Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          lJMmv9QfPKJU4QgO6MS9Ho/716Qlj4tppsbdgVKrE4Q=
Subject key identifier:   99:1B:F6:4B:0B:C4:42:69:59:B1:89:87:B6:54:8F:37:8E:AA:1E:C0
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       01976F6322A54DA14E61BFF5771A5AF87308
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0E10
Signing time:             Sat 14 Jun 2025 17:00:57 +0000
Manifest this update:     Sat 14 Jun 2025 17:00:57 +0000
Manifest next update:     Sun 15 Jun 2025 17:00:57 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: 4ZCxfL8fg+dT6LnCdMmKtbUsZpFiFHRXj7agepc4PHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 17:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:63:22:a5:4d:a1:4e:61:bf:f5:77:1a:5a:f8:73:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Jun 14 17:00:57 2025 GMT
            Not After : Jun 15 17:00:57 2025 GMT
        Subject: CN=991bf64b0bc4426959b18987b6548f378eaa1ec0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f4:14:f9:76:66:d2:cd:85:e5:c2:ab:e1:64:
                    95:f1:d7:e8:d7:fa:72:1e:45:fd:d8:65:4a:7f:f4:
                    b5:1f:49:65:b7:07:54:9f:7a:af:34:4b:8e:89:d0:
                    82:15:21:04:4d:1e:a1:44:33:d7:05:83:71:68:c5:
                    d6:87:9e:48:f3:e5:6d:b0:4a:80:c7:91:2f:b0:c7:
                    7f:83:d4:5f:bb:ad:59:af:93:fa:99:3a:d2:1f:7b:
                    d7:47:9f:82:ea:f0:b9:d3:58:67:0f:7c:2f:e5:8e:
                    8f:12:3f:6f:ad:29:9c:64:77:96:29:3a:94:5c:bb:
                    04:9a:6b:6e:bf:66:a7:97:db:8e:07:d5:69:4d:d4:
                    b1:fb:d3:48:33:0b:19:ef:24:8f:c4:3e:ba:58:0d:
                    87:8b:b0:56:1f:c2:9d:01:df:ae:4b:41:c5:46:23:
                    24:e0:6a:c0:ad:da:1f:55:33:30:c1:94:08:e6:4b:
                    37:05:32:7e:79:c4:b0:d5:0a:70:7a:89:a3:7c:a5:
                    2c:ef:c3:58:b9:e7:92:d8:0e:8f:ed:37:90:aa:be:
                    1f:74:2d:89:e8:80:6d:b0:c1:bd:d0:15:01:55:b6:
                    0e:01:5f:22:d3:29:d5:97:0d:80:1f:91:15:0b:27:
                    15:35:44:87:58:68:23:09:16:21:e5:28:0c:50:f4:
                    05:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1B:F6:4B:0B:C4:42:69:59:B1:89:87:B6:54:8F:37:8E:AA:1E:C0
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:aa:b1:76:0f:17:9c:81:84:67:7a:32:ba:dd:b3:aa:44:99:
         a6:14:2f:27:bd:cf:a8:8c:1c:3e:20:89:d5:06:08:33:2d:df:
         54:b8:b9:05:9c:95:e9:3a:3d:50:0e:97:a5:46:0e:86:1b:12:
         f6:64:ae:72:71:88:f8:e6:ad:19:5f:4b:a3:f7:bc:98:db:41:
         25:93:4c:38:8c:1b:65:26:6c:71:2c:ef:2c:8f:76:68:f0:cb:
         6a:9e:fb:dd:8d:89:b7:98:43:4f:ca:c2:fe:4b:1e:65:82:f8:
         d0:3b:9e:1e:e9:ac:69:82:21:0b:5b:7d:f6:4c:06:5e:3f:91:
         c7:7a:a5:00:b4:c8:37:66:79:13:a2:a6:37:cb:07:0e:03:64:
         97:10:05:e2:15:95:36:99:a7:38:bf:8d:58:31:56:80:66:e6:
         86:a7:ef:a7:d4:99:fd:77:41:67:93:cc:60:96:42:7b:31:8f:
         3f:08:d5:35:4e:66:e3:35:29:14:f8:e5:11:fb:95:99:8f:0a:
         b6:87:78:06:e6:d1:c8:cf:5f:a1:13:d3:eb:4f:89:23:ef:4a:
         07:42:16:17:42:6f:c0:46:f4:6c:89:60:37:20:14:df:ce:8f:
         bf:0f:d5:bf:b9:96:6b:a1:2d:b0:d5:df:a1:5b:f8:b7:df:81:
         63:75:72:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvYyKlTaFOYb/1dxpa+HMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUwNjE0MTcwMDU3WhcNMjUwNjE1MTcwMDU3WjAzMTEwLwYDVQQD
Eyg5OTFiZjY0YjBiYzQ0MjY5NTliMTg5ODdiNjU0OGYzNzhlYWExZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvQU+XZm0s2F5cKr4WSV8dfo1/py
HkX92GVKf/S1H0lltwdUn3qvNEuOidCCFSEETR6hRDPXBYNxaMXWh55I8+VtsEqA
x5EvsMd/g9Rfu61Zr5P6mTrSH3vXR5+C6vC501hnD3wv5Y6PEj9vrSmcZHeWKTqU
XLsEmmtuv2anl9uOB9VpTdSx+9NIMwsZ7ySPxD66WA2Hi7BWH8KdAd+uS0HFRiMk
4GrArdofVTMwwZQI5ks3BTJ+ecSw1QpweomjfKUs78NYueeS2A6P7TeQqr4fdC2J
6IBtsMG90BUBVbYOAV8i0ynVlw2AH5EVCycVNUSHWGgjCRYh5SgMUPQFOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkb9ksLxEJpWbGJh7ZUjzeOqh7AMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWaqxdg8X
nIGEZ3oyut2zqkSZphQvJ73PqIwcPiCJ1QYIMy3fVLi5BZyV6To9UA6XpUYOhhsS
9mSucnGI+OatGV9Lo/e8mNtBJZNMOIwbZSZscSzvLI92aPDLap773Y2Jt5hDT8rC
/kseZYL40DueHumsaYIhC1t99kwGXj+Rx3qlALTIN2Z5E6KmN8sHDgNklxAF4hWV
NpmnOL+NWDFWgGbmhqfvp9SZ/XdBZ5PMYJZCezGPPwjVNU5m4zUpFPjlEfuVmY8K
tod4BubRyM9foRPT60+JI+9KB0IWF0JvwEb0bIlgNyAU386Pvw/Vv7mWa6EtsNXf
oVv4t9+BY3VyCQ==
-----END CERTIFICATE-----