Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
File:                     V9wqO2671XpOSCmt0_KgKnbld4k.mft (raw, json)
Hash identifier:          FfWa1XzpMjP+bLqLiaPnfhaYEloPLENjiSSg/lRzPgw=
Subject key identifier:   68:8C:C9:8C:AF:29:47:F7:CC:87:82:76:6C:EB:33:15:19:C6:F8:D1
Authority key identifier: 57:DC:2A:3B:6E:BB:D5:7A:4E:48:29:AD:D3:F2:A0:2A:76:E5:77:89
Certificate issuer:       /CN=57dc2a3b6ebbd57a4e4829add3f2a02a76e57789
Certificate serial:       0197838EB592D4A9F8BDF1D24FE38F5AE349
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
Manifest number:          0291
Signing time:             Wed 18 Jun 2025 15:00:57 +0000
Manifest this update:     Wed 18 Jun 2025 15:00:57 +0000
Manifest next update:     Thu 19 Jun 2025 15:00:57 +0000
Files and hashes:         1: V9wqO2671XpOSCmt0_KgKnbld4k.crl (hash: QnRhaLr5vGEEt9AfQvJEud0yBtvoVIeIv4+2zXscfgQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 15:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:83:8e:b5:92:d4:a9:f8:bd:f1:d2:4f:e3:8f:5a:e3:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57dc2a3b6ebbd57a4e4829add3f2a02a76e57789
        Validity
            Not Before: Jun 18 15:00:57 2025 GMT
            Not After : Jun 19 15:00:57 2025 GMT
        Subject: CN=688cc98caf2947f7cc8782766ceb331519c6f8d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f0:09:fc:43:fb:c8:27:60:a3:3f:b0:4b:e8:
                    73:0d:0e:e7:85:75:cd:3e:ff:02:ff:3f:d7:d0:dc:
                    76:19:7c:81:23:50:97:c5:c4:ac:9e:03:a7:a5:54:
                    38:23:ec:9e:76:42:26:2b:5d:d3:6f:83:d8:76:43:
                    79:6c:5c:23:18:cd:c8:f7:d4:79:49:f7:30:0f:70:
                    12:ac:49:66:5d:a7:54:3e:18:30:6e:40:88:93:52:
                    44:c0:ad:cf:59:6a:31:4a:4f:a7:9b:5d:78:77:b3:
                    06:95:63:e1:87:cb:35:85:a4:50:ba:f2:54:eb:25:
                    6f:64:6e:02:a8:4c:8b:a2:d2:a8:2d:5f:aa:3b:fd:
                    86:03:bf:64:04:32:e7:ce:3e:fa:c8:f3:db:3a:8a:
                    83:24:bf:17:8b:f1:5f:cd:5d:ab:79:6a:1d:7d:7f:
                    4b:e7:0d:02:5e:11:21:e0:a6:7c:64:66:8e:6e:1d:
                    9d:62:c6:a5:39:aa:34:45:6c:b0:9c:63:e5:68:d5:
                    83:d1:b7:58:b3:64:7d:11:e8:9b:e1:6c:8f:b6:3f:
                    f5:db:0a:fb:06:c9:2b:7a:b3:fa:b5:ea:8d:a7:91:
                    78:c7:9b:c6:0b:7e:98:c0:75:f6:70:fa:df:f6:23:
                    d3:ac:e3:e0:65:41:8f:99:aa:21:2d:c9:9f:0b:11:
                    34:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:8C:C9:8C:AF:29:47:F7:CC:87:82:76:6C:EB:33:15:19:C6:F8:D1
            X509v3 Authority Key Identifier:
                keyid:57:DC:2A:3B:6E:BB:D5:7A:4E:48:29:AD:D3:F2:A0:2A:76:E5:77:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V9wqO2671XpOSCmt0_KgKnbld4k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/654504-54e1-4502-ab22-40459d6934ae/1/V9wqO2671XpOSCmt0_KgKnbld4k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:0b:ca:55:d3:80:54:c8:fe:2b:39:ac:08:fd:97:6b:2a:83:
         46:2d:3a:83:31:8d:cc:4b:12:9f:e0:af:85:ed:00:82:c4:87:
         c1:f4:e4:5e:3f:31:d9:24:f4:97:e1:a0:fc:ad:db:0d:83:d5:
         fb:a0:4f:46:c9:4f:2f:fc:02:69:03:c2:99:87:55:4c:28:35:
         a1:08:7e:ed:09:30:13:80:76:69:12:6d:f9:af:fb:30:77:f1:
         7e:6c:97:f4:5b:bd:aa:9a:45:2e:2d:77:36:79:7c:8e:08:89:
         74:42:0e:74:0b:48:94:56:63:3c:e7:b5:18:63:3c:38:0f:2a:
         b5:7a:b7:10:a2:dc:b3:89:4d:6e:7d:03:f6:73:ef:c7:be:34:
         4a:70:8b:c9:1b:28:9b:1d:0d:e3:f8:8c:b7:98:ab:e0:f4:ba:
         54:82:e2:c4:5c:a2:85:84:29:6d:aa:20:9a:e9:5f:d5:46:86:
         88:5d:83:bb:22:b5:2e:fa:32:c7:ee:e6:81:70:48:df:e9:19:
         b4:0f:fe:d7:d7:9c:98:82:0e:99:79:33:21:2a:a1:ae:66:31:
         28:b0:ca:30:d4:c5:e3:4b:7c:49:d2:66:99:98:fd:9e:db:97:
         cf:b2:5b:39:2e:0e:46:fd:8d:7b:ad:ba:30:e4:e1:38:45:3d:
         c9:7c:40:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeDjrWS1Kn4vfHST+OPWuNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZGMyYTNiNmViYmQ1N2E0ZTQ4MjlhZGQzZjJhMDJhNzZl
NTc3ODkwHhcNMjUwNjE4MTUwMDU3WhcNMjUwNjE5MTUwMDU3WjAzMTEwLwYDVQQD
Eyg2ODhjYzk4Y2FmMjk0N2Y3Y2M4NzgyNzY2Y2ViMzMxNTE5YzZmOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPAJ/EP7yCdgoz+wS+hzDQ7nhXXN
Pv8C/z/X0Nx2GXyBI1CXxcSsngOnpVQ4I+yedkImK13Tb4PYdkN5bFwjGM3I99R5
SfcwD3ASrElmXadUPhgwbkCIk1JEwK3PWWoxSk+nm114d7MGlWPhh8s1haRQuvJU
6yVvZG4CqEyLotKoLV+qO/2GA79kBDLnzj76yPPbOoqDJL8Xi/FfzV2reWodfX9L
5w0CXhEh4KZ8ZGaObh2dYsalOao0RWywnGPlaNWD0bdYs2R9Eeib4WyPtj/12wr7
BskrerP6teqNp5F4x5vGC36YwHX2cPrf9iPTrOPgZUGPmaohLcmfCxE0jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiMyYyvKUf3zIeCdmzrMxUZxvjRMB8GA1UdIwQY
MBaAFFfcKjtuu9V6TkgprdPyoCp25XeJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82NTQ1MDQtNTRlMS00NTAyLWFiMjIt
NDA0NTlkNjkzNGFlLzEvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82NTQ1MDQtNTRlMS00NTAyLWFiMjItNDA0NTlkNjkzNGFl
LzEvVjl3cU8yNjcxWHBPU0NtdDBfS2dLbmJsZDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQvKVdOA
VMj+KzmsCP2XayqDRi06gzGNzEsSn+Cvhe0AgsSHwfTkXj8x2ST0l+Gg/K3bDYPV
+6BPRslPL/wCaQPCmYdVTCg1oQh+7QkwE4B2aRJt+a/7MHfxfmyX9Fu9qppFLi13
Nnl8jgiJdEIOdAtIlFZjPOe1GGM8OA8qtXq3EKLcs4lNbn0D9nPvx740SnCLyRso
mx0N4/iMt5ir4PS6VILixFyihYQpbaogmulf1UaGiF2DuyK1Lvoyx+7mgXBI3+kZ
tA/+19ecmIIOmXkzISqhrmYxKLDKMNTF40t8SdJmmZj9ntuXz7JbOS4ORv2Ne626
MOThOEU9yXxAWg==
-----END CERTIFICATE-----