Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
File:                     FSj8hxfpGa4HJhquKNjIRWTIpxI.mft (raw, json)
Hash identifier:          ymFYH7S3mr+64vX69m0RynG6LvzfBoVjYMoZpTa9TVo=
Subject key identifier:   45:49:C6:ED:7E:56:41:01:C4:1B:76:B0:57:C7:EB:EF:9D:D3:90:F8
Authority key identifier: 15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12
Certificate issuer:       /CN=1528fc8717e919ae07261aae28d8c84564c8a712
Certificate serial:       0197759C3F1450E7A02E4385ACD968EF2919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
Manifest number:          0EF3
Signing time:             Sun 15 Jun 2025 22:01:03 +0000
Manifest this update:     Sun 15 Jun 2025 22:01:03 +0000
Manifest next update:     Mon 16 Jun 2025 22:01:03 +0000
Files and hashes:         1: FSj8hxfpGa4HJhquKNjIRWTIpxI.crl (hash: UzC4j4Z8Abo90lOzE2X2mQMLr7vN2UdEn7LQCYjI2jc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:75:9c:3f:14:50:e7:a0:2e:43:85:ac:d9:68:ef:29:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1528fc8717e919ae07261aae28d8c84564c8a712
        Validity
            Not Before: Jun 15 22:01:03 2025 GMT
            Not After : Jun 16 22:01:03 2025 GMT
        Subject: CN=4549c6ed7e564101c41b76b057c7ebef9dd390f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:ee:e4:84:39:26:a9:9f:75:80:b3:50:1b:e5:
                    31:36:1c:3f:e0:ab:22:34:dd:52:32:36:a0:9f:9a:
                    ef:1f:a9:d8:00:f8:f8:5c:b4:a8:7b:f1:43:73:04:
                    a5:aa:c6:53:84:f9:d9:b1:e7:e2:3b:05:17:6c:2c:
                    fd:7f:89:a7:05:6a:55:3b:ee:98:b5:bc:dc:17:ec:
                    b3:c0:ff:80:78:1e:11:40:79:16:aa:87:d2:80:27:
                    00:80:f7:8b:24:dd:22:2f:c6:a4:5c:db:7a:be:a8:
                    32:03:85:bf:84:a4:ac:b1:8c:7d:ee:e8:5e:c2:92:
                    b7:ce:41:c3:c6:2a:75:dd:72:d5:6d:81:63:7e:2b:
                    95:92:8a:0d:c0:6c:fc:a6:d3:a7:ba:dc:a1:97:3d:
                    96:31:17:eb:57:f3:a7:d3:ed:03:90:96:2d:2b:59:
                    ff:00:63:b3:0b:4a:9d:ad:33:4b:30:31:49:fe:e6:
                    52:c8:82:1c:4d:41:b3:50:60:d0:5d:97:47:a5:4b:
                    ed:0f:c3:78:19:17:e3:87:9c:17:12:02:7f:a2:71:
                    02:a8:f1:3a:89:57:57:07:29:51:5c:3f:83:d5:a4:
                    fc:3d:93:4a:0e:c5:59:ca:9b:91:ae:87:9a:f7:d7:
                    31:c8:73:11:bc:6a:3b:57:c5:c9:48:0b:a3:85:bf:
                    1f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:49:C6:ED:7E:56:41:01:C4:1B:76:B0:57:C7:EB:EF:9D:D3:90:F8
            X509v3 Authority Key Identifier:
                keyid:15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:4a:87:32:80:d1:8f:1b:a7:05:c9:0b:fb:41:14:f6:c2:bc:
         96:2d:1a:b5:bf:4b:8f:ae:73:1e:4f:d9:82:09:1d:36:c7:44:
         66:08:1a:2d:c1:e1:75:3f:10:ec:a5:b3:96:75:e9:a8:22:43:
         75:0d:b3:b7:59:6b:85:d2:5f:ba:d9:87:5f:a7:4c:0e:9b:84:
         38:64:9b:6b:18:5f:63:c9:12:e2:a4:d4:62:f3:0c:77:49:9f:
         cb:32:a2:9b:98:59:6f:41:ab:6c:b0:f3:09:49:a6:6d:41:9d:
         df:83:20:14:18:dc:b5:c0:83:f8:4f:88:56:a0:36:d3:75:ad:
         8c:05:52:18:05:da:40:d0:a0:0f:f5:29:17:51:f5:63:ed:2b:
         13:49:ad:b7:c2:15:8d:57:6d:e4:9c:9f:4c:44:0e:39:2c:44:
         e7:b9:65:c4:07:cd:2a:f0:86:3e:74:f5:c8:a5:af:0c:d9:de:
         58:09:3c:8c:75:13:4c:4b:10:13:fb:79:43:ff:e2:7f:27:4e:
         1d:c4:15:bd:5b:c3:54:67:c9:88:9e:cd:f8:10:08:5e:b3:7c:
         03:74:84:09:ff:25:3f:b0:a6:ef:63:ba:06:cb:40:7d:2b:2e:
         8a:fc:df:91:d2:94:3f:85:4c:9d:90:8d:54:fd:2e:33:43:f7:
         cd:d7:5d:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd1nD8UUOegLkOFrNlo7ykZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MjhmYzg3MTdlOTE5YWUwNzI2MWFhZTI4ZDhjODQ1NjRj
OGE3MTIwHhcNMjUwNjE1MjIwMTAzWhcNMjUwNjE2MjIwMTAzWjAzMTEwLwYDVQQD
Eyg0NTQ5YzZlZDdlNTY0MTAxYzQxYjc2YjA1N2M3ZWJlZjlkZDM5MGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/O7khDkmqZ91gLNQG+UxNhw/4Ksi
NN1SMjagn5rvH6nYAPj4XLSoe/FDcwSlqsZThPnZsefiOwUXbCz9f4mnBWpVO+6Y
tbzcF+yzwP+AeB4RQHkWqofSgCcAgPeLJN0iL8akXNt6vqgyA4W/hKSssYx97uhe
wpK3zkHDxip13XLVbYFjfiuVkooNwGz8ptOnutyhlz2WMRfrV/On0+0DkJYtK1n/
AGOzC0qdrTNLMDFJ/uZSyIIcTUGzUGDQXZdHpUvtD8N4GRfjh5wXEgJ/onECqPE6
iVdXBylRXD+D1aT8PZNKDsVZypuRroea99cxyHMRvGo7V8XJSAujhb8fJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVJxu1+VkEBxBt2sFfH6++d05D4MB8GA1UdIwQY
MBaAFBUo/IcX6RmuByYarijYyEVkyKcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTkt
NjcxMDcyZjkxYTEzLzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTktNjcxMDcyZjkxYTEz
LzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGUqHMoDR
jxunBckL+0EU9sK8li0atb9Lj65zHk/ZggkdNsdEZggaLcHhdT8Q7KWzlnXpqCJD
dQ2zt1lrhdJfutmHX6dMDpuEOGSbaxhfY8kS4qTUYvMMd0mfyzKim5hZb0GrbLDz
CUmmbUGd34MgFBjctcCD+E+IVqA203WtjAVSGAXaQNCgD/UpF1H1Y+0rE0mtt8IV
jVdt5JyfTEQOOSxE57llxAfNKvCGPnT1yKWvDNneWAk8jHUTTEsQE/t5Q//ifydO
HcQVvVvDVGfJiJ7N+BAIXrN8A3SECf8lP7Cm72O6BstAfSsuivzfkdKUP4VMnZCN
VP0uM0P3zdddGA==
-----END CERTIFICATE-----