Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          +sT/Mfvv+ZDiPDcgf8SORp9nZgIpAMm0uvDV/2eeTsI=
Subject key identifier:   78:D9:43:C1:B8:15:3F:D3:2F:1E:5D:85:95:07:D3:6D:7D:7E:AB:F7
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019786619070EAD84319AB88946153F2FD3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1597
Signing time:             Thu 19 Jun 2025 04:10:30 +0000
Manifest this update:     Thu 19 Jun 2025 04:10:30 +0000
Manifest next update:     Fri 20 Jun 2025 04:10:30 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: ZmYLftzhmk5iKX6RzWseY8YExn9f/L/9EwMkAREepJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Jun 2025 04:10:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:86:61:90:70:ea:d8:43:19:ab:88:94:61:53:f2:fd:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Jun 19 04:10:30 2025 GMT
            Not After : Jun 20 04:10:30 2025 GMT
        Subject: CN=78d943c1b8153fd32f1e5d859507d36d7d7eabf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d2:7c:67:b9:07:39:37:6a:23:4e:ad:cb:4e:
                    8a:29:23:f9:fd:aa:76:35:ff:47:45:d6:18:6b:67:
                    da:6a:39:78:ed:cb:7a:f8:1a:96:ee:79:43:13:63:
                    17:dc:f2:9a:a7:32:b8:37:a6:f9:81:85:13:0c:b2:
                    8c:c7:4a:b4:48:7b:08:17:b1:4b:81:05:7e:b6:07:
                    eb:67:76:7a:37:6b:14:47:b1:48:11:c5:63:fd:9c:
                    38:89:25:e8:0f:f6:66:6e:a4:9b:14:27:66:3f:34:
                    c0:1f:bb:ee:5b:c2:02:b5:46:cc:f1:40:7e:3c:19:
                    c7:c2:af:ae:72:b5:ca:ac:3d:00:da:ef:fa:9a:11:
                    46:fe:66:d7:44:27:73:9c:86:70:cd:b3:06:ee:ee:
                    02:15:35:94:1d:7d:0e:8d:01:38:33:c2:4e:06:17:
                    5d:c1:81:5d:80:9e:10:71:a9:1b:9c:72:81:6c:d8:
                    99:43:21:d3:9c:42:5f:76:9f:55:34:66:30:50:2a:
                    38:9f:76:f5:d0:28:47:7c:c2:01:ae:18:f7:1b:76:
                    c6:72:c3:95:da:75:11:fd:da:c3:f0:31:23:6b:13:
                    23:bd:eb:00:9d:98:ae:a2:e6:8f:fc:39:be:31:30:
                    22:e8:2e:6b:f0:b0:70:5c:c3:63:ba:e1:67:48:28:
                    96:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D9:43:C1:B8:15:3F:D3:2F:1E:5D:85:95:07:D3:6D:7D:7E:AB:F7
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:64:5d:70:7e:54:6a:1d:c6:b0:ac:f0:a4:8b:b7:c6:a7:f6:
         89:90:d0:ad:1d:74:83:28:85:06:e0:9d:ac:5e:02:db:04:27:
         3e:27:54:8d:58:30:13:ad:d2:62:74:5d:53:66:17:cd:f9:c0:
         f9:54:42:8a:de:e7:63:c1:50:df:0c:c6:44:e3:f8:d7:02:74:
         0c:e0:b5:c3:db:cf:4a:dd:3d:07:59:ec:68:32:93:29:64:22:
         b6:c8:f4:f6:00:8a:ed:78:4d:1b:15:4a:27:d9:c8:c3:e6:de:
         72:e3:0a:65:e2:02:0a:76:79:86:61:c9:90:49:c8:7f:05:59:
         cb:8e:e3:c0:71:00:77:6d:11:96:32:ac:a1:0c:b5:2f:a2:f2:
         3d:f7:91:d4:4c:89:3a:44:a5:8d:fe:05:93:7d:4f:99:4d:a1:
         9a:50:43:41:85:b6:c4:af:66:dc:71:fb:90:41:8f:89:7c:ea:
         24:10:17:18:00:e4:ec:6d:d0:d0:2e:0d:26:58:05:82:15:d7:
         da:db:6c:07:f1:d8:54:7f:6b:2a:d9:a2:44:7b:06:57:dc:82:
         44:89:3d:bb:14:b6:5c:0c:c4:2e:56:cd:ba:b0:14:8e:91:44:
         e0:3e:29:3f:28:81:5e:85:42:02:c0:2c:9b:44:c6:b4:4a:47:
         37:c7:ba:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeGYZBw6thDGauIlGFT8v0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjUwNjE5MDQxMDMwWhcNMjUwNjIwMDQxMDMwWjAzMTEwLwYDVQQD
Eyg3OGQ5NDNjMWI4MTUzZmQzMmYxZTVkODU5NTA3ZDM2ZDdkN2VhYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNJ8Z7kHOTdqI06ty06KKSP5/ap2
Nf9HRdYYa2faajl47ct6+BqW7nlDE2MX3PKapzK4N6b5gYUTDLKMx0q0SHsIF7FL
gQV+tgfrZ3Z6N2sUR7FIEcVj/Zw4iSXoD/ZmbqSbFCdmPzTAH7vuW8ICtUbM8UB+
PBnHwq+ucrXKrD0A2u/6mhFG/mbXRCdznIZwzbMG7u4CFTWUHX0OjQE4M8JOBhdd
wYFdgJ4QcakbnHKBbNiZQyHTnEJfdp9VNGYwUCo4n3b10ChHfMIBrhj3G3bGcsOV
2nUR/drD8DEjaxMjvesAnZiuouaP/Dm+MTAi6C5r8LBwXMNjuuFnSCiW9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjZQ8G4FT/TLx5dhZUH0219fqv3MB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWRdcH5U
ah3GsKzwpIu3xqf2iZDQrR10gyiFBuCdrF4C2wQnPidUjVgwE63SYnRdU2YXzfnA
+VRCit7nY8FQ3wzGROP41wJ0DOC1w9vPSt09B1nsaDKTKWQitsj09gCK7XhNGxVK
J9nIw+becuMKZeICCnZ5hmHJkEnIfwVZy47jwHEAd20RljKsoQy1L6LyPfeR1EyJ
OkSljf4Fk31PmU2hmlBDQYW2xK9m3HH7kEGPiXzqJBAXGADk7G3Q0C4NJlgFghXX
2ttsB/HYVH9rKtmiRHsGV9yCRIk9uxS2XAzELlbNurAUjpFE4D4pPyiBXoVCAsAs
m0TGtEpHN8e6aw==
-----END CERTIFICATE-----