Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
File:                     S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft (raw, json)
Hash identifier:          N5i3efj1OFuWL/GdmhqWHALsY8gBo/FbzuMjNDBjwBA=
Subject key identifier:   E6:83:F1:3C:21:85:83:D8:38:D4:2B:E0:7C:36:01:0E:BD:7F:25:41
Authority key identifier: 4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C
Certificate issuer:       /CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
Certificate serial:       01976C98C94EC56984696D8DD16C9F33BCD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
Manifest number:          07A1
Signing time:             Sat 14 Jun 2025 04:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:41 +0000
Files and hashes:         1: S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl (hash: D5qOv81AeW7gBf4uaqEiQ7w2gOcZxS/MnXpuerkFFss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:c9:4e:c5:69:84:69:6d:8d:d1:6c:9f:33:bc:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
        Validity
            Not Before: Jun 14 04:00:41 2025 GMT
            Not After : Jun 15 04:00:41 2025 GMT
        Subject: CN=e683f13c218583d838d42be07c36010ebd7f2541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6a:df:79:e9:6b:79:cd:f5:ae:e3:8b:4a:ba:
                    d3:f2:78:e5:f1:13:09:96:da:40:3b:ae:2e:aa:f2:
                    8f:0e:78:39:25:b3:50:9d:5e:8b:79:51:c6:67:d5:
                    ea:1e:20:52:f5:7e:8a:af:d6:3c:64:0b:13:5c:0e:
                    f1:16:4d:ed:4c:6a:65:9b:10:45:3a:34:04:a5:c8:
                    7a:8d:3d:d2:64:3b:5c:78:10:62:b5:93:b1:49:44:
                    ac:ae:b8:3e:66:57:e4:e7:08:33:d1:f5:fa:c3:73:
                    f4:9e:bc:91:a4:5d:e9:3b:43:c4:ce:20:98:40:70:
                    fb:18:ba:64:1d:44:bd:36:2b:76:18:d1:8e:b5:51:
                    af:39:1e:7c:5d:5f:18:df:f7:18:8a:1e:5f:bc:1d:
                    54:51:07:f0:61:e5:60:57:57:99:44:9a:89:32:9c:
                    5b:3f:c8:2d:82:96:41:9d:15:c2:66:7e:ef:9c:07:
                    60:85:c0:1b:d9:c3:9e:9d:df:da:38:12:73:77:75:
                    20:14:47:88:97:65:19:e6:e3:9f:d5:56:84:d0:de:
                    fa:42:db:77:26:4c:47:c1:57:02:9d:6f:39:ae:c8:
                    09:71:44:39:cb:a9:c4:66:90:4a:34:ae:6f:76:2e:
                    f5:8f:70:89:6c:38:49:17:36:6f:03:95:17:8f:bb:
                    8a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:83:F1:3C:21:85:83:D8:38:D4:2B:E0:7C:36:01:0E:BD:7F:25:41
            X509v3 Authority Key Identifier:
                keyid:4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:af:23:a0:ea:4c:bf:d3:b1:4e:bf:b6:ef:58:01:5a:ad:f1:
         6b:06:96:5e:5d:26:64:2f:c1:d7:43:8f:5f:33:fa:5e:ea:db:
         95:73:94:62:0c:18:95:8e:b1:3a:70:73:d3:03:3c:16:a2:fd:
         8a:21:74:ca:93:6a:11:f1:e4:1b:7b:10:72:29:81:7c:f1:07:
         7f:d2:17:16:98:1f:e5:fb:e9:3c:ad:44:e8:9c:01:3c:f5:97:
         4a:30:d7:a6:3b:9a:22:56:ae:0d:00:a0:8e:25:5c:a1:47:66:
         a5:74:46:eb:55:3f:c8:77:41:72:b4:d0:ae:0f:66:ca:d1:b9:
         9f:13:bc:34:54:c4:f3:27:85:dd:55:37:2a:eb:4b:8c:e6:20:
         5b:95:7e:82:9a:21:72:52:af:72:32:e5:9d:f6:3a:ec:2d:2f:
         1d:7e:80:3e:51:a1:56:64:8b:6e:b9:01:76:90:c1:de:e8:2c:
         3a:64:c6:53:09:c3:17:34:73:95:b2:46:7b:8b:8e:4c:d9:3c:
         cc:10:13:ba:e7:90:3c:9d:45:15:bf:b4:13:1f:ea:12:33:28:
         52:b8:62:7a:de:58:20:8d:af:28:f0:4d:97:d5:be:4a:d3:d8:
         a9:1e:b4:14:24:15:f4:ee:31:0f:c0:c1:cb:94:a8:b8:08:97:
         78:7a:e0:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmMlOxWmEaW2N0WyfM7zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiY2NkMGRiNTJmMGVkNGY3M2E2ODFlM2QzNmFiNmMyMzAy
NzdkM2MwHhcNMjUwNjE0MDQwMDQxWhcNMjUwNjE1MDQwMDQxWjAzMTEwLwYDVQQD
EyhlNjgzZjEzYzIxODU4M2Q4MzhkNDJiZTA3YzM2MDEwZWJkN2YyNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWrfeelrec31ruOLSrrT8njl8RMJ
ltpAO64uqvKPDng5JbNQnV6LeVHGZ9XqHiBS9X6Kr9Y8ZAsTXA7xFk3tTGplmxBF
OjQEpch6jT3SZDtceBBitZOxSUSsrrg+Zlfk5wgz0fX6w3P0nryRpF3pO0PEziCY
QHD7GLpkHUS9Nit2GNGOtVGvOR58XV8Y3/cYih5fvB1UUQfwYeVgV1eZRJqJMpxb
P8gtgpZBnRXCZn7vnAdghcAb2cOend/aOBJzd3UgFEeIl2UZ5uOf1VaE0N76Qtt3
JkxHwVcCnW85rsgJcUQ5y6nEZpBKNK5vdi71j3CJbDhJFzZvA5UXj7uKEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaD8TwhhYPYONQr4Hw2AQ69fyVBMB8GA1UdIwQY
MBaAFEvM0NtS8O1Pc6aB49NqtsIwJ308MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMt
ZjNmMTViMTI2NWJiLzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMtZjNmMTViMTI2NWJi
LzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaK8joOpM
v9OxTr+271gBWq3xawaWXl0mZC/B10OPXzP6XurblXOUYgwYlY6xOnBz0wM8FqL9
iiF0ypNqEfHkG3sQcimBfPEHf9IXFpgf5fvpPK1E6JwBPPWXSjDXpjuaIlauDQCg
jiVcoUdmpXRG61U/yHdBcrTQrg9mytG5nxO8NFTE8yeF3VU3KutLjOYgW5V+gpoh
clKvcjLlnfY67C0vHX6APlGhVmSLbrkBdpDB3ugsOmTGUwnDFzRzlbJGe4uOTNk8
zBATuueQPJ1FFb+0Ex/qEjMoUrhiet5YII2vKPBNl9W+StPYqR60FCQV9O4xD8DB
y5SouAiXeHrgYg==
-----END CERTIFICATE-----