Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          R52oYnz2wZUQnY0glsuWR9f8IItIWzqB5KowU3+0130=
Subject key identifier:   F1:DF:C2:66:59:74:E7:98:A6:4D:C7:C5:AF:D9:37:1A:BB:72:86:9F
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       01976D3DDA79020D272E656333C2753B6B0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          151E
Signing time:             Sat 14 Jun 2025 07:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:59 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: FbYcDXax/gFhZz9Mz6Q+cXiCVQb2fFVfTiKG1HpCBRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:da:79:02:0d:27:2e:65:63:33:c2:75:3b:6b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Jun 14 07:00:59 2025 GMT
            Not After : Jun 15 07:00:59 2025 GMT
        Subject: CN=f1dfc2665974e798a64dc7c5afd9371abb72869f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:eb:23:d6:b1:06:56:68:b3:f6:74:aa:f3:e5:
                    95:40:c4:d1:93:36:4e:0b:ba:bd:09:8e:c7:bc:b8:
                    29:64:79:ec:48:02:ce:3a:6e:f2:9c:f8:a3:3f:ff:
                    ad:54:ed:47:6b:b1:f0:53:73:56:4f:e0:a8:52:c3:
                    1f:d4:31:f3:5f:41:1c:53:67:19:8c:7b:84:e0:8d:
                    34:5e:fe:4e:d3:0e:e7:93:59:3d:e9:19:ef:8c:a3:
                    f8:a0:71:6b:75:44:72:4c:eb:04:5d:54:34:e4:32:
                    74:ca:06:b7:be:5a:01:5e:9a:f2:74:5f:7b:ff:5e:
                    3b:ad:8b:a6:ea:0b:6c:13:85:f2:53:06:fa:a5:5d:
                    97:aa:52:58:b9:21:97:78:e6:49:40:e8:36:5e:ab:
                    b3:f7:a5:89:93:88:75:bc:d5:bb:9d:d8:c6:af:dc:
                    59:b9:ca:1c:35:ea:39:d9:39:24:ab:8a:33:3f:38:
                    c3:c0:8b:20:f9:59:33:c8:43:09:55:cf:48:6e:de:
                    da:18:25:8c:36:33:1f:64:06:45:3b:b6:96:dc:ed:
                    f5:79:6d:c2:09:db:ff:ed:67:fe:45:ab:a0:5b:da:
                    3b:df:ee:89:e9:3a:dc:87:6b:84:b6:df:b5:30:99:
                    5c:70:18:cd:4d:bc:19:b5:b3:0b:e0:0b:b9:42:83:
                    38:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:DF:C2:66:59:74:E7:98:A6:4D:C7:C5:AF:D9:37:1A:BB:72:86:9F
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:b0:b2:c8:36:70:94:53:89:55:4d:79:b5:94:52:2b:ee:12:
         40:d3:ca:64:f9:2e:e6:bf:c1:d0:55:f3:83:15:22:f9:66:73:
         40:1b:01:93:11:b5:2d:72:eb:02:d4:4c:3b:30:37:c6:de:c9:
         04:c0:46:c2:81:c4:d1:38:cd:4d:94:59:f9:0d:3e:e1:2a:c7:
         f1:09:98:1e:39:d5:cb:fe:5f:32:56:98:d2:37:d4:03:89:0c:
         0a:a6:03:0f:7f:f9:3b:bc:30:f9:e9:ce:97:13:b6:7f:2f:80:
         cc:2d:71:c6:3c:54:5e:55:6c:90:20:6d:10:ee:05:40:07:bd:
         bf:0e:72:96:a3:ba:ed:8d:b9:08:3a:4b:1b:8e:fe:1a:01:9b:
         ca:10:20:ac:3f:4d:bb:89:77:1a:22:ce:8e:a6:2f:96:89:f0:
         78:3f:69:1b:6b:66:f2:e5:ac:48:6d:cd:7f:1c:86:fe:08:9c:
         f2:51:3a:fd:c8:8b:0b:fe:e7:be:13:50:5d:aa:02:aa:8e:3d:
         17:35:19:83:7c:1f:4c:2a:47:22:5c:7a:b8:6c:5d:b7:31:25:
         69:9d:ba:d5:ac:6e:73:a9:a2:3b:dd:65:80:8e:93:59:04:8f:
         b9:40:67:9b:de:9f:7c:8a:6b:6f:92:cc:aa:99:53:50:ce:54:
         f9:ed:96:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPdp5Ag0nLmVjM8J1O2sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjUwNjE0MDcwMDU5WhcNMjUwNjE1MDcwMDU5WjAzMTEwLwYDVQQD
EyhmMWRmYzI2NjU5NzRlNzk4YTY0ZGM3YzVhZmQ5MzcxYWJiNzI4NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwesj1rEGVmiz9nSq8+WVQMTRkzZO
C7q9CY7HvLgpZHnsSALOOm7ynPijP/+tVO1Ha7HwU3NWT+CoUsMf1DHzX0EcU2cZ
jHuE4I00Xv5O0w7nk1k96RnvjKP4oHFrdURyTOsEXVQ05DJ0yga3vloBXprydF97
/147rYum6gtsE4XyUwb6pV2XqlJYuSGXeOZJQOg2Xquz96WJk4h1vNW7ndjGr9xZ
ucocNeo52Tkkq4ozPzjDwIsg+VkzyEMJVc9Ibt7aGCWMNjMfZAZFO7aW3O31eW3C
Cdv/7Wf+RaugW9o73+6J6Trch2uEtt+1MJlccBjNTbwZtbML4Au5QoM4UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHfwmZZdOeYpk3Hxa/ZNxq7coafMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7CyyDZw
lFOJVU15tZRSK+4SQNPKZPku5r/B0FXzgxUi+WZzQBsBkxG1LXLrAtRMOzA3xt7J
BMBGwoHE0TjNTZRZ+Q0+4SrH8QmYHjnVy/5fMlaY0jfUA4kMCqYDD3/5O7ww+enO
lxO2fy+AzC1xxjxUXlVskCBtEO4FQAe9vw5ylqO67Y25CDpLG47+GgGbyhAgrD9N
u4l3GiLOjqYvlonweD9pG2tm8uWsSG3NfxyG/gic8lE6/ciLC/7nvhNQXaoCqo49
FzUZg3wfTCpHIlx6uGxdtzElaZ261axuc6miO91lgI6TWQSPuUBnm96ffIprb5LM
qplTUM5U+e2WeQ==
-----END CERTIFICATE-----