Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          YTdvareaQNkArYvWNe3TuEBOTirjPH8F+LafVchNIrw=
Subject key identifier:   10:93:13:02:C8:C7:9D:FD:EC:DC:59:FB:9B:99:D6:DB:13:61:1D:17
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       01977F43AE38885A9F3A80C2E561191ED357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          14D4
Signing time:             Tue 17 Jun 2025 19:00:31 +0000
Manifest this update:     Tue 17 Jun 2025 19:00:31 +0000
Manifest next update:     Wed 18 Jun 2025 19:00:31 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: gnXv/SaLJCGTw2eV/amtSSCoP/A3Pq0UcPjZZQl1vd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 13:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7f:43:ae:38:88:5a:9f:3a:80:c2:e5:61:19:1e:d3:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Jun 17 19:00:31 2025 GMT
            Not After : Jun 18 19:00:31 2025 GMT
        Subject: CN=10931302c8c79dfdecdc59fb9b99d6db13611d17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:dd:09:4b:52:5d:11:6f:74:6a:0b:59:6f:a5:
                    88:f5:6a:e5:a7:3e:dd:6e:b4:a7:b2:33:45:dd:52:
                    68:23:62:f4:b3:d5:e1:f6:13:b2:80:21:14:e9:8e:
                    cc:a7:76:3d:0c:e4:0e:e9:0a:2f:06:6a:03:ba:47:
                    d4:be:03:de:bd:97:55:91:dd:0d:e9:cc:ce:ce:4a:
                    23:c0:d5:f6:ed:7f:ce:14:bc:8b:f9:1d:eb:c4:c7:
                    41:da:ea:d1:f8:fe:e3:e7:f1:f1:57:71:7d:0f:23:
                    55:a8:5e:9f:06:4f:7c:21:2b:d9:fb:3e:68:7c:76:
                    c0:5b:d6:c0:10:50:4f:bc:83:0f:71:b8:ac:87:1e:
                    06:4a:9c:5e:f6:34:4e:a2:ac:ea:41:54:15:ea:70:
                    29:ff:3d:1d:80:3e:14:b8:cd:c7:55:4b:41:e0:eb:
                    00:ed:a6:c5:64:78:98:f5:fd:df:36:06:84:01:b4:
                    23:ba:b1:e4:b8:0c:fe:e9:d4:39:87:32:f7:4e:d7:
                    ef:2d:f2:a8:d7:2f:a9:dc:6d:ff:7b:93:ad:23:a3:
                    73:6c:5e:ce:aa:12:73:dc:c5:52:fe:30:62:62:a7:
                    8b:a2:37:e5:64:3a:7d:33:08:08:36:34:7f:b8:d3:
                    64:f5:7a:46:50:dd:19:f7:ab:9a:fe:1e:26:7a:5b:
                    b4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:93:13:02:C8:C7:9D:FD:EC:DC:59:FB:9B:99:D6:DB:13:61:1D:17
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:a0:96:8d:2b:e8:90:f8:e1:7c:18:e8:71:be:82:2d:05:7d:
         ab:73:3e:6b:a5:53:fd:e2:d0:e4:60:9c:63:70:42:7d:c4:8e:
         d3:8b:ba:29:ce:d1:dd:4f:09:d9:78:47:90:1c:0d:d1:e0:63:
         07:09:31:a6:6d:3e:3c:0d:71:13:d8:1c:01:7e:4c:98:91:b0:
         42:47:b4:8e:3a:a1:c1:06:ba:fc:db:34:1a:98:28:44:96:c5:
         46:76:56:7f:be:f0:49:b9:90:2a:92:04:8d:ec:55:f1:23:49:
         70:c7:70:60:ce:87:87:50:ab:5f:57:d4:a0:54:c7:f0:69:54:
         e5:33:d9:7a:0d:40:a8:85:75:c5:05:fe:a0:9f:12:59:27:4e:
         ee:d3:83:2e:60:fe:ff:aa:34:f1:dd:8c:8f:8a:eb:88:19:ed:
         2b:a8:a9:b2:06:43:ff:18:1b:b5:03:4c:08:b9:12:5a:29:c3:
         34:2b:ea:6d:15:98:29:87:0f:b3:68:ee:00:05:cd:e4:49:a3:
         45:f3:59:52:1d:fb:17:84:2f:f7:e5:9a:66:3f:0d:f5:9f:ef:
         42:24:bc:1e:fd:c3:8a:53:7e:94:8f:08:f1:a9:a5:43:0e:1c:
         b0:42:c9:41:79:b6:52:c4:cb:7c:8c:98:0d:09:af:f7:e7:90:
         1a:4a:30:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd/Q644iFqfOoDC5WEZHtNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjUwNjE3MTkwMDMxWhcNMjUwNjE4MTkwMDMxWjAzMTEwLwYDVQQD
EygxMDkzMTMwMmM4Yzc5ZGZkZWNkYzU5ZmI5Yjk5ZDZkYjEzNjExZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN0JS1JdEW90agtZb6WI9Wrlpz7d
brSnsjNF3VJoI2L0s9Xh9hOygCEU6Y7Mp3Y9DOQO6QovBmoDukfUvgPevZdVkd0N
6czOzkojwNX27X/OFLyL+R3rxMdB2urR+P7j5/HxV3F9DyNVqF6fBk98ISvZ+z5o
fHbAW9bAEFBPvIMPcbishx4GSpxe9jROoqzqQVQV6nAp/z0dgD4UuM3HVUtB4OsA
7abFZHiY9f3fNgaEAbQjurHkuAz+6dQ5hzL3TtfvLfKo1y+p3G3/e5OtI6NzbF7O
qhJz3MVS/jBiYqeLojflZDp9MwgINjR/uNNk9XpGUN0Z96ua/h4melu0AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCTEwLIx5397NxZ+5uZ1tsTYR0XMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaCWjSvo
kPjhfBjocb6CLQV9q3M+a6VT/eLQ5GCcY3BCfcSO04u6Kc7R3U8J2XhHkBwN0eBj
Bwkxpm0+PA1xE9gcAX5MmJGwQke0jjqhwQa6/Ns0GpgoRJbFRnZWf77wSbmQKpIE
jexV8SNJcMdwYM6Hh1CrX1fUoFTH8GlU5TPZeg1AqIV1xQX+oJ8SWSdO7tODLmD+
/6o08d2Mj4rriBntK6ipsgZD/xgbtQNMCLkSWinDNCvqbRWYKYcPs2juAAXN5Emj
RfNZUh37F4Qv9+WaZj8N9Z/vQiS8Hv3DilN+lI8I8amlQw4csELJQXm2UsTLfIyY
DQmv9+eQGkowOw==
-----END CERTIFICATE-----