Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          4+y2HuiedCe/QaQayZDw16VooVJUnVHNa0zyFE2saaE=
Subject key identifier:   D9:D2:9A:4F:8D:8F:C1:B4:3D:E8:D1:98:6B:3B:25:C1:41:6B:05:4D
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       019772D1E79B9A67F0BBD61430D2F7BEF263
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          01E1
Signing time:             Sun 15 Jun 2025 09:00:48 +0000
Manifest this update:     Sun 15 Jun 2025 09:00:48 +0000
Manifest next update:     Mon 16 Jun 2025 09:00:48 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: IPqK9zRAAx5Wr82bFzUrQKoL2MpsDPcaMCvkNh02eco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:72:d1:e7:9b:9a:67:f0:bb:d6:14:30:d2:f7:be:f2:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Jun 15 09:00:48 2025 GMT
            Not After : Jun 16 09:00:48 2025 GMT
        Subject: CN=d9d29a4f8d8fc1b43de8d1986b3b25c1416b054d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d3:6a:85:af:73:56:22:e8:b1:7e:10:f1:5a:
                    b6:40:c2:a3:04:e9:96:3b:4b:e4:98:ab:b0:69:64:
                    aa:ff:bf:23:4a:d7:cb:ee:ad:50:48:a9:20:bb:7d:
                    7c:87:a5:7c:01:de:d7:3d:f4:7b:f6:40:38:44:35:
                    8c:ee:9b:cb:f5:a3:df:55:0a:b7:c7:c6:81:29:d8:
                    65:34:15:d6:b2:f1:86:23:70:1c:a9:e1:04:08:45:
                    ab:af:1a:18:cb:3e:57:04:3f:5c:f0:78:bf:29:b0:
                    eb:52:cc:39:62:f4:48:d3:92:43:d2:2b:17:47:cd:
                    1d:60:3f:c1:93:69:a1:2e:65:72:f7:40:1e:2b:fb:
                    d4:f9:83:40:ca:3e:4e:5b:82:b2:f8:a1:39:e3:ef:
                    11:cd:dd:c9:38:b8:93:c7:d7:71:81:e0:69:72:a0:
                    c0:cf:31:2c:a4:76:ec:89:a3:da:27:20:ba:b5:85:
                    8d:ca:19:48:f2:ae:37:b7:00:4c:b5:b4:3e:68:40:
                    7f:5b:14:a3:d4:15:75:23:19:54:b2:89:4b:ac:09:
                    ac:27:b6:8d:b8:fd:32:2c:e5:a0:6e:f2:57:94:bf:
                    c2:9b:f3:ba:5e:75:cb:6b:9b:83:4d:93:97:4e:29:
                    7a:a2:88:e7:ab:a3:85:50:7e:fc:90:2f:bc:c5:b0:
                    01:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:D2:9A:4F:8D:8F:C1:B4:3D:E8:D1:98:6B:3B:25:C1:41:6B:05:4D
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:4d:a5:9c:e3:30:84:04:24:51:e2:22:b9:43:f6:ed:84:f8:
         f9:ff:69:a2:3b:a1:1b:2d:80:17:95:07:b5:ec:16:35:6a:b3:
         7f:80:f0:33:24:ed:d4:f9:9e:42:0f:de:9d:8e:d9:ad:6c:ec:
         51:8e:05:7d:41:8c:fb:96:98:55:8b:c3:eb:e0:99:50:e1:ca:
         22:65:05:b2:4c:1e:1c:c6:83:20:64:92:a2:90:be:7e:48:b3:
         97:3a:1d:17:88:0a:55:8f:c5:cd:ae:c2:ab:4b:a2:58:d0:27:
         2d:26:ae:f8:39:36:76:ae:52:c3:62:65:b5:e4:45:9a:e9:19:
         cf:bd:1b:4f:de:f0:ab:27:11:75:bc:c3:57:ae:47:96:4c:a9:
         ca:61:f4:4e:72:85:e0:82:2e:e7:0c:3a:50:8f:2e:76:b2:46:
         fd:05:e1:e0:59:43:80:9d:dc:4d:32:77:16:d0:3c:9b:f0:f2:
         90:aa:23:8d:36:63:e8:b4:ee:aa:7a:15:9e:d7:17:be:0b:a3:
         b9:af:fc:c7:a2:74:16:25:91:39:d9:e1:77:8c:63:c0:63:1b:
         96:5b:59:6e:28:46:e5:09:f6:5f:37:09:ff:48:28:a1:34:ae:
         63:88:7c:c3:bb:ce:68:05:61:fd:b7:24:9f:6d:43:1c:30:dd:
         b6:8a:32:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdy0eebmmfwu9YUMNL3vvJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwNjE1MDkwMDQ4WhcNMjUwNjE2MDkwMDQ4WjAzMTEwLwYDVQQD
EyhkOWQyOWE0ZjhkOGZjMWI0M2RlOGQxOTg2YjNiMjVjMTQxNmIwNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09Nqha9zViLosX4Q8Vq2QMKjBOmW
O0vkmKuwaWSq/78jStfL7q1QSKkgu318h6V8Ad7XPfR79kA4RDWM7pvL9aPfVQq3
x8aBKdhlNBXWsvGGI3AcqeEECEWrrxoYyz5XBD9c8Hi/KbDrUsw5YvRI05JD0isX
R80dYD/Bk2mhLmVy90AeK/vU+YNAyj5OW4Ky+KE54+8Rzd3JOLiTx9dxgeBpcqDA
zzEspHbsiaPaJyC6tYWNyhlI8q43twBMtbQ+aEB/WxSj1BV1IxlUsolLrAmsJ7aN
uP0yLOWgbvJXlL/Cm/O6XnXLa5uDTZOXTil6oojnq6OFUH78kC+8xbAB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnSmk+Nj8G0PejRmGs7JcFBawVNMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFU2lnOMw
hAQkUeIiuUP27YT4+f9pojuhGy2AF5UHtewWNWqzf4DwMyTt1PmeQg/enY7ZrWzs
UY4FfUGM+5aYVYvD6+CZUOHKImUFskweHMaDIGSSopC+fkizlzodF4gKVY/Fza7C
q0uiWNAnLSau+Dk2dq5Sw2JlteRFmukZz70bT97wqycRdbzDV65HlkypymH0TnKF
4IIu5ww6UI8udrJG/QXh4FlDgJ3cTTJ3FtA8m/DykKojjTZj6LTuqnoVntcXvguj
ua/8x6J0FiWROdnhd4xjwGMblltZbihG5Qn2XzcJ/0gooTSuY4h8w7vOaAVh/bck
n21DHDDdtooy2g==
-----END CERTIFICATE-----