Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
File:                     AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft (raw, json)
Hash identifier:          3VP7M37vqVATcI06V9+vv04TE656jS7s9Kr/iAQzAiA=
Subject key identifier:   BF:66:E2:60:2F:32:43:C0:C5:EB:E3:69:C9:8F:60:B0:8F:8B:B3:EC
Authority key identifier: 02:72:BD:3B:32:AE:CA:F2:6C:A8:ED:B3:C8:78:FE:57:95:F2:AB:6F
Certificate issuer:       /CN=0272bd3b32aecaf26ca8edb3c878fe5795f2ab6f
Certificate serial:       019778D47F003AB2F6146688497A19BB063B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
Manifest number:          0710
Signing time:             Mon 16 Jun 2025 13:01:21 +0000
Manifest this update:     Mon 16 Jun 2025 13:01:21 +0000
Manifest next update:     Tue 17 Jun 2025 13:01:21 +0000
Files and hashes:         1: AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl (hash: vqhWiK8MK/iYXhSu2miBQugy8iFg53wvFVrN87b8nzk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:d4:7f:00:3a:b2:f6:14:66:88:49:7a:19:bb:06:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0272bd3b32aecaf26ca8edb3c878fe5795f2ab6f
        Validity
            Not Before: Jun 16 13:01:21 2025 GMT
            Not After : Jun 17 13:01:21 2025 GMT
        Subject: CN=bf66e2602f3243c0c5ebe369c98f60b08f8bb3ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:38:d4:ab:52:f6:bd:01:30:67:3c:65:5a:22:
                    eb:8d:7a:ee:8e:e4:03:67:45:f4:37:da:40:4f:c5:
                    e8:d6:ea:0a:cc:32:03:c8:fe:de:d5:f1:0a:6c:6f:
                    68:09:40:96:e7:8f:f6:08:5a:50:02:37:7c:38:34:
                    4b:91:f8:48:56:98:65:44:ce:0c:69:8d:78:d8:33:
                    7d:e5:f8:dc:8d:95:44:c0:9a:17:39:8f:2d:12:7b:
                    82:c9:b1:e1:ff:33:33:be:dc:3c:3e:cb:d4:4d:d0:
                    0f:e0:bc:b0:e1:e3:0e:e1:df:60:fc:4c:43:fd:c9:
                    b6:f3:86:82:df:52:73:cc:57:4f:18:d5:ae:d3:d2:
                    6b:f2:dc:f9:90:37:da:08:15:80:3b:dc:50:fc:d7:
                    df:f9:63:d1:09:b5:0e:da:31:19:da:7a:b3:ce:f5:
                    27:8f:c5:af:89:a0:93:9f:1b:35:80:1f:3e:bd:01:
                    68:01:bb:58:8e:81:09:69:f3:05:c8:8f:6f:c5:5c:
                    94:d0:2b:d1:72:d2:9b:00:10:2f:2c:77:db:dd:87:
                    23:de:7c:40:e8:9b:b1:33:17:70:08:59:71:da:e3:
                    06:0c:91:ec:41:d6:2a:61:30:55:25:46:84:0d:74:
                    9d:1d:99:37:66:fd:69:ac:11:46:a3:05:84:d0:96:
                    c1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:66:E2:60:2F:32:43:C0:C5:EB:E3:69:C9:8F:60:B0:8F:8B:B3:EC
            X509v3 Authority Key Identifier:
                keyid:02:72:BD:3B:32:AE:CA:F2:6C:A8:ED:B3:C8:78:FE:57:95:F2:AB:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:a4:22:bc:1a:2e:f8:99:7f:cb:7d:bd:5c:ff:63:d6:d6:cf:
         3c:7d:04:20:d7:cd:b7:76:3c:d2:28:ca:f2:e6:71:97:05:f6:
         e5:d3:96:e8:5f:d0:0f:13:b9:f9:b3:ea:e3:da:46:5a:ec:02:
         ab:48:f7:76:f1:55:dd:0f:90:72:cc:40:4a:35:94:30:24:0a:
         fc:42:93:2f:3e:c7:de:c0:9f:b2:b9:26:d3:1a:8b:db:6f:81:
         a3:ad:22:f3:d2:81:c0:ca:49:28:43:f0:e6:51:70:46:55:26:
         89:ca:e2:6c:90:44:19:7f:90:14:66:1b:74:c5:00:86:65:03:
         63:74:0f:d3:5f:94:4f:7a:41:0d:41:42:0b:87:ed:db:af:5b:
         d0:26:d7:e2:13:95:e0:50:27:9a:4e:12:e4:02:6c:36:36:62:
         5c:37:b4:9a:49:9c:49:f7:d9:50:4e:4b:02:dd:d7:7a:4a:70:
         80:99:ea:ea:15:22:71:a9:9b:50:c4:29:9f:8f:5a:e5:e3:e6:
         50:28:27:02:d3:5f:31:f9:a4:92:d8:57:cc:c1:38:f1:c0:bb:
         28:c0:2a:c5:57:c3:ac:82:cc:a5:9b:5c:fd:1d:15:6f:da:fd:
         a1:6a:a1:30:fa:25:8b:0e:c6:c9:cd:73:c1:21:cd:04:0a:4c:
         e1:a7:85:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd41H8AOrL2FGaISXoZuwY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzJiZDNiMzJhZWNhZjI2Y2E4ZWRiM2M4NzhmZTU3OTVm
MmFiNmYwHhcNMjUwNjE2MTMwMTIxWhcNMjUwNjE3MTMwMTIxWjAzMTEwLwYDVQQD
EyhiZjY2ZTI2MDJmMzI0M2MwYzVlYmUzNjljOThmNjBiMDhmOGJiM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTjUq1L2vQEwZzxlWiLrjXrujuQD
Z0X0N9pAT8Xo1uoKzDIDyP7e1fEKbG9oCUCW54/2CFpQAjd8ODRLkfhIVphlRM4M
aY142DN95fjcjZVEwJoXOY8tEnuCybHh/zMzvtw8PsvUTdAP4Lyw4eMO4d9g/ExD
/cm284aC31JzzFdPGNWu09Jr8tz5kDfaCBWAO9xQ/Nff+WPRCbUO2jEZ2nqzzvUn
j8WviaCTnxs1gB8+vQFoAbtYjoEJafMFyI9vxVyU0CvRctKbABAvLHfb3Ycj3nxA
6JuxMxdwCFlx2uMGDJHsQdYqYTBVJUaEDXSdHZk3Zv1prBFGowWE0JbBpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9m4mAvMkPAxevjacmPYLCPi7PsMB8GA1UdIwQY
MBaAFAJyvTsyrsrybKjts8h4/leV8qtvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZjJlNzUtZWNlZS00OGUxLThhZjYt
MTJkZWRlOWQwYzcxLzEvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZjJlNzUtZWNlZS00OGUxLThhZjYtMTJkZWRlOWQwYzcx
LzEvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKaQivBou
+Jl/y329XP9j1tbPPH0EINfNt3Y80ijK8uZxlwX25dOW6F/QDxO5+bPq49pGWuwC
q0j3dvFV3Q+QcsxASjWUMCQK/EKTLz7H3sCfsrkm0xqL22+Bo60i89KBwMpJKEPw
5lFwRlUmicribJBEGX+QFGYbdMUAhmUDY3QP01+UT3pBDUFCC4ft269b0CbX4hOV
4FAnmk4S5AJsNjZiXDe0mkmcSffZUE5LAt3XekpwgJnq6hUicambUMQpn49a5ePm
UCgnAtNfMfmkkthXzME48cC7KMAqxVfDrILMpZtc/R0Vb9r9oWqhMPoliw7Gyc1z
wSHNBApM4aeF4Q==
-----END CERTIFICATE-----