Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
File:                     09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json)
Hash identifier:          3pRK3Nx90xIqaH9PjkTjM/6HSHw/lbuIS2hI4MLCFJs=
Subject key identifier:   A9:EC:98:D4:A5:5C:A0:0A:27:27:CC:52:07:ED:FB:66:94:BD:B1:5D
Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31
Certificate issuer:       /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
Certificate serial:       019776E54B14C1284388497F2DB352B0E99A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
Manifest number:          C1
Signing time:             Mon 16 Jun 2025 04:00:27 +0000
Manifest this update:     Mon 16 Jun 2025 04:00:27 +0000
Manifest next update:     Tue 17 Jun 2025 04:00:27 +0000
Files and hashes:         1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: 6nPd9F806yxTfbaMCP0hUdEIS0V4zW4vVKggYU2qBtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 04:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:76:e5:4b:14:c1:28:43:88:49:7f:2d:b3:52:b0:e9:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
        Validity
            Not Before: Jun 16 04:00:27 2025 GMT
            Not After : Jun 17 04:00:27 2025 GMT
        Subject: CN=a9ec98d4a55ca00a2727cc5207edfb6694bdb15d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c4:0d:56:c2:47:0d:af:60:24:99:86:0f:c9:
                    40:3b:30:3a:85:c5:c7:d8:86:42:3a:ad:39:d1:4d:
                    68:f7:22:ff:1d:c3:de:79:f3:5b:57:6d:86:83:50:
                    b1:ab:52:e5:1e:25:cb:2a:2f:ec:29:11:ff:2d:14:
                    ed:d9:49:56:8c:67:c9:81:93:c9:ec:eb:0a:1d:32:
                    05:bc:d9:af:b6:4e:b6:53:4d:37:8b:53:62:81:bc:
                    38:1b:04:b4:34:a0:26:5a:a7:c0:a2:df:5f:81:57:
                    80:d7:37:e0:86:b1:6f:6e:7d:27:89:ee:82:cb:19:
                    3e:dc:e4:88:86:dc:03:97:e5:66:be:0b:d2:d8:59:
                    d7:2b:ea:f4:ee:cb:d0:3f:c3:30:a5:cb:7f:d0:7a:
                    e8:f5:e0:13:e8:e6:c2:d4:1b:be:95:d4:cd:7b:55:
                    fc:a4:0e:af:40:c2:4c:32:a7:e2:b1:ae:f8:2b:5f:
                    95:61:39:5a:36:ff:b0:26:b0:e7:9d:54:02:60:0d:
                    84:72:05:4e:af:ea:0c:21:b5:e7:c5:1e:7a:64:ac:
                    1f:9e:ae:3d:4d:0d:a1:90:fe:b4:aa:f2:d0:38:8f:
                    db:43:71:d3:f9:ea:de:7a:f3:62:91:f3:37:19:70:
                    c4:43:b0:f9:47:cc:ce:6e:10:82:17:d4:df:85:ee:
                    f2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:EC:98:D4:A5:5C:A0:0A:27:27:CC:52:07:ED:FB:66:94:BD:B1:5D
            X509v3 Authority Key Identifier:
                keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:01:a4:5b:dd:89:69:d9:e8:35:bf:87:69:78:49:a0:4e:a1:
         1b:e4:bb:e2:4b:95:f2:cd:86:d6:12:f3:65:4c:3f:77:e5:da:
         d5:46:35:6c:7e:2a:d7:b4:94:a9:14:59:de:64:88:0e:51:8c:
         1f:f0:b9:37:4f:64:5f:e6:1e:13:26:2e:6b:06:32:80:b6:49:
         f2:1f:72:cf:49:35:fb:e2:fc:b8:6d:f5:9e:19:07:e2:60:36:
         04:d7:70:99:5e:4f:37:1c:ac:a0:c1:21:f9:2b:70:f5:3a:46:
         3a:38:5a:7f:73:cf:ab:21:7f:70:84:72:6c:5f:a6:01:46:27:
         cb:c4:53:d3:9d:b2:5d:e6:c8:c4:b4:42:13:f1:1d:36:7b:be:
         93:0b:bc:3c:5b:47:ed:3f:08:f4:87:48:8c:8b:77:0f:4b:5a:
         35:05:4e:05:59:3e:c6:48:6b:59:e2:6e:74:d0:35:46:bd:80:
         ae:6a:e4:9a:4a:0a:ae:4f:67:58:ef:f0:d0:b4:9f:3e:d9:cb:
         01:05:15:c2:cf:09:51:6f:6d:b7:24:32:4a:f1:1e:68:82:14:
         8a:bc:67:03:ea:2b:1c:ac:26:01:65:45:0d:dd:5b:8a:51:79:
         ea:9d:66:66:d8:12:d4:7e:2a:a8:e6:9c:e6:55:01:f1:d5:cc:
         b8:ff:79:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd25UsUwShDiEl/LbNSsOmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3
ZDk0MzEwHhcNMjUwNjE2MDQwMDI3WhcNMjUwNjE3MDQwMDI3WjAzMTEwLwYDVQQD
EyhhOWVjOThkNGE1NWNhMDBhMjcyN2NjNTIwN2VkZmI2Njk0YmRiMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MQNVsJHDa9gJJmGD8lAOzA6hcXH
2IZCOq050U1o9yL/HcPeefNbV22Gg1Cxq1LlHiXLKi/sKRH/LRTt2UlWjGfJgZPJ
7OsKHTIFvNmvtk62U003i1Nigbw4GwS0NKAmWqfAot9fgVeA1zfghrFvbn0nie6C
yxk+3OSIhtwDl+VmvgvS2FnXK+r07svQP8Mwpct/0Hro9eAT6ObC1Bu+ldTNe1X8
pA6vQMJMMqfisa74K1+VYTlaNv+wJrDnnVQCYA2EcgVOr+oMIbXnxR56ZKwfnq49
TQ2hkP60qvLQOI/bQ3HT+ereevNikfM3GXDEQ7D5R8zObhCCF9Tfhe7yRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnsmNSlXKAKJyfMUgft+2aUvbFdMB8GA1UdIwQY
MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt
NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz
LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApwGkW92J
adnoNb+HaXhJoE6hG+S74kuV8s2G1hLzZUw/d+Xa1UY1bH4q17SUqRRZ3mSIDlGM
H/C5N09kX+YeEyYuawYygLZJ8h9yz0k1++L8uG31nhkH4mA2BNdwmV5PNxysoMEh
+Stw9TpGOjhaf3PPqyF/cIRybF+mAUYny8RT052yXebIxLRCE/EdNnu+kwu8PFtH
7T8I9IdIjIt3D0taNQVOBVk+xkhrWeJudNA1Rr2ArmrkmkoKrk9nWO/w0LSfPtnL
AQUVws8JUW9ttyQySvEeaIIUirxnA+orHKwmAWVFDd1bilF56p1mZtgS1H4qqOac
5lUB8dXMuP95QQ==
-----END CERTIFICATE-----