Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          DvLdRzTCMtYLQvx0cymXefBhVNMqavRRe2Q4V3x1EFI=
Subject key identifier:   BC:1A:61:5D:FB:CD:D1:5B:29:C5:01:B7:E2:02:0E:33:0E:1A:0B:99
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       0197684DDC05E1656EBE5FBC2F9C7F7AB5CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          02C9
Signing time:             Fri 13 Jun 2025 08:00:22 +0000
Manifest this update:     Fri 13 Jun 2025 08:00:22 +0000
Manifest next update:     Sat 14 Jun 2025 08:00:22 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: V8+HnPUOIWJEYna9PBvWnD2ZvzSI4TrXwBQlxFlbAXY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 08:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4d:dc:05:e1:65:6e:be:5f:bc:2f:9c:7f:7a:b5:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Jun 13 08:00:22 2025 GMT
            Not After : Jun 14 08:00:22 2025 GMT
        Subject: CN=bc1a615dfbcdd15b29c501b7e2020e330e1a0b99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d5:24:69:9d:a2:69:3f:1e:dc:a3:8d:98:c0:
                    4a:a5:91:f1:be:4a:af:e1:31:1a:f4:17:f3:7d:98:
                    d1:fa:b6:22:1a:57:52:93:4e:5e:27:6a:e0:18:c8:
                    45:81:28:ea:b7:32:2d:4f:75:85:e3:77:ab:79:ba:
                    9a:63:17:b1:11:1c:be:1f:dc:84:4a:d5:ca:16:0d:
                    4b:06:c4:2c:97:95:b5:51:e4:d9:22:20:85:0b:f6:
                    58:43:fe:61:74:98:63:06:0c:09:d4:a2:a0:a2:83:
                    66:d2:5c:fb:ee:3c:bc:23:bb:06:ce:df:84:1f:e4:
                    85:75:f3:96:d4:45:1c:ee:57:39:bb:c9:e0:75:d7:
                    d8:54:61:66:7c:cc:b8:b3:5d:a0:8d:e3:46:e4:04:
                    ee:84:51:e4:07:23:66:0c:29:49:21:34:b3:60:16:
                    33:c9:6d:a7:2d:b0:5c:76:8d:8c:8c:4f:e2:24:43:
                    2f:40:2e:c9:1e:10:a0:51:ea:84:6d:3d:47:33:f0:
                    e6:ff:38:3d:09:a5:fb:f0:04:e7:86:94:27:6a:73:
                    3a:83:cc:61:fd:c2:bd:f4:f1:e1:00:98:a3:5e:f3:
                    ac:38:a5:cd:b1:1b:c3:04:dc:b9:cb:de:b2:ab:da:
                    28:08:18:e9:3e:a9:b9:79:41:a1:de:ff:8f:58:37:
                    f4:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:1A:61:5D:FB:CD:D1:5B:29:C5:01:B7:E2:02:0E:33:0E:1A:0B:99
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:56:b7:1b:7f:3c:32:98:ff:d9:8f:00:20:ba:57:50:b0:ab:
         3e:b8:dc:2e:9a:77:59:a2:55:42:be:36:b1:27:30:61:da:4d:
         4c:d1:bc:82:4d:69:e5:85:0f:17:cc:02:72:df:5e:80:63:10:
         09:99:c0:1b:15:7a:96:f7:db:28:9e:ba:97:6a:01:79:81:73:
         b8:89:5f:53:f1:72:bc:b8:9f:cc:84:9c:ff:b1:5d:7b:65:40:
         a5:f5:99:ab:cc:88:42:46:54:fe:d5:a3:49:7e:a1:75:93:e1:
         d9:a7:7c:89:83:44:51:aa:9e:9f:07:bc:58:02:c2:95:14:6a:
         38:83:84:58:0a:0c:b4:63:ce:64:a0:5e:b2:b3:27:7c:ea:d9:
         7a:b2:26:c2:2a:28:2f:00:89:45:88:ae:24:9c:34:69:29:df:
         c9:bd:de:49:1a:47:a0:25:dc:94:30:23:5f:69:ae:22:8d:17:
         8e:0f:25:1c:58:18:7e:68:ec:95:bb:2e:9d:60:43:2a:f8:50:
         03:8b:19:53:6a:13:01:8f:61:fd:61:28:ba:15:54:ba:83:c5:
         bc:09:11:31:39:15:49:14:1e:74:02:a8:aa:5f:a3:fb:5d:21:
         a0:97:c6:8d:fc:bb:22:9c:70:cd:1e:94:ec:5b:20:27:85:34:
         0f:a9:3c:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoTdwF4WVuvl+8L5x/erXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwNjEzMDgwMDIyWhcNMjUwNjE0MDgwMDIyWjAzMTEwLwYDVQQD
EyhiYzFhNjE1ZGZiY2RkMTViMjljNTAxYjdlMjAyMGUzMzBlMWEwYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytUkaZ2iaT8e3KONmMBKpZHxvkqv
4TEa9BfzfZjR+rYiGldSk05eJ2rgGMhFgSjqtzItT3WF43erebqaYxexERy+H9yE
StXKFg1LBsQsl5W1UeTZIiCFC/ZYQ/5hdJhjBgwJ1KKgooNm0lz77jy8I7sGzt+E
H+SFdfOW1EUc7lc5u8ngddfYVGFmfMy4s12gjeNG5ATuhFHkByNmDClJITSzYBYz
yW2nLbBcdo2MjE/iJEMvQC7JHhCgUeqEbT1HM/Dm/zg9CaX78ATnhpQnanM6g8xh
/cK99PHhAJijXvOsOKXNsRvDBNy5y96yq9ooCBjpPqm5eUGh3v+PWDf0EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwaYV37zdFbKcUBt+ICDjMOGguZMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfla3G388
Mpj/2Y8AILpXULCrPrjcLpp3WaJVQr42sScwYdpNTNG8gk1p5YUPF8wCct9egGMQ
CZnAGxV6lvfbKJ66l2oBeYFzuIlfU/FyvLifzISc/7Fde2VApfWZq8yIQkZU/tWj
SX6hdZPh2ad8iYNEUaqenwe8WALClRRqOIOEWAoMtGPOZKBesrMnfOrZerImwioo
LwCJRYiuJJw0aSnfyb3eSRpHoCXclDAjX2muIo0Xjg8lHFgYfmjslbsunWBDKvhQ
A4sZU2oTAY9h/WEouhVUuoPFvAkRMTkVSRQedAKoql+j+10hoJfGjfy7IpxwzR6U
7FsgJ4U0D6k8tw==
-----END CERTIFICATE-----