Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          mCpw4gYZYMZYQsgPSIieAHIamrEGCFN6nkY+ocGwUTc=
Subject key identifier:   5E:8D:85:69:4C:2D:81:4A:6E:A5:F1:7F:A1:E8:95:A2:AD:97:87:D0
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       01976CCFF490DCA8306486DFCDC42D298CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          0228
Signing time:             Sat 14 Jun 2025 05:00:57 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:57 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:57 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: 0tvz5jbh17dT1E0/RjoDyCMqhbXk72ZNpeopPe7NExw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:f4:90:dc:a8:30:64:86:df:cd:c4:2d:29:8c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Jun 14 05:00:57 2025 GMT
            Not After : Jun 15 05:00:57 2025 GMT
        Subject: CN=5e8d85694c2d814a6ea5f17fa1e895a2ad9787d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:2d:fb:9d:18:74:df:bf:3f:39:25:0e:c9:8a:
                    e2:48:45:93:90:9d:e8:ae:36:cc:2f:cd:3a:ed:55:
                    59:c1:ce:20:62:9f:51:e4:0b:4e:2a:8f:25:6c:86:
                    da:81:57:e7:d0:c4:16:50:9f:e7:b3:51:66:aa:f9:
                    b0:93:d4:1e:44:5f:d4:11:86:e6:3d:c8:fc:5b:77:
                    7f:f8:ac:f8:89:18:bd:2d:43:3a:0e:4c:d5:43:5b:
                    e2:62:95:86:a0:47:65:f1:9a:5c:e0:57:b0:43:d5:
                    46:7f:03:07:59:32:61:fc:5b:0e:77:da:eb:de:55:
                    42:ce:d6:e6:e2:96:c5:62:65:01:cf:f1:b3:be:26:
                    b4:9a:ff:ee:c9:fa:bb:0c:ff:f7:ce:00:22:91:1b:
                    25:7c:4a:b0:ee:61:b5:89:ad:cf:e4:35:e6:bd:95:
                    0a:39:ca:9b:d9:ac:ba:3b:d6:67:b5:65:eb:7c:66:
                    5f:80:1e:e8:31:c7:93:f3:66:74:4f:8a:d9:9a:2a:
                    bc:c7:d7:88:fd:f6:fc:c0:4b:97:31:3a:9d:80:5e:
                    48:10:c8:d6:b4:08:33:84:3f:7d:5f:e1:91:fa:55:
                    6f:06:b0:cb:c3:45:10:f8:55:d2:17:44:ef:8c:06:
                    87:42:ee:8d:38:0c:57:2f:5c:31:51:c2:4b:7b:af:
                    9e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:8D:85:69:4C:2D:81:4A:6E:A5:F1:7F:A1:E8:95:A2:AD:97:87:D0
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:e6:10:ef:1c:43:1c:e0:be:61:49:b0:29:e6:d3:13:3c:db:
         dc:e7:5c:18:10:91:65:75:94:0b:b6:71:2c:d2:bf:dd:1e:bf:
         59:f1:b7:fc:c8:83:d8:c1:26:52:bb:38:66:42:b3:4b:6d:f5:
         30:1a:55:ad:d9:5d:b2:99:3d:c7:a8:47:95:81:58:a9:e9:50:
         7b:54:5b:8c:c4:5e:f7:33:ff:46:cc:c2:45:1b:1c:bf:05:09:
         87:69:12:da:00:d9:96:74:35:0a:a4:95:73:0d:37:db:a5:11:
         04:36:f4:01:b1:1b:71:87:df:34:31:dd:df:c0:4a:55:cb:1f:
         e6:a2:00:e7:1f:ad:83:07:9e:2b:14:cf:d0:f8:4f:2d:8b:8c:
         9e:ac:c7:32:82:9e:c1:57:7a:6a:eb:fc:62:ea:10:0a:9e:e9:
         87:06:b0:02:42:9a:54:05:7b:c9:41:a1:c2:6f:6a:a2:f3:25:
         46:54:0a:bc:50:6a:69:a4:f6:87:b5:22:7f:51:0c:d2:3e:dc:
         61:75:2d:05:77:f4:47:85:ba:db:6d:37:60:29:eb:54:cd:0d:
         d5:69:09:c3:07:49:b7:78:c6:3e:ab:2c:73:73:b8:cf:a3:83:
         dc:61:cb:a6:a3:84:e0:62:1a:5b:23:8e:20:9a:d9:a7:18:35:
         0b:10:a4:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz/SQ3KgwZIbfzcQtKYykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjUwNjE0MDUwMDU3WhcNMjUwNjE1MDUwMDU3WjAzMTEwLwYDVQQD
Eyg1ZThkODU2OTRjMmQ4MTRhNmVhNWYxN2ZhMWU4OTVhMmFkOTc4N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7C37nRh0378/OSUOyYriSEWTkJ3o
rjbML8067VVZwc4gYp9R5AtOKo8lbIbagVfn0MQWUJ/ns1Fmqvmwk9QeRF/UEYbm
Pcj8W3d/+Kz4iRi9LUM6DkzVQ1viYpWGoEdl8Zpc4FewQ9VGfwMHWTJh/FsOd9rr
3lVCztbm4pbFYmUBz/Gzvia0mv/uyfq7DP/3zgAikRslfEqw7mG1ia3P5DXmvZUK
Ocqb2ay6O9ZntWXrfGZfgB7oMceT82Z0T4rZmiq8x9eI/fb8wEuXMTqdgF5IEMjW
tAgzhD99X+GR+lVvBrDLw0UQ+FXSF0TvjAaHQu6NOAxXL1wxUcJLe6+e4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6NhWlMLYFKbqXxf6HolaKtl4fQMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfeYQ7xxD
HOC+YUmwKebTEzzb3OdcGBCRZXWUC7ZxLNK/3R6/WfG3/MiD2MEmUrs4ZkKzS231
MBpVrdldspk9x6hHlYFYqelQe1RbjMRe9zP/RszCRRscvwUJh2kS2gDZlnQ1CqSV
cw0326URBDb0AbEbcYffNDHd38BKVcsf5qIA5x+tgweeKxTP0PhPLYuMnqzHMoKe
wVd6auv8YuoQCp7phwawAkKaVAV7yUGhwm9qovMlRlQKvFBqaaT2h7Uif1EM0j7c
YXUtBXf0R4W62203YCnrVM0N1WkJwwdJt3jGPqssc3O4z6OD3GHLpqOE4GIaWyOO
IJrZpxg1CxCkbQ==
-----END CERTIFICATE-----