Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
File:                     H83UEOElAi3gfKWWP5L3jo-JSG4.mft (raw, json)
Hash identifier:          9v3nU6DhtIOyy/5e7Xri5mE1brSt+lfxpCOmX5m+ixc=
Subject key identifier:   EF:47:8B:A5:FA:16:59:E3:C3:37:5A:AB:A6:36:6E:36:D5:D4:B6:07
Authority key identifier: 1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E
Certificate issuer:       /CN=1fcdd410e125022de07ca5963f92f78e8f89486e
Certificate serial:       0197775356D772CC7486E78477F35BB4E630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
Manifest number:          1590
Signing time:             Mon 16 Jun 2025 06:00:39 +0000
Manifest this update:     Mon 16 Jun 2025 06:00:39 +0000
Manifest next update:     Tue 17 Jun 2025 06:00:39 +0000
Files and hashes:         1: H83UEOElAi3gfKWWP5L3jo-JSG4.crl (hash: sSQsUKi+7Bf1qMrhdwrzAhrTIrdKwc/4/c1jjRIPCOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:77:53:56:d7:72:cc:74:86:e7:84:77:f3:5b:b4:e6:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fcdd410e125022de07ca5963f92f78e8f89486e
        Validity
            Not Before: Jun 16 06:00:39 2025 GMT
            Not After : Jun 17 06:00:39 2025 GMT
        Subject: CN=ef478ba5fa1659e3c3375aaba6366e36d5d4b607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e1:7d:e4:14:78:d7:9f:5d:22:5e:a1:72:cb:
                    06:e6:89:2c:85:75:a8:56:57:9e:54:e1:3e:e6:9c:
                    a8:5b:c7:2a:cb:d8:28:a7:2f:dc:5e:47:db:f6:8d:
                    2b:02:4d:bc:ad:8c:9c:a3:87:19:78:af:66:42:36:
                    d2:fe:83:b1:f5:05:97:89:4f:6d:9a:fa:8a:1c:7a:
                    73:3a:b8:77:82:e5:06:66:01:51:5a:7d:2d:d1:ce:
                    fd:bd:58:36:f4:05:e4:6b:4a:fa:36:2f:1e:5a:52:
                    a2:44:98:b2:e0:38:14:3d:2a:20:e2:54:7e:c9:aa:
                    ef:fb:4b:99:47:88:7d:a4:69:94:72:79:7a:65:06:
                    3d:6a:a4:04:75:77:e6:57:7a:e9:88:de:95:2b:53:
                    6d:01:bf:1c:fd:c0:46:4a:1e:f3:cd:8d:c5:24:f3:
                    9f:b1:4e:fe:16:d9:dd:57:b9:c1:3c:5e:33:14:6b:
                    48:ef:a9:fc:08:c7:d6:4d:a1:1d:3a:23:ba:2c:92:
                    ae:58:50:2d:f2:a1:cf:9d:c9:2d:46:17:7b:b4:7a:
                    74:e7:aa:2a:1b:61:8f:7c:f5:b9:b2:7b:c8:4c:c9:
                    3d:64:22:bb:f9:68:d2:fb:b2:7f:2d:c0:bc:9e:24:
                    2c:f9:5d:2b:66:03:bb:8c:8b:a1:79:cb:ca:b2:3a:
                    91:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:47:8B:A5:FA:16:59:E3:C3:37:5A:AB:A6:36:6E:36:D5:D4:B6:07
            X509v3 Authority Key Identifier:
                keyid:1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:30:1a:f6:b6:0b:65:d8:44:cc:38:4b:c2:7b:8b:82:ca:a4:
         45:bb:91:bd:0a:bb:75:0a:3f:9c:ed:1a:f9:aa:9f:92:dc:05:
         75:4f:05:fb:8e:b3:f9:9a:f4:ad:2f:11:b2:50:f3:ad:66:0a:
         4e:7d:ed:40:69:58:f2:1b:e4:24:5f:c3:3a:22:d0:e2:82:b8:
         44:27:4c:d7:79:e8:cb:eb:f6:2d:f2:a6:85:32:cc:40:b8:ae:
         d2:aa:21:38:f8:76:ad:87:4f:1d:4f:d7:a7:db:6b:e9:48:3b:
         91:fb:33:52:14:12:8f:b9:b5:77:27:5e:f5:b5:c5:7c:6e:93:
         35:f2:21:97:0a:58:1c:9c:24:40:9e:3e:36:19:5b:ef:7f:1b:
         56:ad:ca:f5:75:1f:95:46:b8:78:65:6d:8d:34:a8:22:a8:a7:
         0f:e7:c8:97:f5:85:89:be:e0:54:d9:76:e6:89:eb:92:b3:3d:
         55:31:0d:c6:95:c2:06:15:fe:12:3e:3c:47:40:2d:e1:84:81:
         4b:cb:41:43:24:81:ba:84:16:f1:ba:4d:61:cd:75:63:e3:dc:
         3c:1d:81:e4:f7:92:60:d8:60:ae:93:7c:9e:3f:c2:c8:70:bd:
         68:04:9a:93:90:f5:9c:49:0c:68:b1:ab:d5:c1:55:51:f2:22:
         08:95:98:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd3U1bXcsx0hueEd/NbtOYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmY2RkNDEwZTEyNTAyMmRlMDdjYTU5NjNmOTJmNzhlOGY4
OTQ4NmUwHhcNMjUwNjE2MDYwMDM5WhcNMjUwNjE3MDYwMDM5WjAzMTEwLwYDVQQD
EyhlZjQ3OGJhNWZhMTY1OWUzYzMzNzVhYWJhNjM2NmUzNmQ1ZDRiNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeF95BR4159dIl6hcssG5okshXWo
VleeVOE+5pyoW8cqy9gopy/cXkfb9o0rAk28rYyco4cZeK9mQjbS/oOx9QWXiU9t
mvqKHHpzOrh3guUGZgFRWn0t0c79vVg29AXka0r6Ni8eWlKiRJiy4DgUPSog4lR+
yarv+0uZR4h9pGmUcnl6ZQY9aqQEdXfmV3rpiN6VK1NtAb8c/cBGSh7zzY3FJPOf
sU7+FtndV7nBPF4zFGtI76n8CMfWTaEdOiO6LJKuWFAt8qHPncktRhd7tHp056oq
G2GPfPW5snvITMk9ZCK7+WjS+7J/LcC8niQs+V0rZgO7jIuhecvKsjqRbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9Hi6X6Flnjwzdaq6Y2bjbV1LYHMB8GA1UdIwQY
MBaAFB/N1BDhJQIt4Hyllj+S946PiUhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUt
YWI2OWRhOGYzN2VjLzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUtYWI2OWRhOGYzN2Vj
LzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDAa9rYL
ZdhEzDhLwnuLgsqkRbuRvQq7dQo/nO0a+aqfktwFdU8F+46z+Zr0rS8RslDzrWYK
Tn3tQGlY8hvkJF/DOiLQ4oK4RCdM13noy+v2LfKmhTLMQLiu0qohOPh2rYdPHU/X
p9tr6Ug7kfszUhQSj7m1dyde9bXFfG6TNfIhlwpYHJwkQJ4+Nhlb738bVq3K9XUf
lUa4eGVtjTSoIqinD+fIl/WFib7gVNl25onrkrM9VTENxpXCBhX+Ej48R0At4YSB
S8tBQySBuoQW8bpNYc11Y+PcPB2B5PeSYNhgrpN8nj/CyHC9aASak5D1nEkMaLGr
1cFVUfIiCJWY3g==
-----END CERTIFICATE-----