Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          wV3zNZ0JjNXPoYkLfRhBJlezE0kK2VZARnXgJ1MpZoA=
Subject key identifier:   04:41:1F:F8:96:35:D5:0B:67:2F:2C:30:4D:BB:03:34:C3:9C:E7:75
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       01977B305883CC1E9471F88BC226B8A42E78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          0140
Signing time:             Tue 17 Jun 2025 00:00:55 +0000
Manifest this update:     Tue 17 Jun 2025 00:00:55 +0000
Manifest next update:     Wed 18 Jun 2025 00:00:55 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: vPbRaDZCqKd89I4ob93D9DoMAbjofQ63TiI+g8rsvMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 21:51:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7b:30:58:83:cc:1e:94:71:f8:8b:c2:26:b8:a4:2e:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Jun 17 00:00:55 2025 GMT
            Not After : Jun 18 00:00:55 2025 GMT
        Subject: CN=04411ff89635d50b672f2c304dbb0334c39ce775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:88:25:ab:8b:e4:ea:95:90:49:7a:09:90:93:
                    5f:14:a4:8e:4b:27:54:d4:7c:7f:19:c1:d6:e1:ce:
                    ca:fd:6a:49:cb:b3:9b:72:23:9c:85:55:a5:37:52:
                    65:24:22:38:18:3d:d9:c4:be:81:cf:df:d3:f4:6b:
                    7d:ae:14:21:e7:66:ad:45:9f:0a:8f:1f:7d:71:fb:
                    70:21:6b:47:7d:ed:43:f4:c1:4e:32:f8:15:6a:a5:
                    4d:3a:1c:d0:92:29:ef:8e:d4:10:04:13:67:db:89:
                    d9:de:d7:8b:78:30:0f:00:06:1f:56:39:24:71:97:
                    54:fa:b0:08:ab:91:1e:8b:98:82:95:89:68:1b:7d:
                    08:18:b2:89:0e:11:17:c2:a3:ca:2d:48:8d:84:ff:
                    2d:77:71:ea:7a:85:8a:69:25:63:8b:4f:95:fd:fc:
                    7a:96:6d:61:d2:9b:04:90:67:2c:4a:10:63:af:78:
                    42:ae:97:bc:4e:f6:a6:04:4f:65:2c:ab:3f:03:d9:
                    c4:02:7b:a2:d6:f4:8c:17:b5:40:01:18:6a:92:6f:
                    7f:2e:24:62:71:f6:af:b1:e4:e7:ea:8d:13:39:1d:
                    c5:99:e0:5b:33:f6:f3:6c:22:c0:4a:60:91:2f:8d:
                    27:ff:18:a3:b0:b0:89:cf:85:16:02:71:14:db:44:
                    fe:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:41:1F:F8:96:35:D5:0B:67:2F:2C:30:4D:BB:03:34:C3:9C:E7:75
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:29:5a:1d:88:98:fc:e2:f1:f3:4a:6e:26:8a:f5:03:32:6e:
         6a:cd:d4:4f:70:a7:18:26:d4:ba:e2:7f:c9:94:5f:3d:7f:e2:
         a5:d3:95:6a:a4:62:a1:21:0c:ae:ea:49:0d:fa:6f:a1:4d:38:
         37:e5:40:85:50:29:ce:c2:ee:2b:64:7a:27:ff:06:a2:0f:1a:
         91:2b:07:88:20:eb:de:ab:a8:0d:f2:bb:12:ed:91:b5:07:ea:
         2f:ac:56:41:fc:c2:a3:89:f8:c4:59:b0:c0:f8:5f:a2:db:c8:
         13:e1:e3:4b:00:f2:dc:65:36:25:13:69:a7:ff:59:dc:af:29:
         8f:ae:37:6d:70:64:f9:69:fe:65:38:90:df:f2:34:bd:f2:ff:
         69:91:ac:f1:64:fb:6c:26:35:e4:1b:3a:fe:73:8e:60:59:75:
         33:a4:e9:13:91:79:bf:b9:bc:6b:54:94:47:0d:e5:30:63:73:
         af:30:bb:ba:df:80:34:4e:7a:16:6e:7a:5c:0a:4e:28:d9:82:
         96:f3:a3:83:64:f0:90:3e:d3:bb:29:64:62:88:3c:e7:36:93:
         e1:be:fd:d8:bb:12:26:8c:61:c9:4b:17:22:4e:32:cc:48:63:
         2c:0f:fe:f4:19:85:32:87:50:1e:56:ad:77:57:ce:cf:94:5f:
         05:9b:fb:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd7MFiDzB6UcfiLwia4pC54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwNjE3MDAwMDU1WhcNMjUwNjE4MDAwMDU1WjAzMTEwLwYDVQQD
EygwNDQxMWZmODk2MzVkNTBiNjcyZjJjMzA0ZGJiMDMzNGMzOWNlNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYglq4vk6pWQSXoJkJNfFKSOSydU
1Hx/GcHW4c7K/WpJy7ObciOchVWlN1JlJCI4GD3ZxL6Bz9/T9Gt9rhQh52atRZ8K
jx99cftwIWtHfe1D9MFOMvgVaqVNOhzQkinvjtQQBBNn24nZ3teLeDAPAAYfVjkk
cZdU+rAIq5Eei5iClYloG30IGLKJDhEXwqPKLUiNhP8td3HqeoWKaSVji0+V/fx6
lm1h0psEkGcsShBjr3hCrpe8TvamBE9lLKs/A9nEAnui1vSMF7VAARhqkm9/LiRi
cfavseTn6o0TOR3FmeBbM/bzbCLASmCRL40n/xijsLCJz4UWAnEU20T+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARBH/iWNdULZy8sME27AzTDnOd1MB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSlaHYiY
/OLx80puJor1AzJuas3UT3CnGCbUuuJ/yZRfPX/ipdOVaqRioSEMrupJDfpvoU04
N+VAhVApzsLuK2R6J/8Gog8akSsHiCDr3quoDfK7Eu2RtQfqL6xWQfzCo4n4xFmw
wPhfotvIE+HjSwDy3GU2JRNpp/9Z3K8pj643bXBk+Wn+ZTiQ3/I0vfL/aZGs8WT7
bCY15Bs6/nOOYFl1M6TpE5F5v7m8a1SURw3lMGNzrzC7ut+ANE56Fm56XApOKNmC
lvOjg2TwkD7TuylkYog85zaT4b792LsSJoxhyUsXIk4yzEhjLA/+9BmFModQHlat
d1fOz5RfBZv7Qg==
-----END CERTIFICATE-----