Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          7Z5UiBoTar79+Quz7FeOCj4Vxuais9Aj3LaUGSogiQ0=
Subject key identifier:   15:EA:EA:E8:25:FA:D5:8F:14:55:1E:B5:C7:E1:B6:9D:19:D8:7B:B5
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       01976F2C315876FD5B54C60F69104EFE3DA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0C28
Signing time:             Sat 14 Jun 2025 16:00:56 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:56 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:56 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: ZGzvqL9lbZXd/cBmiZ2mjDtQbsHpb+rOIQ6LEB3wHzg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:31:58:76:fd:5b:54:c6:0f:69:10:4e:fe:3d:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Jun 14 16:00:56 2025 GMT
            Not After : Jun 15 16:00:56 2025 GMT
        Subject: CN=15eaeae825fad58f14551eb5c7e1b69d19d87bb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d3:db:91:d0:ec:2a:7b:4a:a7:e7:8e:f1:ec:
                    86:cf:9f:64:75:0b:b8:cc:95:ce:52:bf:a8:18:92:
                    68:a0:2e:24:0c:23:5c:96:4d:6f:e8:32:a3:a6:36:
                    42:8e:aa:69:6d:70:e7:c3:66:2e:78:ec:28:cc:3b:
                    a3:db:40:ee:85:3a:d4:7b:30:05:f9:06:9d:7c:ba:
                    91:84:3f:4d:12:f9:d1:36:21:4d:52:e2:df:38:d2:
                    3f:34:1d:eb:51:fe:06:d9:bb:6e:3b:3e:72:ed:08:
                    f7:2b:23:81:f0:dd:87:3f:39:11:a0:65:54:63:c0:
                    92:95:42:f5:21:16:0b:93:fa:79:45:3f:e9:2f:69:
                    a6:91:a2:c4:84:30:71:c7:cf:16:e6:7b:e2:34:9f:
                    05:41:1a:50:e9:3e:36:91:12:40:af:d4:3b:20:23:
                    20:6c:60:a0:0f:4c:df:0a:d9:35:46:e4:fb:db:ac:
                    84:e0:7c:33:73:7f:c3:1a:a0:42:fb:22:34:09:72:
                    de:41:d8:74:6c:af:39:03:34:44:8b:38:1f:4d:06:
                    6b:85:72:22:b1:77:10:97:15:01:18:3f:73:05:8a:
                    e7:ea:b3:24:9f:71:9b:e1:39:fc:a2:ac:42:bc:e6:
                    bc:8f:57:4b:12:47:ee:7c:da:8a:d0:20:71:89:d8:
                    1b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:EA:EA:E8:25:FA:D5:8F:14:55:1E:B5:C7:E1:B6:9D:19:D8:7B:B5
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:fe:11:c4:f2:de:7b:9d:20:5a:a1:1c:c4:7f:03:6a:f4:56:
         f9:43:a0:0f:3d:c2:d0:b6:33:06:9b:3a:d4:a6:61:af:07:22:
         38:9b:3d:94:54:a5:91:54:0c:c8:0e:f2:27:6c:31:21:79:66:
         0a:ee:bb:b0:a5:b6:48:fc:b4:80:ac:9b:23:16:fa:bc:33:94:
         99:10:1a:66:56:03:b4:70:e4:68:6d:c9:49:93:a0:18:41:38:
         5d:7d:b9:2e:13:24:ba:6a:bf:25:95:c3:d6:06:24:75:da:da:
         0d:d3:c0:92:22:ba:5c:2b:57:7c:3f:de:3b:39:10:ec:db:49:
         59:12:3f:2a:3a:62:d0:11:89:94:cc:b1:5e:10:c9:15:bd:5b:
         46:6a:1c:fa:a8:4b:fb:ee:5d:66:84:6b:68:85:91:f7:46:36:
         0e:d3:f8:43:47:9a:6a:0a:fd:b4:54:57:69:a6:e6:c0:f9:0a:
         6e:86:3f:db:f4:26:70:48:62:a0:a9:ce:23:0f:56:73:36:83:
         3c:81:02:6d:c1:8b:74:fe:6b:9f:40:69:44:52:39:a4:86:67:
         70:0a:30:af:6e:cf:5e:b7:8f:dd:fa:e1:06:3f:ae:9b:1c:3f:
         f8:01:65:14:cd:ef:72:2c:9c:3d:3c:ad:f5:28:ed:cc:45:18:
         8e:4b:29:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLDFYdv1bVMYPaRBO/j2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjUwNjE0MTYwMDU2WhcNMjUwNjE1MTYwMDU2WjAzMTEwLwYDVQQD
EygxNWVhZWFlODI1ZmFkNThmMTQ1NTFlYjVjN2UxYjY5ZDE5ZDg3YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tPbkdDsKntKp+eO8eyGz59kdQu4
zJXOUr+oGJJooC4kDCNclk1v6DKjpjZCjqppbXDnw2YueOwozDuj20DuhTrUezAF
+QadfLqRhD9NEvnRNiFNUuLfONI/NB3rUf4G2btuOz5y7Qj3KyOB8N2HPzkRoGVU
Y8CSlUL1IRYLk/p5RT/pL2mmkaLEhDBxx88W5nviNJ8FQRpQ6T42kRJAr9Q7ICMg
bGCgD0zfCtk1RuT726yE4Hwzc3/DGqBC+yI0CXLeQdh0bK85AzREizgfTQZrhXIi
sXcQlxUBGD9zBYrn6rMkn3Gb4Tn8oqxCvOa8j1dLEkfufNqK0CBxidgbMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXq6ugl+tWPFFUetcfhtp0Z2Hu1MB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtf4RxPLe
e50gWqEcxH8DavRW+UOgDz3C0LYzBps61KZhrwciOJs9lFSlkVQMyA7yJ2wxIXlm
Cu67sKW2SPy0gKybIxb6vDOUmRAaZlYDtHDkaG3JSZOgGEE4XX25LhMkumq/JZXD
1gYkddraDdPAkiK6XCtXfD/eOzkQ7NtJWRI/Kjpi0BGJlMyxXhDJFb1bRmoc+qhL
++5dZoRraIWR90Y2DtP4Q0eaagr9tFRXaabmwPkKboY/2/QmcEhioKnOIw9WczaD
PIECbcGLdP5rn0BpRFI5pIZncAowr27PXreP3frhBj+umxw/+AFlFM3vciycPTyt
9SjtzEUYjkspHQ==
-----END CERTIFICATE-----