Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
File:                     tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft (raw, json)
Hash identifier:          VlDDQpAbxLZyeJj44eX0GzUKPCA+Q4TImYVec3d54Zc=
Subject key identifier:   20:8E:EC:4C:6A:18:16:31:1F:40:9E:47:6A:45:99:EE:9C:01:97:05
Authority key identifier: B6:91:9F:E8:CB:EF:9A:B3:20:AC:7E:0E:34:68:79:D4:9D:18:57:D6
Certificate issuer:       /CN=b6919fe8cbef9ab320ac7e0e346879d49d1857d6
Certificate serial:       01976D3D747961FAFB51D60E009133512A4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
Manifest number:          0646
Signing time:             Sat 14 Jun 2025 07:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:33 +0000
Files and hashes:         1: tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl (hash: 61dsYQrXa5aJCdYWgvhrjtmO2/Nf7IX94V3ZFXzDjPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:74:79:61:fa:fb:51:d6:0e:00:91:33:51:2a:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6919fe8cbef9ab320ac7e0e346879d49d1857d6
        Validity
            Not Before: Jun 14 07:00:33 2025 GMT
            Not After : Jun 15 07:00:33 2025 GMT
        Subject: CN=208eec4c6a1816311f409e476a4599ee9c019705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f9:dc:cc:48:dd:78:51:86:8c:2d:f5:f7:d8:
                    63:01:8a:af:98:f5:55:3a:89:04:02:55:3a:cf:f4:
                    79:2d:91:6d:46:3f:83:46:05:73:4f:38:2c:27:41:
                    e0:fb:16:8a:ed:e5:ff:2b:c2:12:8d:fb:31:4a:45:
                    f4:a4:63:80:cf:22:32:18:f1:0e:61:e1:59:fd:fe:
                    43:7b:a8:cd:dd:20:f1:89:f5:7c:2d:db:17:65:cb:
                    d3:f7:6d:5e:76:9d:68:d6:2c:a9:e3:c4:b1:2d:f7:
                    55:ac:b7:e4:71:89:f1:7b:78:a8:d2:39:75:68:70:
                    9d:6e:25:c9:07:23:d4:ef:b6:6d:7b:08:24:1c:cd:
                    f0:d0:86:e6:7c:a5:31:84:2d:26:53:aa:7b:d2:9d:
                    02:76:8f:d7:06:27:59:a5:26:26:aa:6c:82:af:82:
                    e1:1c:b9:56:0b:a9:55:36:6d:11:8e:8a:b1:2d:78:
                    7b:e3:7f:8f:49:13:e5:c6:07:d0:90:70:09:c9:8d:
                    6d:a9:a5:19:e4:8f:6f:63:d7:b9:d8:69:22:0d:bc:
                    68:28:28:c9:26:df:48:ce:32:db:7b:8e:28:58:2a:
                    89:b9:45:58:af:bf:4a:45:e6:ad:18:e4:f8:c8:ec:
                    f1:55:0e:18:84:22:76:63:63:30:51:26:97:95:4e:
                    97:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:8E:EC:4C:6A:18:16:31:1F:40:9E:47:6A:45:99:EE:9C:01:97:05
            X509v3 Authority Key Identifier:
                keyid:B6:91:9F:E8:CB:EF:9A:B3:20:AC:7E:0E:34:68:79:D4:9D:18:57:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpGf6MvvmrMgrH4ONGh51J0YV9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c6994c-a8c0-47e0-a006-b086666e2ada/1/tpGf6MvvmrMgrH4ONGh51J0YV9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:6d:97:0e:c0:19:e4:ad:d0:e2:3a:6d:75:37:d4:27:52:24:
         c8:5a:e6:62:7b:30:f3:b3:e1:da:6b:34:4a:d3:69:9d:f1:a5:
         2c:9f:8a:b1:92:bd:05:d2:47:35:d6:c9:5a:d5:16:5f:97:cf:
         a1:2a:40:f8:ce:4e:b1:40:08:bb:9a:94:b4:84:bb:f2:e6:de:
         42:09:04:57:0e:b1:29:97:ab:68:7c:31:ac:64:3e:c0:92:3e:
         45:90:d7:14:4d:8a:31:86:51:a5:ee:44:bc:2c:fb:ad:f2:2c:
         5f:30:b3:17:bb:14:6d:5c:d7:23:30:43:c0:54:b2:ee:6d:97:
         79:a1:3e:8f:79:04:14:54:6c:72:b7:a9:fe:4d:5e:95:eb:d6:
         a3:e0:77:9c:1e:8e:90:50:75:76:e2:62:91:5e:04:35:c2:9c:
         77:73:48:9a:e5:f7:59:19:bc:de:5e:49:9a:1c:cc:c4:8b:ca:
         54:8d:3a:c2:61:27:77:04:92:1c:ac:02:08:55:3e:c8:c5:0e:
         6f:1c:f3:00:6c:5e:d6:e9:50:5f:fb:32:b6:0f:17:74:77:8a:
         67:2c:a8:4c:f8:c3:db:e2:dc:f9:3a:4c:f9:5a:9e:55:bc:ee:
         b6:37:bb:a8:82:c6:17:21:57:92:49:f5:ab:94:17:81:01:f7:
         66:51:af:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPXR5Yfr7UdYOAJEzUSpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OTE5ZmU4Y2JlZjlhYjMyMGFjN2UwZTM0Njg3OWQ0OWQx
ODU3ZDYwHhcNMjUwNjE0MDcwMDMzWhcNMjUwNjE1MDcwMDMzWjAzMTEwLwYDVQQD
EygyMDhlZWM0YzZhMTgxNjMxMWY0MDllNDc2YTQ1OTllZTljMDE5NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/nczEjdeFGGjC3199hjAYqvmPVV
OokEAlU6z/R5LZFtRj+DRgVzTzgsJ0Hg+xaK7eX/K8ISjfsxSkX0pGOAzyIyGPEO
YeFZ/f5De6jN3SDxifV8LdsXZcvT921edp1o1iyp48SxLfdVrLfkcYnxe3io0jl1
aHCdbiXJByPU77ZtewgkHM3w0IbmfKUxhC0mU6p70p0Cdo/XBidZpSYmqmyCr4Lh
HLlWC6lVNm0RjoqxLXh743+PSRPlxgfQkHAJyY1tqaUZ5I9vY9e52GkiDbxoKCjJ
Jt9IzjLbe44oWCqJuUVYr79KReatGOT4yOzxVQ4YhCJ2Y2MwUSaXlU6XMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCO7ExqGBYxH0CeR2pFme6cAZcFMB8GA1UdIwQY
MBaAFLaRn+jL75qzIKx+DjRoedSdGFfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjk5NGMtYThjMC00N2UwLWEwMDYt
YjA4NjY2NmUyYWRhLzEvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjk5NGMtYThjMC00N2UwLWEwMDYtYjA4NjY2NmUyYWRh
LzEvdHBHZjZNdnZtck1nckg0T05HaDUxSjBZVjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS22XDsAZ
5K3Q4jptdTfUJ1IkyFrmYnsw87Ph2ms0StNpnfGlLJ+KsZK9BdJHNdbJWtUWX5fP
oSpA+M5OsUAIu5qUtIS78ubeQgkEVw6xKZeraHwxrGQ+wJI+RZDXFE2KMYZRpe5E
vCz7rfIsXzCzF7sUbVzXIzBDwFSy7m2XeaE+j3kEFFRscrep/k1elevWo+B3nB6O
kFB1duJikV4ENcKcd3NImuX3WRm83l5JmhzMxIvKVI06wmEndwSSHKwCCFU+yMUO
bxzzAGxe1ulQX/sytg8XdHeKZyyoTPjD2+Lc+TpM+VqeVbzutje7qILGFyFXkkn1
q5QXgQH3ZlGvYg==
-----END CERTIFICATE-----