Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          T+tkC9haAOIwQ9FY5U4Oa+oX2RAov75BHjdNB3eZ6yY=
Subject key identifier:   BC:01:17:52:A9:65:11:A6:6D:F8:70:C0:6E:45:9C:4D:05:48:75:49
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019771883046F73F93EEEFC53F3922F970D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0C36
Signing time:             Sun 15 Jun 2025 03:00:39 +0000
Manifest this update:     Sun 15 Jun 2025 03:00:39 +0000
Manifest next update:     Mon 16 Jun 2025 03:00:39 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: QPL48EjgjQFhJODaeSDu34eA5Rv3I1uvmxwz3b+SRa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 03:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:88:30:46:f7:3f:93:ee:ef:c5:3f:39:22:f9:70:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Jun 15 03:00:39 2025 GMT
            Not After : Jun 16 03:00:39 2025 GMT
        Subject: CN=bc011752a96511a66df870c06e459c4d05487549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:18:3c:41:7a:30:5c:5c:eb:96:e0:ee:60:0e:
                    4d:b4:1f:73:76:f5:83:89:72:fd:84:61:7c:77:81:
                    98:0a:8c:ea:ea:1e:3c:02:aa:1a:55:c5:61:ec:8e:
                    b5:b5:ff:f0:48:07:e0:9f:b7:c8:69:13:bb:1f:cc:
                    c4:78:8b:b3:50:98:7b:41:64:ec:a0:8d:e5:a4:c7:
                    86:32:bc:ab:32:ea:f0:5c:f5:04:0c:de:ff:1d:61:
                    93:33:63:22:79:2d:d9:48:6a:72:31:6b:26:ad:d9:
                    21:52:ca:fb:02:fb:8c:28:4f:63:db:4a:70:e4:19:
                    79:a6:00:bc:c8:72:67:c3:44:76:b6:31:f8:07:82:
                    71:2c:77:91:00:20:d1:6a:48:57:ab:91:6d:44:db:
                    f7:5b:d7:d4:12:55:b9:2c:4b:09:ac:2c:b4:5b:ef:
                    26:f8:15:f9:fe:25:9d:00:e6:a3:6c:51:88:02:fa:
                    3f:a1:8e:bd:d2:d8:1d:93:15:a8:3d:c1:a7:8a:f9:
                    f5:2f:f9:6a:e9:21:eb:c3:8e:10:ac:40:5e:ad:73:
                    b6:49:eb:d3:a2:50:9d:04:73:14:ad:b7:c9:c4:d4:
                    36:2a:bd:b6:29:87:af:40:95:02:af:02:af:90:0e:
                    36:27:94:c8:26:e0:f2:4b:ec:ee:af:15:f1:60:ca:
                    0e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:01:17:52:A9:65:11:A6:6D:F8:70:C0:6E:45:9C:4D:05:48:75:49
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:94:cf:71:99:4b:4a:8f:7d:ba:30:40:70:51:ed:15:c7:b3:
         7b:10:a8:f3:3c:41:5c:3e:86:7a:b5:a1:5f:0e:6e:c8:1a:fb:
         1b:83:6b:6a:8c:68:a7:49:ba:e0:5c:01:01:01:e1:35:2d:90:
         1c:8d:98:b5:d6:c6:f2:c6:5f:82:35:ca:40:11:ab:32:20:2b:
         a4:1f:bc:9c:3a:5f:50:43:f0:e7:5f:92:17:9c:a0:54:80:8d:
         f0:58:39:a8:55:87:10:4c:57:b7:d9:28:88:4e:b6:c4:dd:7d:
         2e:5e:2b:03:eb:0f:0c:dc:13:fa:7b:d3:a2:1f:17:d2:49:dc:
         08:b8:35:74:48:74:5b:ec:6b:fc:d3:a8:ae:11:a3:9b:d1:18:
         55:48:1b:66:dd:69:fa:76:f1:d3:de:a0:db:40:73:79:4b:aa:
         97:ba:55:a9:b6:29:84:83:34:68:5f:87:fa:37:da:b0:b9:57:
         68:8b:9c:46:a5:10:f3:93:5e:34:3b:e5:e8:f9:8c:a1:f5:7e:
         4d:19:79:ae:80:6a:db:9c:7d:e9:0a:91:13:a0:04:b9:e2:ea:
         57:fb:ee:b3:07:8a:c2:69:ae:aa:62:bf:3c:02:2a:dd:fb:be:
         81:da:ed:10:8d:85:fd:14:8e:c4:87:b4:89:75:e5:a3:2e:f4:
         e9:29:d8:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxiDBG9z+T7u/FPzki+XDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjUwNjE1MDMwMDM5WhcNMjUwNjE2MDMwMDM5WjAzMTEwLwYDVQQD
EyhiYzAxMTc1MmE5NjUxMWE2NmRmODcwYzA2ZTQ1OWM0ZDA1NDg3NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxg8QXowXFzrluDuYA5NtB9zdvWD
iXL9hGF8d4GYCozq6h48AqoaVcVh7I61tf/wSAfgn7fIaRO7H8zEeIuzUJh7QWTs
oI3lpMeGMryrMurwXPUEDN7/HWGTM2MieS3ZSGpyMWsmrdkhUsr7AvuMKE9j20pw
5Bl5pgC8yHJnw0R2tjH4B4JxLHeRACDRakhXq5FtRNv3W9fUElW5LEsJrCy0W+8m
+BX5/iWdAOajbFGIAvo/oY690tgdkxWoPcGnivn1L/lq6SHrw44QrEBerXO2SevT
olCdBHMUrbfJxNQ2Kr22KYevQJUCrwKvkA42J5TIJuDyS+zurxXxYMoOwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwBF1KpZRGmbfhwwG5FnE0FSHVJMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJTPcZlL
So99ujBAcFHtFcezexCo8zxBXD6GerWhXw5uyBr7G4Nraoxop0m64FwBAQHhNS2Q
HI2YtdbG8sZfgjXKQBGrMiArpB+8nDpfUEPw51+SF5ygVICN8Fg5qFWHEExXt9ko
iE62xN19Ll4rA+sPDNwT+nvToh8X0kncCLg1dEh0W+xr/NOorhGjm9EYVUgbZt1p
+nbx096g20BzeUuql7pVqbYphIM0aF+H+jfasLlXaIucRqUQ85NeNDvl6PmMofV+
TRl5roBq25x96QqRE6AEueLqV/vusweKwmmuqmK/PAIq3fu+gdrtEI2F/RSOxIe0
iXXloy706SnYPA==
-----END CERTIFICATE-----