Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          tariFF5PolOKLVHwWGdnZ/KDMLan6aWVNRUHg7eEES0=
Subject key identifier:   FA:D6:69:BD:83:BB:80:38:A0:F2:66:F5:E5:93:F2:64:67:F4:AB:6F
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       01976DAB4809C4B38B1E1A5754BEE8B61949
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0A6F
Signing time:             Sat 14 Jun 2025 09:00:30 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:30 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:30 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: cECNdkn9JHyxFuA3QP++V3Ef6xcC8tH1VqUo7TdflzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:48:09:c4:b3:8b:1e:1a:57:54:be:e8:b6:19:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Jun 14 09:00:30 2025 GMT
            Not After : Jun 15 09:00:30 2025 GMT
        Subject: CN=fad669bd83bb8038a0f266f5e593f26467f4ab6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:20:aa:66:16:90:55:9a:22:b2:56:2f:31:d6:
                    53:19:ef:3f:4b:38:b4:f6:53:42:07:34:f0:25:06:
                    dc:d7:85:a3:62:4e:4b:2f:76:22:e7:08:fc:36:13:
                    09:c8:4f:46:93:ca:33:5a:31:54:94:6a:73:25:40:
                    cb:8e:63:56:6b:51:12:40:f5:63:3c:55:63:01:57:
                    8c:88:2e:38:30:85:38:5e:9d:4a:e4:47:27:63:3e:
                    0a:94:da:01:bc:9d:76:89:6e:0b:14:95:4e:b3:2d:
                    f2:11:eb:b5:c1:d0:e0:e1:de:aa:6a:26:69:30:e8:
                    f1:89:72:f2:d2:8d:94:e8:23:c8:bc:f7:bc:79:ef:
                    6c:5c:37:53:94:9f:1c:5a:ae:df:ed:3e:d2:30:9e:
                    0f:46:3d:ca:25:f2:17:05:5d:94:0e:91:cc:41:d7:
                    cc:2f:45:a4:b0:53:7f:dc:00:c3:93:e1:cd:0d:fd:
                    0b:4e:ea:b4:61:b5:d5:c7:c1:47:43:26:d1:2c:e1:
                    ac:dd:71:10:66:fa:54:a3:b9:b9:3d:87:3b:59:e6:
                    62:98:99:f2:55:e4:15:3c:19:71:36:60:15:87:6d:
                    44:44:03:a0:3d:7b:5f:6c:5d:36:02:c6:da:2e:92:
                    d0:34:8a:47:61:66:ff:47:16:32:ce:40:fd:39:14:
                    7b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D6:69:BD:83:BB:80:38:A0:F2:66:F5:E5:93:F2:64:67:F4:AB:6F
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:13:75:04:71:c9:8f:3c:9d:6d:29:d4:81:24:f4:af:4e:69:
         9f:38:6e:9b:27:dc:c7:5e:b1:db:fb:b2:86:c2:83:10:96:0d:
         7c:d3:b7:e4:e9:25:6e:48:84:ad:f1:ca:66:d1:e4:fc:3d:26:
         00:a4:2b:c1:b9:4e:6f:90:9b:a1:f9:68:bc:df:bc:1f:71:69:
         bb:e4:12:1f:e2:ce:b6:a0:75:8b:89:ec:5c:78:a9:7f:f3:09:
         75:2f:42:c0:af:9f:bd:b5:9c:15:f9:8d:c0:79:ca:f9:09:9e:
         19:54:79:5a:54:79:3a:e6:bd:4e:e6:4a:e1:87:61:af:3d:86:
         af:4b:68:b1:09:d3:a0:41:d3:12:03:3e:d8:ef:8e:a0:f8:98:
         2c:16:b9:76:92:47:7a:70:11:81:68:98:a3:3b:7d:cb:f4:62:
         e4:02:e1:3e:50:bc:c2:42:42:ad:44:9c:dc:2c:bb:6a:81:6d:
         e9:b1:2b:31:6c:74:c9:76:05:9b:50:4d:8c:6e:79:fd:1c:39:
         48:be:e3:ee:4f:ca:46:52:7a:0d:08:d7:e7:af:d8:c2:a3:c5:
         8f:2c:54:e2:91:4d:08:79:4f:5e:a8:29:a5:fd:c6:a7:24:27:
         93:c8:bc:69:67:7a:0a:c4:ae:3a:8b:e6:c9:e6:9b:7e:cc:df:
         26:3d:3c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq0gJxLOLHhpXVL7othlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjUwNjE0MDkwMDMwWhcNMjUwNjE1MDkwMDMwWjAzMTEwLwYDVQQD
EyhmYWQ2NjliZDgzYmI4MDM4YTBmMjY2ZjVlNTkzZjI2NDY3ZjRhYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CCqZhaQVZoislYvMdZTGe8/Szi0
9lNCBzTwJQbc14WjYk5LL3Yi5wj8NhMJyE9Gk8ozWjFUlGpzJUDLjmNWa1ESQPVj
PFVjAVeMiC44MIU4Xp1K5EcnYz4KlNoBvJ12iW4LFJVOsy3yEeu1wdDg4d6qaiZp
MOjxiXLy0o2U6CPIvPe8ee9sXDdTlJ8cWq7f7T7SMJ4PRj3KJfIXBV2UDpHMQdfM
L0WksFN/3ADDk+HNDf0LTuq0YbXVx8FHQybRLOGs3XEQZvpUo7m5PYc7WeZimJny
VeQVPBlxNmAVh21ERAOgPXtfbF02AsbaLpLQNIpHYWb/RxYyzkD9ORR77QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrWab2Du4A4oPJm9eWT8mRn9KtvMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhN1BHHJ
jzydbSnUgST0r05pnzhumyfcx16x2/uyhsKDEJYNfNO35OklbkiErfHKZtHk/D0m
AKQrwblOb5CboflovN+8H3Fpu+QSH+LOtqB1i4nsXHipf/MJdS9CwK+fvbWcFfmN
wHnK+QmeGVR5WlR5Oua9TuZK4Ydhrz2Gr0tosQnToEHTEgM+2O+OoPiYLBa5dpJH
enARgWiYozt9y/Ri5ALhPlC8wkJCrUSc3Cy7aoFt6bErMWx0yXYFm1BNjG55/Rw5
SL7j7k/KRlJ6DQjX56/YwqPFjyxU4pFNCHlPXqgppf3GpyQnk8i8aWd6CsSuOovm
yeabfszfJj08eg==
-----END CERTIFICATE-----