Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
File:                     9jOGnDZCtefqAii_DgspXO_MTd8.mft (raw, json)
Hash identifier:          s6fDsc7JlsP/SkRr5iq+jYft9w9wTgK6Jsrx8H2HNJE=
Subject key identifier:   96:6B:46:3D:38:BC:39:80:A7:2C:CE:55:B4:93:1F:C3:9C:D7:F0:93
Authority key identifier: F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF
Certificate issuer:       /CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
Certificate serial:       0197759BE0E07CBF25E82E7BDCB91421C2D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
Manifest number:          1009
Signing time:             Sun 15 Jun 2025 22:00:39 +0000
Manifest this update:     Sun 15 Jun 2025 22:00:39 +0000
Manifest next update:     Mon 16 Jun 2025 22:00:39 +0000
Files and hashes:         1: 9jOGnDZCtefqAii_DgspXO_MTd8.crl (hash: fXKg5R5vnZ/5jxXjdddIqQPBDlFDMfJJEcgYQZMvkkg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 20:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:75:9b:e0:e0:7c:bf:25:e8:2e:7b:dc:b9:14:21:c2:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
        Validity
            Not Before: Jun 15 22:00:39 2025 GMT
            Not After : Jun 16 22:00:39 2025 GMT
        Subject: CN=966b463d38bc3980a72cce55b4931fc39cd7f093
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:99:52:21:4a:c6:8f:d5:e5:91:52:3f:ae:f0:
                    8d:06:3c:56:ab:62:c5:fa:18:a8:e6:9f:59:6a:0a:
                    c3:70:73:0f:7e:d9:f8:b9:d2:72:c2:00:3b:cc:8e:
                    e1:c1:64:49:26:6e:0f:a7:15:a2:dd:ee:72:5a:a7:
                    c2:29:c8:52:2b:d5:60:70:fd:a9:68:d1:5b:4b:cd:
                    83:11:3a:4a:05:85:cd:fb:8b:97:5c:43:1e:f9:af:
                    6d:1a:46:ae:24:c1:64:95:03:4d:04:5a:82:31:74:
                    5a:c1:17:1f:cc:c3:d3:59:dd:4a:01:83:56:fb:9d:
                    4b:16:82:20:26:ea:cc:05:04:7c:e2:e9:06:56:4a:
                    2a:15:83:e2:2c:59:64:56:9e:6d:94:a2:9e:73:98:
                    fc:27:ac:f6:1d:f0:18:68:38:ab:f7:2e:d3:4f:4b:
                    f9:06:45:15:c8:94:2f:b0:79:85:5f:18:79:d3:21:
                    c6:70:43:f5:3a:70:ba:95:46:d1:46:a5:6b:e3:23:
                    2c:50:76:28:ca:cd:ff:62:a4:6a:82:b7:fa:46:cc:
                    31:c0:ee:61:7f:e8:f3:55:26:64:1e:e7:08:2b:8a:
                    57:29:3f:aa:54:94:ee:de:af:ce:91:e0:b9:6b:b5:
                    81:85:28:91:c5:9f:bb:05:fe:45:99:73:06:b0:66:
                    5a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:6B:46:3D:38:BC:39:80:A7:2C:CE:55:B4:93:1F:C3:9C:D7:F0:93
            X509v3 Authority Key Identifier:
                keyid:F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:ea:48:51:7b:05:a4:a8:ac:d4:c5:d4:96:e8:1c:6f:58:fe:
         9d:31:23:14:e2:6f:8b:67:18:9c:39:9b:db:05:06:d5:60:df:
         a0:28:86:49:d4:b6:bb:ec:c1:2b:23:5a:e9:34:f2:c8:41:cd:
         a6:a1:a8:66:b6:77:0b:4c:88:55:a9:10:dc:73:76:af:07:bf:
         30:27:23:94:74:b6:12:9e:5d:e3:cb:e2:a1:a2:08:ff:0a:72:
         b4:0a:05:6b:76:67:44:04:a4:17:58:51:57:63:ad:08:6d:3d:
         93:bb:9e:00:54:9f:65:af:39:96:ed:61:9b:08:73:55:ee:3d:
         b5:ce:54:9e:bd:ae:13:c6:ea:15:66:26:70:d7:6c:79:0e:d2:
         44:14:3f:7a:fa:0d:2d:2e:ec:f8:6f:99:b1:5a:31:bd:2a:3e:
         e1:fa:b9:36:6d:fa:d8:60:80:9f:19:e3:bd:26:b1:76:b7:03:
         90:68:0d:f9:14:ca:16:45:fa:18:28:f4:83:33:c0:15:92:59:
         30:37:5b:d2:69:09:2e:a7:bc:5d:33:42:ac:1e:07:bc:ff:48:
         6c:75:cb:94:cb:e2:ad:99:b7:78:d5:b2:7b:97:91:49:16:93:
         23:c7:71:a1:f9:39:8d:18:60:21:2d:9d:e7:77:33:30:6f:90:
         e9:f7:34:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd1m+DgfL8l6C573LkUIcLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MzM4NjljMzY0MmI1ZTdlYTAyMjhiZjBlMGIyOTVjZWZj
YzRkZGYwHhcNMjUwNjE1MjIwMDM5WhcNMjUwNjE2MjIwMDM5WjAzMTEwLwYDVQQD
Eyg5NjZiNDYzZDM4YmMzOTgwYTcyY2NlNTViNDkzMWZjMzljZDdmMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZlSIUrGj9XlkVI/rvCNBjxWq2LF
+hio5p9ZagrDcHMPftn4udJywgA7zI7hwWRJJm4PpxWi3e5yWqfCKchSK9VgcP2p
aNFbS82DETpKBYXN+4uXXEMe+a9tGkauJMFklQNNBFqCMXRawRcfzMPTWd1KAYNW
+51LFoIgJurMBQR84ukGVkoqFYPiLFlkVp5tlKKec5j8J6z2HfAYaDir9y7TT0v5
BkUVyJQvsHmFXxh50yHGcEP1OnC6lUbRRqVr4yMsUHYoys3/YqRqgrf6RswxwO5h
f+jzVSZkHucIK4pXKT+qVJTu3q/OkeC5a7WBhSiRxZ+7Bf5FmXMGsGZaxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZrRj04vDmApyzOVbSTH8Oc1/CTMB8GA1UdIwQY
MBaAFPYzhpw2QrXn6gIovw4LKVzvzE3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTct
OGM0YmI0NDg1ZjM0LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTctOGM0YmI0NDg1ZjM0
LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVepIUXsF
pKis1MXUlugcb1j+nTEjFOJvi2cYnDmb2wUG1WDfoCiGSdS2u+zBKyNa6TTyyEHN
pqGoZrZ3C0yIVakQ3HN2rwe/MCcjlHS2Ep5d48vioaII/wpytAoFa3ZnRASkF1hR
V2OtCG09k7ueAFSfZa85lu1hmwhzVe49tc5Unr2uE8bqFWYmcNdseQ7SRBQ/evoN
LS7s+G+ZsVoxvSo+4fq5Nm362GCAnxnjvSaxdrcDkGgN+RTKFkX6GCj0gzPAFZJZ
MDdb0mkJLqe8XTNCrB4HvP9IbHXLlMvirZm3eNWye5eRSRaTI8dxofk5jRhgIS2d
53czMG+Q6fc0rw==
-----END CERTIFICATE-----