Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          CXO4PkR9rNCjM4i7Miqn7juo0sLrCkk2r5+4PL0g9jk=
Subject key identifier:   0D:91:13:F5:48:14:9B:A8:DF:C1:4C:09:59:DC:B8:99:AF:D9:7F:6C
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       01976D3DC39500F227FBCB099D8BF1E91A15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          0DC5
Signing time:             Sat 14 Jun 2025 07:00:53 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:53 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:53 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: RslrrHVuR3lNrgQk+q4puxhyTAtof8a3KGgO0ne4ebo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:c3:95:00:f2:27:fb:cb:09:9d:8b:f1:e9:1a:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Jun 14 07:00:53 2025 GMT
            Not After : Jun 15 07:00:53 2025 GMT
        Subject: CN=0d9113f548149ba8dfc14c0959dcb899afd97f6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ff:0e:40:b4:ad:49:5f:fc:80:4a:b5:8b:bf:
                    d2:4a:9d:d2:1d:67:4a:a0:0f:66:ad:f8:14:e5:2c:
                    aa:4a:88:36:81:c4:fc:f3:83:65:07:61:87:05:85:
                    08:bc:3d:64:75:5c:00:a2:0d:6d:c5:d4:51:0b:b8:
                    8e:28:f8:cb:01:49:73:97:37:c2:ef:11:66:40:2f:
                    82:40:81:fd:e1:85:3b:3f:3b:9e:02:d7:a4:35:03:
                    b2:db:d6:b4:52:f7:aa:e1:07:8b:b9:17:c6:19:dd:
                    8f:ba:e7:4b:25:1f:25:df:2a:9c:b0:c4:51:3c:51:
                    7c:d5:36:92:29:f0:4e:71:82:46:64:c3:f6:fc:e7:
                    9a:47:c6:67:27:96:46:52:03:f3:46:13:4e:ee:a4:
                    50:12:f9:c0:ae:6d:97:ae:73:b8:5c:c7:6f:d5:7e:
                    e5:b6:7d:81:a1:4e:02:32:c4:c8:33:c9:c8:98:93:
                    d9:68:b4:57:1c:69:85:33:ed:d1:0a:5f:aa:74:69:
                    77:3b:03:66:b4:0e:34:a0:e7:05:eb:7e:bf:82:65:
                    4a:88:96:86:9e:f7:d5:6c:b4:68:2d:dd:ac:d3:80:
                    cd:56:65:90:7c:7c:42:cf:97:03:05:f9:6c:72:5f:
                    b4:93:52:90:f9:51:e4:de:32:16:23:b0:d8:d3:22:
                    63:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:91:13:F5:48:14:9B:A8:DF:C1:4C:09:59:DC:B8:99:AF:D9:7F:6C
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:4c:d5:d9:96:4a:4b:b4:aa:ad:dd:62:37:58:27:41:56:17:
         ae:3e:d7:06:06:47:c0:5d:e3:7a:26:03:e0:65:25:0a:22:35:
         3d:36:82:b3:51:fc:a2:e0:07:8f:54:57:3f:a7:f1:63:1f:3c:
         bf:b8:b1:4a:d0:0c:30:06:cd:64:cb:39:3f:54:12:55:1c:3e:
         84:33:dd:eb:2f:c2:16:dd:c9:d8:f8:07:24:cb:05:b1:5a:6c:
         39:a6:eb:38:cf:9f:39:6e:63:28:e1:b0:f9:52:6d:45:e3:fd:
         3e:02:14:db:03:8a:50:ee:f3:4c:b1:bf:74:c7:83:58:d5:cf:
         c8:60:12:86:e2:29:c2:bc:4a:9a:a9:eb:7e:d6:c8:82:3d:a9:
         49:d5:f0:79:65:fc:1e:2f:ba:19:8f:5f:e9:4e:41:8e:a0:e7:
         49:fe:c1:47:93:5d:71:ed:f3:25:21:1f:91:c5:87:a9:e5:88:
         c4:e1:d6:86:5a:09:9a:a9:dd:84:96:83:b4:65:d2:5b:04:20:
         e5:57:82:fa:0f:f9:75:73:67:b5:5f:d9:2e:1f:58:e9:24:e9:
         f2:e8:68:84:f8:2f:39:77:90:a3:a9:f6:d9:14:c2:97:bb:33:
         1f:1f:69:bf:bb:dd:3c:f9:c4:c3:d7:a6:8c:1d:e0:c9:3b:42:
         71:33:97:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPcOVAPIn+8sJnYvx6RoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjUwNjE0MDcwMDUzWhcNMjUwNjE1MDcwMDUzWjAzMTEwLwYDVQQD
EygwZDkxMTNmNTQ4MTQ5YmE4ZGZjMTRjMDk1OWRjYjg5OWFmZDk3ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/8OQLStSV/8gEq1i7/SSp3SHWdK
oA9mrfgU5SyqSog2gcT884NlB2GHBYUIvD1kdVwAog1txdRRC7iOKPjLAUlzlzfC
7xFmQC+CQIH94YU7PzueAtekNQOy29a0Uveq4QeLuRfGGd2PuudLJR8l3yqcsMRR
PFF81TaSKfBOcYJGZMP2/OeaR8ZnJ5ZGUgPzRhNO7qRQEvnArm2XrnO4XMdv1X7l
tn2BoU4CMsTIM8nImJPZaLRXHGmFM+3RCl+qdGl3OwNmtA40oOcF636/gmVKiJaG
nvfVbLRoLd2s04DNVmWQfHxCz5cDBflscl+0k1KQ+VHk3jIWI7DY0yJjGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2RE/VIFJuo38FMCVncuJmv2X9sMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdUzV2ZZK
S7Sqrd1iN1gnQVYXrj7XBgZHwF3jeiYD4GUlCiI1PTaCs1H8ouAHj1RXP6fxYx88
v7ixStAMMAbNZMs5P1QSVRw+hDPd6y/CFt3J2PgHJMsFsVpsOabrOM+fOW5jKOGw
+VJtReP9PgIU2wOKUO7zTLG/dMeDWNXPyGAShuIpwrxKmqnrftbIgj2pSdXweWX8
Hi+6GY9f6U5BjqDnSf7BR5Ndce3zJSEfkcWHqeWIxOHWhloJmqndhJaDtGXSWwQg
5VeC+g/5dXNntV/ZLh9Y6STp8uhohPgvOXeQo6n22RTCl7szHx9pv7vdPPnEw9em
jB3gyTtCcTOXwA==
-----END CERTIFICATE-----