Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          BYUj9amQQnM0H6oWw7EG6Lg9my9r//Ni1eJ5nUNe+6Y=
Subject key identifier:   95:83:40:3F:03:24:5C:37:41:C2:54:5C:59:20:FB:95:B3:38:CC:17
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       0197808E4F2C518BAF183A4C5E040DD0D658
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0C38
Signing time:             Wed 18 Jun 2025 01:01:39 +0000
Manifest this update:     Wed 18 Jun 2025 01:01:39 +0000
Manifest next update:     Thu 19 Jun 2025 01:01:39 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: QlnRhn47AYpiOIQre/9Llsl/n/AiHP1QlqhdJ8hHy2M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:80:8e:4f:2c:51:8b:af:18:3a:4c:5e:04:0d:d0:d6:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Jun 18 01:01:39 2025 GMT
            Not After : Jun 19 01:01:39 2025 GMT
        Subject: CN=9583403f03245c3741c2545c5920fb95b338cc17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e4:74:12:96:20:5c:e9:83:a6:01:36:9b:39:
                    de:14:9e:f1:8e:04:9c:5f:e6:bb:09:cb:6d:0c:c5:
                    dc:e2:10:9e:df:86:47:63:a8:96:ee:e9:ce:ee:a4:
                    77:b6:cd:07:b1:ff:cc:2a:24:c7:b2:89:92:e2:9d:
                    3f:a6:2c:ef:fd:06:cd:09:f4:67:af:06:45:5f:f3:
                    15:31:5e:a1:c1:c7:f8:7c:16:39:88:bb:2b:31:18:
                    39:9d:c9:12:10:0b:98:c7:76:4e:a5:37:52:60:6f:
                    b8:f3:8f:68:54:ee:e3:5e:2d:00:cf:50:7f:82:37:
                    a3:3c:38:bf:d5:13:cf:cc:79:5f:15:06:c1:fe:32:
                    99:ba:18:79:fd:5d:80:92:e8:82:88:80:81:5f:d0:
                    03:26:b4:fc:16:87:26:17:c4:86:0f:39:b3:2b:86:
                    b1:17:23:dd:e1:e7:a3:c9:32:ea:c1:fa:c3:69:b3:
                    c6:bb:6c:9a:10:52:e1:c7:6a:e3:50:b8:bc:5a:c7:
                    9b:9f:a8:14:97:6e:e2:c8:b8:e6:e5:9a:3b:08:69:
                    97:b0:fa:11:a5:40:ca:f6:9e:48:fc:48:20:8b:4e:
                    f2:57:28:c0:0d:7c:17:2d:51:eb:da:e8:43:06:ab:
                    bf:a6:33:7a:19:b9:fa:a8:ee:34:74:ec:7e:e9:64:
                    46:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:83:40:3F:03:24:5C:37:41:C2:54:5C:59:20:FB:95:B3:38:CC:17
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:3c:9d:86:0f:b9:a7:07:ba:06:68:34:69:b4:ad:f2:48:b6:
         73:71:d8:db:45:6b:67:6f:6d:82:f9:25:5b:18:be:17:4e:d5:
         d3:7e:46:bc:de:11:d9:6d:78:5d:99:80:a6:a5:39:fb:23:a8:
         57:37:ea:41:b7:b7:b9:1e:e6:77:38:a3:70:5e:63:6c:4c:e8:
         2f:0a:86:00:f6:82:bc:7b:13:00:1b:c4:43:5b:e1:6e:7e:46:
         fd:08:8a:1d:16:06:aa:54:fd:05:6d:95:46:27:e4:2b:65:83:
         c9:1e:c5:06:c6:da:d5:47:09:b4:fb:31:cc:b6:bf:30:5c:07:
         43:0d:24:30:22:2e:35:e0:39:d7:a7:71:2f:dd:85:36:c1:d4:
         ac:42:40:1d:f8:13:9d:5d:66:56:39:cf:9c:da:1d:f5:98:ab:
         2d:52:6a:ba:fc:49:56:05:b9:72:df:cc:1f:b0:c4:6b:ed:2b:
         e1:ce:00:a7:7d:7f:8e:93:35:23:bd:1f:e8:45:4c:29:25:fe:
         33:44:c3:50:2c:a0:5f:48:18:94:c2:c6:b9:9a:a8:44:58:e6:
         5e:c7:1a:c3:82:71:a0:28:bf:96:4d:05:86:ad:a9:5b:f2:3d:
         40:cc:ec:29:78:fc:d1:d7:d1:a7:a7:04:d1:cc:fa:a4:4a:71:
         7e:c8:9b:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeAjk8sUYuvGDpMXgQN0NZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjUwNjE4MDEwMTM5WhcNMjUwNjE5MDEwMTM5WjAzMTEwLwYDVQQD
Eyg5NTgzNDAzZjAzMjQ1YzM3NDFjMjU0NWM1OTIwZmI5NWIzMzhjYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+R0EpYgXOmDpgE2mzneFJ7xjgSc
X+a7CcttDMXc4hCe34ZHY6iW7unO7qR3ts0Hsf/MKiTHsomS4p0/pizv/QbNCfRn
rwZFX/MVMV6hwcf4fBY5iLsrMRg5nckSEAuYx3ZOpTdSYG+4849oVO7jXi0Az1B/
gjejPDi/1RPPzHlfFQbB/jKZuhh5/V2AkuiCiICBX9ADJrT8FocmF8SGDzmzK4ax
FyPd4eejyTLqwfrDabPGu2yaEFLhx2rjULi8Wsebn6gUl27iyLjm5Zo7CGmXsPoR
pUDK9p5I/Eggi07yVyjADXwXLVHr2uhDBqu/pjN6Gbn6qO40dOx+6WRGMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWDQD8DJFw3QcJUXFkg+5WzOMwXMB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzydhg+5
pwe6Bmg0abSt8ki2c3HY20VrZ29tgvklWxi+F07V035GvN4R2W14XZmApqU5+yOo
VzfqQbe3uR7mdzijcF5jbEzoLwqGAPaCvHsTABvEQ1vhbn5G/QiKHRYGqlT9BW2V
RifkK2WDyR7FBsba1UcJtPsxzLa/MFwHQw0kMCIuNeA516dxL92FNsHUrEJAHfgT
nV1mVjnPnNod9ZirLVJquvxJVgW5ct/MH7DEa+0r4c4Ap31/jpM1I70f6EVMKSX+
M0TDUCygX0gYlMLGuZqoRFjmXscaw4JxoCi/lk0Fhq2pW/I9QMzsKXj80dfRp6cE
0cz6pEpxfsibQg==
-----END CERTIFICATE-----