Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
File:                     CEaS7DDzfffcteR600auvetx_DA.mft (raw, json)
Hash identifier:          7cFXS4y3wBkWL18DrcfjeRa+W8PxNXrVx6yCP9fC1MM=
Subject key identifier:   BB:FB:52:CB:8C:51:9F:06:F5:6F:04:B1:56:20:01:53:9B:4C:C5:7B
Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30
Certificate issuer:       /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
Certificate serial:       01977B309C521F0AAB42DBF86066DBAD7429
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
Manifest number:          1592
Signing time:             Tue 17 Jun 2025 00:01:12 +0000
Manifest this update:     Tue 17 Jun 2025 00:01:12 +0000
Manifest next update:     Wed 18 Jun 2025 00:01:12 +0000
Files and hashes:         1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: QLrxbCF3y5bUxWUo+LOCN4W3z2mkWbWSkbJhPqshsBs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 00:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7b:30:9c:52:1f:0a:ab:42:db:f8:60:66:db:ad:74:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30
        Validity
            Not Before: Jun 17 00:01:12 2025 GMT
            Not After : Jun 18 00:01:12 2025 GMT
        Subject: CN=bbfb52cb8c519f06f56f04b1562001539b4cc57b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:70:db:14:70:95:4c:4e:a2:55:03:fe:e3:81:
                    e5:c8:ce:8a:46:5f:5e:f1:09:f4:a0:ba:3e:32:89:
                    65:7f:fb:bb:b2:5b:1b:1f:9b:e3:1f:e3:2b:12:af:
                    4b:d2:d1:f0:54:eb:49:51:a5:c1:f0:e9:78:61:bb:
                    d7:dd:31:55:c6:41:43:5b:9d:f6:29:e3:6c:1d:4a:
                    bd:5f:bc:ae:41:5c:c3:b0:d6:99:58:6d:91:b1:5e:
                    0e:58:70:f9:dc:e8:dd:9d:54:28:b5:0b:bb:d6:a5:
                    a2:75:58:c1:8c:7b:84:89:7c:80:ff:e8:85:6b:cb:
                    aa:ff:fb:2a:81:b2:fa:51:35:af:e3:3f:8e:c1:f0:
                    00:27:34:65:9b:7b:5f:67:80:30:90:1d:cd:fd:50:
                    a4:a2:ae:5d:c0:f5:56:d3:6c:cd:0c:26:ae:d9:f1:
                    62:af:90:0e:30:2a:23:c0:31:ef:94:4d:36:38:ae:
                    1a:a3:3b:31:04:f2:c8:ce:23:89:9a:2f:9f:88:a2:
                    8b:79:74:e4:d1:3b:cf:c9:97:19:5e:cb:96:49:9f:
                    1b:b0:22:a6:e6:70:dd:92:54:e5:8c:c7:3e:91:02:
                    12:b2:86:4d:5f:73:3c:86:9c:be:a3:7c:3d:18:6f:
                    e3:ae:cf:24:ae:d6:ed:e9:e0:97:05:11:9e:9c:5c:
                    5e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FB:52:CB:8C:51:9F:06:F5:6F:04:B1:56:20:01:53:9B:4C:C5:7B
            X509v3 Authority Key Identifier:
                keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:a6:51:6f:52:cd:a5:c9:b8:53:08:0a:72:71:8b:cf:80:3d:
         06:a4:e4:c1:2d:c6:82:37:12:11:fc:02:2c:ad:28:84:59:83:
         9f:ea:a2:98:ed:61:0c:45:1f:02:e1:c6:6d:b5:44:1f:d9:8f:
         32:44:48:c2:c2:98:4c:ed:bf:5e:2d:5f:6c:f2:b6:f3:58:33:
         76:ae:8c:d7:23:95:dc:69:8c:df:1c:46:a7:11:4c:49:fd:62:
         32:c8:cd:99:71:ba:0f:ee:a7:6f:57:ad:6b:49:a5:43:b8:7e:
         fe:29:71:1b:a5:ce:4e:6a:b0:53:6f:f9:ae:c5:3d:31:d9:67:
         2e:9d:d7:ae:d6:bc:52:04:47:df:ca:52:ba:28:0e:b2:16:29:
         89:fd:d3:18:b5:c0:f1:f0:90:b6:27:7c:27:57:b9:f7:98:e9:
         36:1e:be:03:c6:c7:2f:d6:09:30:f9:ae:80:ee:66:02:18:39:
         01:0d:f7:e4:64:90:be:6c:71:d3:34:a7:6b:df:0e:b7:0b:8b:
         d1:5c:da:4f:b1:22:9b:04:cd:fc:7b:0e:fd:b5:78:7e:68:4e:
         77:de:86:02:ce:57:ee:c0:77:cf:c3:d3:90:d8:1d:c4:87:6f:
         a1:bd:07:cd:22:34:12:b7:26:ce:58:34:f4:4c:cd:f8:f8:60:
         b5:ff:ff:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd7MJxSHwqrQtv4YGbbrXQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3
MWZjMzAwHhcNMjUwNjE3MDAwMTEyWhcNMjUwNjE4MDAwMTEyWjAzMTEwLwYDVQQD
EyhiYmZiNTJjYjhjNTE5ZjA2ZjU2ZjA0YjE1NjIwMDE1MzliNGNjNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnDbFHCVTE6iVQP+44HlyM6KRl9e
8Qn0oLo+Mollf/u7slsbH5vjH+MrEq9L0tHwVOtJUaXB8Ol4YbvX3TFVxkFDW532
KeNsHUq9X7yuQVzDsNaZWG2RsV4OWHD53OjdnVQotQu71qWidVjBjHuEiXyA/+iF
a8uq//sqgbL6UTWv4z+OwfAAJzRlm3tfZ4AwkB3N/VCkoq5dwPVW02zNDCau2fFi
r5AOMCojwDHvlE02OK4aozsxBPLIziOJmi+fiKKLeXTk0TvPyZcZXsuWSZ8bsCKm
5nDdklTljMc+kQISsoZNX3M8hpy+o3w9GG/jrs8krtbt6eCXBRGenFxeWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv7UsuMUZ8G9W8EsVYgAVObTMV7MB8GA1UdIwQY
MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt
MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz
LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6ZRb1LN
pcm4UwgKcnGLz4A9BqTkwS3GgjcSEfwCLK0ohFmDn+qimO1hDEUfAuHGbbVEH9mP
MkRIwsKYTO2/Xi1fbPK281gzdq6M1yOV3GmM3xxGpxFMSf1iMsjNmXG6D+6nb1et
a0mlQ7h+/ilxG6XOTmqwU2/5rsU9MdlnLp3Xrta8UgRH38pSuigOshYpif3TGLXA
8fCQtid8J1e595jpNh6+A8bHL9YJMPmugO5mAhg5AQ335GSQvmxx0zSna98OtwuL
0VzaT7EimwTN/HsO/bV4fmhOd96GAs5X7sB3z8PTkNgdxIdvob0HzSI0Ercmzlg0
9EzN+Phgtf//Lg==
-----END CERTIFICATE-----