Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
File:                     u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json)
Hash identifier:          +RNLmLv49VeipFaWTZovSbTQ8eNorBjAw1b08VJsVCE=
Subject key identifier:   9D:C9:4C:B3:29:69:60:37:60:6E:BE:81:1B:69:5E:F8:CB:CE:B9:AF
Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE
Certificate issuer:       /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
Certificate serial:       01976D3E36BCFC2B360949D45E23948EACAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
Manifest number:          0FCF
Signing time:             Sat 14 Jun 2025 07:01:23 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:23 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:23 +0000
Files and hashes:         1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: 8lrv0yChhMhbR3CagJ8lEJ3whGAgmRQTWyTaQOAE45o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:36:bc:fc:2b:36:09:49:d4:5e:23:94:8e:ac:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
        Validity
            Not Before: Jun 14 07:01:23 2025 GMT
            Not After : Jun 15 07:01:23 2025 GMT
        Subject: CN=9dc94cb329696037606ebe811b695ef8cbceb9af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4c:f5:76:42:c3:c1:63:b1:5b:9f:81:fc:39:
                    ce:b7:a9:ad:77:a1:50:51:80:4b:29:66:c5:a4:77:
                    a7:9c:a9:e0:b2:2b:1f:26:3e:66:4d:3c:27:d5:9c:
                    31:f3:1e:14:31:6d:d5:1c:29:51:c7:18:1c:0f:41:
                    b3:e0:e4:5f:3f:ca:c5:ff:5e:49:ae:dd:ef:21:a0:
                    60:c2:b7:2b:0a:c3:e7:ab:3f:08:f8:42:0b:e6:f5:
                    83:fa:67:62:d5:1b:d5:62:cf:fc:03:17:9f:d1:0e:
                    0a:82:3a:e7:bd:d5:dc:42:c0:6a:3e:18:0f:b8:30:
                    d7:4d:9b:3a:15:26:97:f1:64:25:8c:85:c3:8a:91:
                    32:2f:0c:b8:df:41:b1:1c:d3:46:53:7b:84:bb:d7:
                    4a:c0:19:83:1d:01:5e:93:3c:aa:31:55:cb:f3:58:
                    76:ed:f1:87:64:69:57:03:2e:db:93:e5:bd:a9:16:
                    89:d2:32:9b:52:ae:27:b3:8c:1a:da:e8:2c:9b:73:
                    98:00:9e:1a:94:35:03:5f:81:df:55:99:0e:a5:76:
                    3f:d4:3b:67:d5:66:cf:9c:d0:e5:73:4d:e2:90:a2:
                    e6:d5:32:4a:76:66:bc:5d:10:f3:92:ec:e2:60:73:
                    b3:4a:ea:7f:d4:be:3a:4a:3e:e4:a9:75:9e:27:4d:
                    0e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:C9:4C:B3:29:69:60:37:60:6E:BE:81:1B:69:5E:F8:CB:CE:B9:AF
            X509v3 Authority Key Identifier:
                keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:3b:26:04:16:09:e8:76:6b:ba:fe:8e:e3:aa:6e:a4:cc:e3:
         85:49:79:f2:fa:95:0c:27:0f:ec:16:28:82:41:e9:c9:74:5a:
         9b:75:27:a6:e6:cf:c8:0f:2c:4e:ac:6f:bc:76:b8:f4:c0:be:
         38:3a:b6:10:94:73:6a:8e:28:13:36:49:f6:1f:83:5e:d8:ed:
         c2:7d:e3:e0:37:22:cd:99:1f:1d:55:4f:a6:08:6f:ba:5d:a5:
         7a:f2:e8:c6:db:e4:22:21:09:f7:69:3b:48:8b:77:5c:e0:7c:
         e7:32:75:41:a1:3b:b3:1c:b2:95:28:56:fc:02:03:3e:b4:12:
         f3:78:86:32:e1:04:56:33:de:1e:76:0a:55:05:8a:95:9a:55:
         cf:f5:2c:bd:fd:47:f0:0b:86:79:16:fa:fc:d0:72:fd:d5:5e:
         9a:38:f2:ee:82:37:18:13:8f:a0:09:7b:0b:51:d4:f6:82:94:
         b5:fe:0b:ee:9b:12:92:e0:22:ce:82:01:89:ad:ee:50:e8:d4:
         d0:ed:b8:0d:60:12:68:72:d2:01:59:71:d9:a3:1e:6d:57:fc:
         25:e0:d0:ef:2e:fd:e2:25:40:62:37:2e:26:4d:36:e8:97:9e:
         14:48:09:81:51:8d:8f:eb:99:ef:bf:89:9d:80:4c:83:b1:5f:
         90:db:1f:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPja8/Cs2CUnUXiOUjqyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy
ZDlmYWUwHhcNMjUwNjE0MDcwMTIzWhcNMjUwNjE1MDcwMTIzWjAzMTEwLwYDVQQD
Eyg5ZGM5NGNiMzI5Njk2MDM3NjA2ZWJlODExYjY5NWVmOGNiY2ViOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokz1dkLDwWOxW5+B/DnOt6mtd6FQ
UYBLKWbFpHennKngsisfJj5mTTwn1Zwx8x4UMW3VHClRxxgcD0Gz4ORfP8rF/15J
rt3vIaBgwrcrCsPnqz8I+EIL5vWD+mdi1RvVYs/8Axef0Q4KgjrnvdXcQsBqPhgP
uDDXTZs6FSaX8WQljIXDipEyLwy430GxHNNGU3uEu9dKwBmDHQFekzyqMVXL81h2
7fGHZGlXAy7bk+W9qRaJ0jKbUq4ns4wa2ugsm3OYAJ4alDUDX4HfVZkOpXY/1Dtn
1WbPnNDlc03ikKLm1TJKdma8XRDzkuziYHOzSup/1L46Sj7kqXWeJ00OgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3JTLMpaWA3YG6+gRtpXvjLzrmvMB8GA1UdIwQY
MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct
NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3
LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTsmBBYJ
6HZruv6O46pupMzjhUl58vqVDCcP7BYogkHpyXRam3UnpubPyA8sTqxvvHa49MC+
ODq2EJRzao4oEzZJ9h+DXtjtwn3j4DcizZkfHVVPpghvul2levLoxtvkIiEJ92k7
SIt3XOB85zJ1QaE7sxyylShW/AIDPrQS83iGMuEEVjPeHnYKVQWKlZpVz/Usvf1H
8AuGeRb6/NBy/dVemjjy7oI3GBOPoAl7C1HU9oKUtf4L7psSkuAizoIBia3uUOjU
0O24DWASaHLSAVlx2aMebVf8JeDQ7y794iVAYjcuJk026JeeFEgJgVGNj+uZ77+J
nYBMg7FfkNsfDQ==
-----END CERTIFICATE-----