Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          KwnNmo/Nz7We4aH1VIsFhHV0hV/4kqubvwc3XcbIO44=
Subject key identifier:   48:CD:30:E5:03:6F:5B:97:DA:14:8E:7D:E6:EB:DA:04:99:33:4D:9A
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       01976960ABA9A2991B82BCE478B6753E790E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0986
Signing time:             Fri 13 Jun 2025 13:00:32 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:32 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:32 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: VsLbCgt8oZXSV3kJfvGbiAQhyvgbE/oCU1JOotnb65g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:ab:a9:a2:99:1b:82:bc:e4:78:b6:75:3e:79:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Jun 13 13:00:32 2025 GMT
            Not After : Jun 14 13:00:32 2025 GMT
        Subject: CN=48cd30e5036f5b97da148e7de6ebda0499334d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8c:54:5c:2f:31:cc:07:f8:5b:c6:58:76:39:
                    ec:1b:60:ac:ed:29:0a:4e:84:02:99:38:c3:29:2d:
                    19:62:12:c7:4e:2c:18:2e:fc:64:04:9a:ba:81:41:
                    2c:d5:0f:60:01:ca:e1:a9:e5:34:2e:dd:92:e4:01:
                    90:e0:00:2c:5e:7d:5b:f0:35:a2:d4:fe:eb:2d:cc:
                    a9:b6:5a:04:1e:1b:98:3b:f0:af:2d:69:21:7b:ae:
                    32:58:64:d5:f3:9d:8f:e6:7f:8e:f4:27:e5:d6:4d:
                    37:1f:03:fc:50:2f:78:8a:23:78:67:8c:c2:f8:5e:
                    15:ed:7d:3a:9f:22:a4:41:5a:10:57:66:15:ad:3b:
                    fb:12:19:7c:5a:01:59:4a:93:52:00:ff:11:6c:3a:
                    7e:22:43:85:0e:22:09:92:48:5f:49:01:fe:17:94:
                    16:81:b9:63:57:28:6d:8d:ac:ef:f3:9c:dc:3f:01:
                    74:d0:08:be:c7:9d:79:60:6f:72:e4:b5:a4:2b:3b:
                    38:d9:6d:dd:eb:1d:69:88:31:ec:06:11:ea:65:99:
                    87:6a:7b:1e:2f:5d:15:61:fd:61:10:d1:9c:b7:90:
                    c7:5d:c6:43:06:9d:13:2c:14:46:8a:59:12:96:58:
                    6b:91:17:62:e3:60:2b:0a:3e:d5:db:c5:ac:ee:67:
                    a5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:CD:30:E5:03:6F:5B:97:DA:14:8E:7D:E6:EB:DA:04:99:33:4D:9A
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:0e:f6:aa:05:76:c1:44:a4:fb:2d:4c:ef:2b:6e:5e:f3:24:
         b5:82:e7:60:c3:9f:28:1d:d6:2e:17:85:11:e9:81:46:b9:50:
         09:72:2a:85:5a:86:02:d9:8c:c6:38:98:1a:a7:99:8e:a8:89:
         de:e7:d1:e8:45:0d:32:9b:e0:ba:a3:73:42:8f:23:23:88:23:
         a2:2c:cb:3c:07:43:6b:ea:19:b8:8e:cf:30:bb:cf:4f:82:3b:
         3c:59:ba:25:6c:18:17:b3:0c:90:d5:25:36:bd:4e:9d:c6:36:
         e7:23:30:19:4c:e2:f3:c6:03:57:4f:ea:4a:a7:57:a2:5c:40:
         f1:9d:e0:d6:ee:be:74:73:83:17:1a:14:b3:10:55:58:98:66:
         bd:bf:6a:2d:c9:7a:05:40:37:28:5a:92:67:e6:6b:eb:ae:10:
         aa:2f:be:8a:51:59:8a:c9:25:a0:8b:bd:4d:59:ff:59:d0:3a:
         75:a5:b3:3e:51:14:e8:c3:d4:56:b7:aa:e6:be:b8:a7:d4:08:
         87:ea:ec:bd:1d:e9:cc:72:24:6a:95:42:98:19:5b:cd:06:d3:
         37:8c:01:e9:46:5c:d1:67:ea:27:11:7b:99:07:02:9f:33:b9:
         a0:6c:2c:b3:bd:d0:0b:38:9e:b2:b0:b0:6b:1d:da:ba:1f:7a:
         42:16:ed:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYKupopkbgrzkeLZ1PnkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjUwNjEzMTMwMDMyWhcNMjUwNjE0MTMwMDMyWjAzMTEwLwYDVQQD
Eyg0OGNkMzBlNTAzNmY1Yjk3ZGExNDhlN2RlNmViZGEwNDk5MzM0ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIxUXC8xzAf4W8ZYdjnsG2Cs7SkK
ToQCmTjDKS0ZYhLHTiwYLvxkBJq6gUEs1Q9gAcrhqeU0Lt2S5AGQ4AAsXn1b8DWi
1P7rLcyptloEHhuYO/CvLWkhe64yWGTV852P5n+O9Cfl1k03HwP8UC94iiN4Z4zC
+F4V7X06nyKkQVoQV2YVrTv7Ehl8WgFZSpNSAP8RbDp+IkOFDiIJkkhfSQH+F5QW
gbljVyhtjazv85zcPwF00Ai+x515YG9y5LWkKzs42W3d6x1piDHsBhHqZZmHanse
L10VYf1hENGct5DHXcZDBp0TLBRGilkSllhrkRdi42ArCj7V28Ws7mel5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjNMOUDb1uX2hSOfebr2gSZM02aMB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaw72qgV2
wUSk+y1M7ytuXvMktYLnYMOfKB3WLheFEemBRrlQCXIqhVqGAtmMxjiYGqeZjqiJ
3ufR6EUNMpvguqNzQo8jI4gjoizLPAdDa+oZuI7PMLvPT4I7PFm6JWwYF7MMkNUl
Nr1OncY25yMwGUzi88YDV0/qSqdXolxA8Z3g1u6+dHODFxoUsxBVWJhmvb9qLcl6
BUA3KFqSZ+Zr664Qqi++ilFZiskloIu9TVn/WdA6daWzPlEU6MPUVreq5r64p9QI
h+rsvR3pzHIkapVCmBlbzQbTN4wB6UZc0WfqJxF7mQcCnzO5oGwss73QCziesrCw
ax3auh96QhbteA==
-----END CERTIFICATE-----