Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
File:                     G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json)
Hash identifier:          rd+C/b4DGXOFGPJVP26frvjPJPOhTboFFyAZZvD2yyE=
Subject key identifier:   EC:BA:F2:91:34:72:D3:E6:2A:CE:53:71:B5:02:29:84:A9:79:CA:B7
Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD
Certificate issuer:       /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
Certificate serial:       01978661B2B7A360511D5C683A1671B92FC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
Manifest number:          0D34
Signing time:             Thu 19 Jun 2025 04:10:39 +0000
Manifest this update:     Thu 19 Jun 2025 04:10:39 +0000
Manifest next update:     Fri 20 Jun 2025 04:10:39 +0000
Files and hashes:         1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: 9x649Ui22Maoa96Bavea01Gi3Kkgl76i0NRexbiqEa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 23:47:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:86:61:b2:b7:a3:60:51:1d:5c:68:3a:16:71:b9:2f:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd
        Validity
            Not Before: Jun 19 04:10:39 2025 GMT
            Not After : Jun 20 04:10:39 2025 GMT
        Subject: CN=ecbaf2913472d3e62ace5371b5022984a979cab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a8:95:0b:7b:ef:5c:be:99:ea:82:53:65:76:
                    44:ac:59:2d:e8:5f:0c:94:e8:b7:3d:92:d1:b1:c7:
                    5c:31:2f:a5:75:1c:ce:de:15:d1:bb:fc:97:94:7d:
                    11:4a:e4:02:38:27:d1:d7:07:3b:f9:4b:f7:db:56:
                    03:f0:9f:8b:76:84:b2:bd:55:93:46:57:63:82:bd:
                    6c:7a:56:3f:2e:09:a3:21:a7:46:3e:ce:4c:ac:0e:
                    05:94:a1:dc:fa:6a:4f:e1:06:36:25:62:70:eb:02:
                    0d:45:ac:43:7a:6c:e4:28:34:58:64:00:21:6a:89:
                    d9:91:dd:4d:01:a0:98:19:c4:e4:97:3e:83:70:1e:
                    dc:5b:03:68:1c:6e:49:df:44:e1:00:ee:98:4e:10:
                    cf:e8:a0:f6:9f:38:05:46:d0:be:b3:12:2d:3b:aa:
                    d8:88:04:0b:77:c7:17:fc:1c:9a:26:d3:53:44:5d:
                    22:1e:08:2a:2f:05:13:7b:05:6f:10:28:2f:09:89:
                    7c:c3:10:1f:46:0e:f2:5f:79:56:1c:ea:8d:fa:4f:
                    71:e8:76:9f:6e:56:89:f7:91:1b:a6:80:55:be:99:
                    c6:d1:0d:29:3e:16:87:d1:d1:05:d2:6a:fb:c0:30:
                    fd:31:cd:b5:46:25:b8:ac:45:76:af:b0:86:6f:82:
                    c8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:BA:F2:91:34:72:D3:E6:2A:CE:53:71:B5:02:29:84:A9:79:CA:B7
            X509v3 Authority Key Identifier:
                keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:36:8b:09:a9:34:cc:f6:d3:5f:a8:57:7e:3d:cc:f9:24:88:
         a8:f5:c2:1d:82:62:dc:59:b8:43:51:88:82:85:3f:d8:c3:20:
         3b:78:45:f8:72:56:68:3f:2d:a1:9d:cf:08:2d:e7:5b:28:37:
         47:67:9a:c7:ce:8b:b3:70:b6:5a:2d:b0:33:07:a2:8f:60:05:
         f8:e5:a4:19:1e:68:28:e1:23:56:8f:53:c7:9a:c9:1d:4f:06:
         33:b3:9f:89:bb:11:1e:e8:7e:8c:f4:7a:df:a8:ba:43:ef:ed:
         e8:50:e0:a4:15:30:64:ea:9b:8d:38:22:bc:95:d5:68:61:57:
         29:2a:46:aa:17:b5:c5:c6:66:40:02:07:35:81:1e:0b:de:74:
         a1:bb:cb:56:93:a5:25:e3:cc:07:2c:a9:df:a8:ef:52:04:df:
         f8:a2:e0:74:93:e3:42:68:50:23:ad:e7:58:03:85:1e:3f:51:
         f2:67:99:a8:23:99:de:84:9b:c7:98:c4:ba:62:71:5b:3a:44:
         5a:76:be:c2:89:c5:96:dc:f7:b6:6e:6c:4d:49:3b:ae:45:9f:
         63:8c:c5:92:e5:e9:8b:bf:84:63:d4:25:3a:a4:00:8e:3f:7e:
         d3:c7:bc:34:2b:4c:ef:f4:84:81:b8:6d:c3:03:64:11:c5:e1:
         21:40:fd:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeGYbK3o2BRHVxoOhZxuS/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh
NTZjYmQwHhcNMjUwNjE5MDQxMDM5WhcNMjUwNjIwMDQxMDM5WjAzMTEwLwYDVQQD
EyhlY2JhZjI5MTM0NzJkM2U2MmFjZTUzNzFiNTAyMjk4NGE5NzljYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaiVC3vvXL6Z6oJTZXZErFkt6F8M
lOi3PZLRscdcMS+ldRzO3hXRu/yXlH0RSuQCOCfR1wc7+Uv321YD8J+LdoSyvVWT
Rldjgr1selY/LgmjIadGPs5MrA4FlKHc+mpP4QY2JWJw6wINRaxDemzkKDRYZAAh
aonZkd1NAaCYGcTklz6DcB7cWwNoHG5J30ThAO6YThDP6KD2nzgFRtC+sxItO6rY
iAQLd8cX/ByaJtNTRF0iHggqLwUTewVvECgvCYl8wxAfRg7yX3lWHOqN+k9x6Haf
blaJ95EbpoBVvpnG0Q0pPhaH0dEF0mr7wDD9Mc21RiW4rEV2r7CGb4LIZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOy68pE0ctPmKs5TcbUCKYSpecq3MB8GA1UdIwQY
MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt
MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx
LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTaLCak0
zPbTX6hXfj3M+SSIqPXCHYJi3Fm4Q1GIgoU/2MMgO3hF+HJWaD8toZ3PCC3nWyg3
R2eax86Ls3C2Wi2wMweij2AF+OWkGR5oKOEjVo9Tx5rJHU8GM7OfibsRHuh+jPR6
36i6Q+/t6FDgpBUwZOqbjTgivJXVaGFXKSpGqhe1xcZmQAIHNYEeC950obvLVpOl
JePMByyp36jvUgTf+KLgdJPjQmhQI63nWAOFHj9R8meZqCOZ3oSbx5jEumJxWzpE
Wna+wonFltz3tm5sTUk7rkWfY4zFkuXpi7+EY9QlOqQAjj9+08e8NCtM7/SEgbht
wwNkEcXhIUD9cg==
-----END CERTIFICATE-----