Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
File:                     TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft (raw, json)
Hash identifier:          KAjBjaVgqEfERAC6/+hOuGrIPIGjXRlB4OUMG/1i/20=
Subject key identifier:   3E:BF:16:E0:EA:5D:77:0B:85:92:49:31:A6:9A:11:2F:BA:C9:E3:E6
Authority key identifier: 4C:E9:66:38:3E:07:8E:F4:0B:5E:D8:22:E6:E2:A3:01:B0:51:0E:CE
Certificate issuer:       /CN=4ce966383e078ef40b5ed822e6e2a301b0510ece
Certificate serial:       0197699779EC3ADD5A7B07A12929BB557FAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
Manifest number:          1589
Signing time:             Fri 13 Jun 2025 14:00:24 +0000
Manifest this update:     Fri 13 Jun 2025 14:00:24 +0000
Manifest next update:     Sat 14 Jun 2025 14:00:24 +0000
Files and hashes:         1: TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl (hash: IFr4/K00nAvDxBSusXTkqCLtofUwpmntx92GGqrjhZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:97:79:ec:3a:dd:5a:7b:07:a1:29:29:bb:55:7f:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce966383e078ef40b5ed822e6e2a301b0510ece
        Validity
            Not Before: Jun 13 14:00:24 2025 GMT
            Not After : Jun 14 14:00:24 2025 GMT
        Subject: CN=3ebf16e0ea5d770b85924931a69a112fbac9e3e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ff:a2:fe:7a:4e:02:4a:df:ed:9a:25:5b:f2:
                    55:fd:aa:1c:e1:46:59:a5:3c:85:ba:05:de:67:29:
                    92:ab:0e:94:90:20:e9:bf:6e:be:34:35:f8:33:c1:
                    b0:1d:fc:a3:02:86:7c:35:9f:23:03:fa:74:01:83:
                    a1:b6:21:15:8c:a6:05:b5:30:35:24:b6:a4:4c:5d:
                    72:83:d2:7a:f2:4e:84:10:3e:a6:a9:c0:95:1f:27:
                    76:e9:8b:c2:21:49:f5:f3:86:ca:8d:ab:0b:5a:81:
                    42:bb:92:35:02:9d:fe:57:4f:f6:91:b0:7f:64:b2:
                    4a:74:a4:8d:5e:97:7d:87:9f:aa:07:71:60:6b:5b:
                    f3:dd:c7:5a:d8:8e:12:ef:f8:e6:9e:13:47:13:bd:
                    a2:f7:61:98:96:e4:c8:bf:be:4c:13:5d:b3:a0:15:
                    03:28:14:d3:77:dd:bc:a8:ca:f2:8d:ed:c3:f0:90:
                    7a:fc:12:c7:7b:61:f2:da:7b:cc:70:69:8a:04:a7:
                    98:88:27:07:3b:ec:c8:11:fb:a4:09:34:4b:eb:01:
                    dc:62:89:b7:a5:64:34:aa:da:69:cc:94:c6:13:90:
                    36:84:ef:a5:a3:99:75:5b:fd:50:f7:ca:42:58:da:
                    c3:96:03:4a:23:5b:fa:db:c1:f9:32:91:ed:8f:21:
                    fd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:BF:16:E0:EA:5D:77:0B:85:92:49:31:A6:9A:11:2F:BA:C9:E3:E6
            X509v3 Authority Key Identifier:
                keyid:4C:E9:66:38:3E:07:8E:F4:0B:5E:D8:22:E6:E2:A3:01:B0:51:0E:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:f6:38:94:5a:cd:bd:c9:62:ac:44:10:b4:14:03:57:c7:b2:
         81:81:7e:47:04:23:78:ac:02:b3:e2:c6:c8:af:ac:31:f3:15:
         d3:73:e8:79:cd:79:0b:8d:15:7b:55:79:f4:b7:c8:c7:18:65:
         ab:a5:30:b8:9a:68:0f:b7:e4:0d:e8:5c:3b:54:f8:e3:6f:60:
         81:fe:64:12:5c:62:52:61:3e:a5:b4:d0:17:53:d7:06:34:00:
         d8:9c:0a:4d:86:b4:67:82:19:c1:0b:23:cc:e2:63:b4:96:1a:
         a4:3f:ca:30:b2:ac:6e:8c:8b:f5:6e:e9:0f:0f:dc:58:75:7c:
         f8:3e:e1:8f:dc:61:fa:8c:d4:70:9c:22:52:fb:8b:fa:7a:b7:
         11:99:fc:41:ce:51:43:56:7a:e5:7d:3a:a2:f7:d6:d9:f6:d8:
         13:38:fc:a4:bb:87:31:8a:4f:d1:c1:e3:49:4a:29:7a:dd:18:
         9b:5e:8d:8c:9e:53:f6:d3:41:e9:67:37:4a:ab:84:5f:a9:ed:
         b1:c8:31:1e:55:1a:e4:75:bd:2c:78:32:f6:2f:9f:8f:19:21:
         fb:66:89:a0:93:b8:3e:95:a6:1a:f7:f3:ac:02:ce:c6:16:d8:
         93:1c:85:bf:80:18:8b:67:6b:d6:a5:a1:33:ea:18:36:6c:ff:
         be:4f:0d:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpl3nsOt1aewehKSm7VX+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTk2NjM4M2UwNzhlZjQwYjVlZDgyMmU2ZTJhMzAxYjA1
MTBlY2UwHhcNMjUwNjEzMTQwMDI0WhcNMjUwNjE0MTQwMDI0WjAzMTEwLwYDVQQD
EygzZWJmMTZlMGVhNWQ3NzBiODU5MjQ5MzFhNjlhMTEyZmJhYzllM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/+i/npOAkrf7ZolW/JV/aoc4UZZ
pTyFugXeZymSqw6UkCDpv26+NDX4M8GwHfyjAoZ8NZ8jA/p0AYOhtiEVjKYFtTA1
JLakTF1yg9J68k6EED6mqcCVHyd26YvCIUn184bKjasLWoFCu5I1Ap3+V0/2kbB/
ZLJKdKSNXpd9h5+qB3Fga1vz3cda2I4S7/jmnhNHE72i92GYluTIv75ME12zoBUD
KBTTd928qMryje3D8JB6/BLHe2Hy2nvMcGmKBKeYiCcHO+zIEfukCTRL6wHcYom3
pWQ0qtppzJTGE5A2hO+lo5l1W/1Q98pCWNrDlgNKI1v628H5MpHtjyH9KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6/FuDqXXcLhZJJMaaaES+6yePmMB8GA1UdIwQY
MBaAFEzpZjg+B470C17YIubiowGwUQ7OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NmJiOGItY2MwZC00ZDMzLThiNDct
MzcyM2Q2ZTZiNmVmLzEvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NmJiOGItY2MwZC00ZDMzLThiNDctMzcyM2Q2ZTZiNmVm
LzEvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPY4lFrN
vclirEQQtBQDV8eygYF+RwQjeKwCs+LGyK+sMfMV03Poec15C40Ve1V59LfIxxhl
q6UwuJpoD7fkDehcO1T4429ggf5kElxiUmE+pbTQF1PXBjQA2JwKTYa0Z4IZwQsj
zOJjtJYapD/KMLKsboyL9W7pDw/cWHV8+D7hj9xh+ozUcJwiUvuL+nq3EZn8Qc5R
Q1Z65X06ovfW2fbYEzj8pLuHMYpP0cHjSUopet0Ym16NjJ5T9tNB6Wc3SquEX6nt
scgxHlUa5HW9LHgy9i+fjxkh+2aJoJO4PpWmGvfzrALOxhbYkxyFv4AYi2dr1qWh
M+oYNmz/vk8NOA==
-----END CERTIFICATE-----