c8:0f:a2:79:c0:d2:29:1a:12:8f:8c:fa:f2:e9:7d:89:7d:
         e2:7e:4f:db:da:81:e6:75:2b:0d:c6:94:7d:f3:e7:39:54:42:
         1f:bb:72:ee:e8:a0:72:d9:3b:53:4b:64:9c:87:47:09:54:c7:
         00:f9:48:d4:b0:9a:f8:ea:93:fd:5f:ea:3b:ce:db:ef:22:73:
         c6:4c:f6:35:bc:02:03:19:c7:e1:52:f8:73:2d:17:fd:f9:31:
         a2:bb:66:8b:e2:a6:de:1f:4c:56:7f:21:85:26:5c:37:ce:c3:
         18:d1:5e:eb:e7:46:59:2d:d2:c1:bb:59:9f:14:8b:f1:30:4c:
         80:95:82:74:92:eb:de:0c:fe:31:22:ad:d4:04:bc:ba:a2:23:
         6a:46:23:f5:cd:72:cc:72:39:fc:2b:40:a3:85:68:0e:01:7c:
         ed:c7:10:f1:a6:d1:8e:1f:4a:44:6e:73:84:d5:a7:e9:51:be:
         1b:83:4d:59:5b:fb:ba:f8:08:15:8a:18:02:d0:2f:ce:f1:fd:
         22:21:92:6b:e4:3e:bc:4f:eb:f7:5b:1a:e7:17:28:04:98:12:
         8d:20:81:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmJRuGz+Bq9oZJzrm+D8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjUwNjE0MDQwMDI4WhcNMjUwNjE1MDQwMDI4WjAzMTEwLwYDVQQD
Eyg2YzI0NjhmZjk2N2FlNjA5MzQ3MjcwNjg1Y2U1MGVlNjQyZDUyOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV9Rnt+ak1Ff3gj+9qhvayk9M8S1
l6dvQBiKuMtO1K3dsQX0LjXiHROImWjNILbIQJZLUJJ8+lSDe68E5FFTNmZ3JfvY
Nx6IK92AIcpybmRCrmzGO5ROrECwgHHYorYVUryLMzhUK5vGTv2wnBoXx8oi47mq
135DEKTlnZE2i1Q8yZRTON8u3Qgj0q7Et2D91b2oFAs2D4Foljhd/Y3uHlVzlJPp
X/jByA06ye6c8EeHzblCTHkgptCyLAnTJW5Tmm2oM63ltGbKn65x9IwWrBNqRasS
nAKeVpW6LrA58/yNNgC8RK5N5PdCw/AzfJXYvrijhKfl1/wvjrdqQW4e2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGwkaP+WeuYJNHJwaFzlDuZC1SndMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNZkOPVy
zVDyTb3NaTPznx1wBFDfXcrEFxyO+wF/du5JaZQ1bMgPonnA0ikaEo+M+vLpfYl9
4n5P29qB5nUrDcaUffPnOVRCH7ty7uigctk7U0tknIdHCVTHAPlI1LCa+OqT/V/q
O87b7yJzxkz2NbwCAxnH4VL4cy0X/fkxortmi+Km3h9MVn8hhSZcN87DGNFe6+dG
WS3SwbtZnxSL8TBMgJWCdJLr3gz+MSKt1AS8uqIjakYj9c1yzHI5/CtAo4VoDgF8
7ccQ8abRjh9KRG5zhNWn6VG+G4NNWVv7uvgIFYoYAtAvzvH9IiGSa+Q+vE/r91sa
5xcoBJgSjSCBqg==
-----END CERTIFICATE-----