Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          JNWVPyY6OZLtRA68FCWGFekrhSIGlgo1QPpmAUBTyNU=
Subject key identifier:   41:7A:BE:DB:EB:71:4B:F7:78:05:16:A4:58:CE:99:B8:87:41:6C:D6
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       019769612557565B2FB0E67298E648FDF9A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          090F
Signing time:             Fri 13 Jun 2025 13:01:03 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:03 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:03 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: o2qpOe/VI59kdXK31W+JgcZ3vKVTn+bwKXDz2Xko3QM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:25:57:56:5b:2f:b0:e6:72:98:e6:48:fd:f9:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Jun 13 13:01:03 2025 GMT
            Not After : Jun 14 13:01:03 2025 GMT
        Subject: CN=417abedbeb714bf7780516a458ce99b887416cd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6a:8c:a1:8b:fc:2a:cd:f9:62:19:87:78:5f:
                    79:d3:ab:ea:58:74:c9:8f:57:6f:ea:22:3c:af:ae:
                    a6:82:78:fc:53:d8:17:23:16:eb:b2:5d:f8:7a:65:
                    c3:96:08:6d:dd:73:e3:cb:22:c8:62:52:2e:f4:d8:
                    2a:9b:68:65:73:a3:82:bc:95:b2:6e:07:c9:b1:12:
                    f5:a5:e6:83:2d:ec:b4:be:26:e5:79:fe:38:05:26:
                    b5:bc:3c:4d:54:dd:05:f5:8d:78:de:86:98:a9:22:
                    ca:84:62:30:19:2c:6b:13:1a:c1:13:73:ee:4e:d5:
                    b2:fc:d7:b4:78:34:a9:84:ea:3e:99:f5:1e:13:67:
                    7a:0d:0d:f4:34:05:da:25:c5:23:31:40:1d:d0:7f:
                    d1:bf:58:29:8c:38:3b:e6:11:4d:e2:ad:44:58:0d:
                    88:c4:fa:dc:db:5f:65:9f:93:e3:08:86:c0:80:98:
                    fa:0f:ba:f4:7a:51:93:2e:bc:8d:a8:2e:c8:a2:8b:
                    91:6b:a9:06:ad:07:2c:5a:b1:1d:14:b2:7c:45:db:
                    50:15:7c:87:f1:38:c8:26:3e:20:d6:bb:77:c1:95:
                    51:a6:58:ea:e7:62:27:1d:e7:51:28:67:1b:f9:62:
                    f0:b7:9a:7c:83:4b:79:33:48:30:21:f0:e5:af:66:
                    fe:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:7A:BE:DB:EB:71:4B:F7:78:05:16:A4:58:CE:99:B8:87:41:6C:D6
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:c7:3b:5f:96:4f:b7:a8:e9:ca:84:d0:33:e6:6e:25:6c:46:
         f9:55:30:24:43:24:34:55:96:e0:ab:13:c6:55:79:00:c6:6c:
         59:12:67:3f:3f:fc:2d:81:09:cd:09:72:1d:c0:06:c7:8f:ea:
         6d:9e:bf:1b:5d:29:8d:b4:9c:ac:24:2a:8f:fc:a3:f4:6b:32:
         e6:0e:9f:56:e3:03:9a:03:db:a3:50:d1:2b:b2:69:2e:27:ab:
         75:b5:1b:9f:d8:f6:81:f2:9c:af:3e:54:89:27:7b:b0:0d:84:
         d1:c4:6e:ed:f1:1d:21:ae:66:e9:71:b0:6a:53:7d:69:74:27:
         78:01:4e:f1:68:ca:af:e0:09:0a:78:d6:81:00:32:e9:15:eb:
         83:44:5f:4f:95:cd:ab:31:dd:d9:00:9b:79:93:21:08:8e:bd:
         df:d1:bd:86:5f:b0:16:e3:ec:1b:b9:a5:18:91:c2:6a:26:e3:
         a8:97:fc:6e:0d:57:30:69:5a:b4:86:94:f7:8f:d0:88:ec:a2:
         78:05:fb:0c:d6:b8:ab:b5:67:d6:5f:e7:9a:c4:af:08:cd:5c:
         b9:85:e6:29:93:6f:f6:2e:72:ff:52:04:ac:da:37:b9:0a:5f:
         b3:87:43:76:93:95:4b:fb:0f:f2:2c:bc:5a:66:3f:fe:c2:11:
         bd:86:c6:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYSVXVlsvsOZymOZI/fmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjUwNjEzMTMwMTAzWhcNMjUwNjE0MTMwMTAzWjAzMTEwLwYDVQQD
Eyg0MTdhYmVkYmViNzE0YmY3NzgwNTE2YTQ1OGNlOTliODg3NDE2Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWqMoYv8Ks35YhmHeF9506vqWHTJ
j1dv6iI8r66mgnj8U9gXIxbrsl34emXDlght3XPjyyLIYlIu9Ngqm2hlc6OCvJWy
bgfJsRL1peaDLey0viblef44BSa1vDxNVN0F9Y143oaYqSLKhGIwGSxrExrBE3Pu
TtWy/Ne0eDSphOo+mfUeE2d6DQ30NAXaJcUjMUAd0H/Rv1gpjDg75hFN4q1EWA2I
xPrc219ln5PjCIbAgJj6D7r0elGTLryNqC7IoouRa6kGrQcsWrEdFLJ8RdtQFXyH
8TjIJj4g1rt3wZVRpljq52InHedRKGcb+WLwt5p8g0t5M0gwIfDlr2b+ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEF6vtvrcUv3eAUWpFjOmbiHQWzWMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArMc7X5ZP
t6jpyoTQM+ZuJWxG+VUwJEMkNFWW4KsTxlV5AMZsWRJnPz/8LYEJzQlyHcAGx4/q
bZ6/G10pjbScrCQqj/yj9Gsy5g6fVuMDmgPbo1DRK7JpLierdbUbn9j2gfKcrz5U
iSd7sA2E0cRu7fEdIa5m6XGwalN9aXQneAFO8WjKr+AJCnjWgQAy6RXrg0RfT5XN
qzHd2QCbeZMhCI6939G9hl+wFuPsG7mlGJHCaibjqJf8bg1XMGlatIaU94/QiOyi
eAX7DNa4q7Vn1l/nmsSvCM1cuYXmKZNv9i5y/1IErNo3uQpfs4dDdpOVS/sP8iy8
WmY//sIRvYbG0A==
-----END CERTIFICATE-----