Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          pG5SrBN1lZToNcRtSOPuNMjwKgQu7z4N6+rSvJV+rhA=
Subject key identifier:   E5:57:E9:11:B4:64:4B:D0:32:02:F7:B7:4F:05:21:B6:AE:14:01:83
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       01977007928BD6DFE97CEED4EB8D3DDD6C64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          02A8
Signing time:             Sat 14 Jun 2025 20:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:33 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: 1PXX2z/w/dRu1dB+fj6mWHj37HUCvOZOO7Iz8j//gDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:92:8b:d6:df:e9:7c:ee:d4:eb:8d:3d:dd:6c:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Jun 14 20:00:33 2025 GMT
            Not After : Jun 15 20:00:33 2025 GMT
        Subject: CN=e557e911b4644bd03202f7b74f0521b6ae140183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:fc:45:ae:7d:ce:c8:1b:e7:e8:ab:ba:e7:99:
                    28:b6:98:ed:73:8b:3e:9a:74:1c:b6:24:b6:e6:7f:
                    87:de:bd:0f:76:04:da:37:4e:f0:24:6c:2c:4a:62:
                    1a:c2:03:10:56:cc:f8:bd:35:c1:ad:31:99:8d:ed:
                    45:91:56:c6:0f:71:14:43:c8:b9:2f:a6:13:35:f3:
                    d4:3f:88:4d:49:b2:09:be:46:3a:43:cf:a0:00:7d:
                    f3:70:75:45:4f:4e:16:e3:91:1f:80:b5:65:43:53:
                    ed:5c:5a:4a:38:b8:19:7d:e4:ee:9b:43:f9:15:ea:
                    db:de:95:d2:06:92:b5:cb:29:c5:7c:db:e4:a3:52:
                    97:2d:61:45:14:1e:51:40:e4:c4:de:d2:45:b3:6c:
                    84:96:02:64:35:27:4f:8f:2c:b9:9a:20:13:ae:fd:
                    2b:11:6f:2c:2b:bd:a2:c8:ae:6a:58:d0:0a:f5:93:
                    84:e1:6c:b0:a6:49:40:d2:49:37:81:35:56:55:6e:
                    22:49:16:ef:50:86:8c:db:3d:83:a5:84:3e:8a:ba:
                    3e:5d:0a:3c:ca:41:7e:31:b3:27:ef:3b:a9:0a:18:
                    95:88:53:d2:7a:12:89:0d:ec:ed:e8:fe:3e:6e:1a:
                    26:ff:a3:d3:70:30:b6:51:20:0d:13:e0:43:97:d2:
                    6d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:57:E9:11:B4:64:4B:D0:32:02:F7:B7:4F:05:21:B6:AE:14:01:83
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f2:ae:0f:ca:3a:d2:d9:ad:6c:ef:ac:45:08:ea:4d:40:ec:
         3e:79:ff:bc:8d:c4:95:7e:88:4b:c2:f9:dd:00:2b:15:4f:8b:
         03:e2:46:df:b8:3e:35:55:be:9e:f2:d5:2a:fe:0a:a8:3e:95:
         2d:72:fc:17:3a:eb:0c:77:87:47:fe:27:41:3a:ac:ab:37:e3:
         97:86:ac:eb:cd:d8:37:11:3b:b4:b3:68:a2:ef:86:d6:bc:9c:
         c1:bc:3f:f9:f3:50:55:00:e3:be:84:6a:ec:1e:eb:08:0a:35:
         34:48:de:0b:0e:16:d4:6c:bd:7b:82:7c:5b:f5:29:02:e0:d9:
         9c:2d:63:a0:42:8d:c0:05:bf:09:01:4d:f0:1d:42:38:76:9d:
         b6:da:c6:10:66:90:1e:d2:ac:40:38:e4:ce:bb:6d:e1:22:a4:
         91:b8:a5:2b:c6:4b:81:92:a7:bd:8f:23:c4:6b:e1:19:b6:ef:
         f1:03:ba:74:46:05:1e:a0:f4:50:85:65:3a:33:9a:6f:d3:e9:
         28:5a:2e:38:f5:d3:5e:ba:11:4b:2d:5f:af:6e:0b:d1:2b:e2:
         46:2e:14:0b:12:88:85:38:3e:54:f3:a2:3b:eb:b7:47:9d:b6:
         bd:39:e2:88:92:23:9e:44:1a:76:c0:8e:87:bd:15:a5:a7:86:
         5c:5b:ca:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB5KL1t/pfO7U64093WxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNjE0MjAwMDMzWhcNMjUwNjE1MjAwMDMzWjAzMTEwLwYDVQQD
EyhlNTU3ZTkxMWI0NjQ0YmQwMzIwMmY3Yjc0ZjA1MjFiNmFlMTQwMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vxFrn3OyBvn6Ku655kotpjtc4s+
mnQctiS25n+H3r0PdgTaN07wJGwsSmIawgMQVsz4vTXBrTGZje1FkVbGD3EUQ8i5
L6YTNfPUP4hNSbIJvkY6Q8+gAH3zcHVFT04W45EfgLVlQ1PtXFpKOLgZfeTum0P5
Ferb3pXSBpK1yynFfNvko1KXLWFFFB5RQOTE3tJFs2yElgJkNSdPjyy5miATrv0r
EW8sK72iyK5qWNAK9ZOE4WywpklA0kk3gTVWVW4iSRbvUIaM2z2DpYQ+iro+XQo8
ykF+MbMn7zupChiViFPSehKJDezt6P4+bhom/6PTcDC2USANE+BDl9JthQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVX6RG0ZEvQMgL3t08FIbauFAGDMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPKuD8o6
0tmtbO+sRQjqTUDsPnn/vI3ElX6IS8L53QArFU+LA+JG37g+NVW+nvLVKv4KqD6V
LXL8FzrrDHeHR/4nQTqsqzfjl4as683YNxE7tLNoou+G1rycwbw/+fNQVQDjvoRq
7B7rCAo1NEjeCw4W1Gy9e4J8W/UpAuDZnC1joEKNwAW/CQFN8B1COHadttrGEGaQ
HtKsQDjkzrtt4SKkkbilK8ZLgZKnvY8jxGvhGbbv8QO6dEYFHqD0UIVlOjOab9Pp
KFouOPXTXroRSy1fr24L0SviRi4UCxKIhTg+VPOiO+u3R522vTniiJIjnkQadsCO
h70VpaeGXFvKUg==
-----END CERTIFICATE-----