Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          warB6yYNwzueiGYU6iKKkwjOUrKLKDA/EX9+LCPwVqc=
Subject key identifier:   BA:AB:6F:B2:51:8A:82:65:1F:2A:8A:99:86:4B:98:A5:8D:6E:C8:4E
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       01976D3D4B761DF1742E01957EEAC72756BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          1324
Signing time:             Sat 14 Jun 2025 07:00:22 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:22 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:22 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: gxbfevlzZPKVGjjRO0BhjfxLOF7nxhmxT7R/hgu5kGk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:4b:76:1d:f1:74:2e:01:95:7e:ea:c7:27:56:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Jun 14 07:00:22 2025 GMT
            Not After : Jun 15 07:00:22 2025 GMT
        Subject: CN=baab6fb2518a82651f2a8a99864b98a58d6ec84e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:c5:43:10:54:e4:a1:4f:9e:ea:ea:71:f0:16:
                    71:2e:34:02:7e:bd:35:34:e9:b5:f1:65:e6:c2:16:
                    51:90:10:e0:0f:bd:fe:5e:54:a3:4a:90:95:ac:18:
                    e5:6e:9b:07:b5:67:4a:88:ba:79:6a:8f:e8:49:3a:
                    98:c3:5c:72:3b:4c:8f:84:d9:c7:b1:32:b1:b5:59:
                    7e:31:f0:ec:6a:25:d6:4a:9b:0c:20:cc:0f:44:f6:
                    e9:82:97:67:2e:14:93:35:4e:e4:7a:60:ad:9e:b8:
                    40:02:96:57:57:21:f9:b9:26:28:a8:6b:85:40:5e:
                    04:20:53:7c:2e:d3:f7:c3:38:f7:bb:7f:fd:eb:5e:
                    71:91:0a:8f:52:af:c7:e7:18:61:69:61:e4:c3:da:
                    7e:21:26:76:09:93:82:26:ed:38:f0:65:fb:92:ed:
                    b5:87:11:48:fa:34:b9:0d:87:89:7c:86:ea:89:03:
                    58:ce:ac:91:51:2d:ae:05:ac:81:cc:0a:f5:96:d6:
                    b5:92:76:39:f8:11:b5:c8:97:da:24:37:08:50:53:
                    24:a7:d1:fb:27:31:90:e4:61:da:2d:20:e8:9b:ed:
                    2d:da:78:ef:c2:6a:e1:09:c8:53:cc:7d:b2:03:87:
                    af:4f:60:b8:aa:83:9f:b5:03:0b:81:f1:9e:5b:d2:
                    ea:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:AB:6F:B2:51:8A:82:65:1F:2A:8A:99:86:4B:98:A5:8D:6E:C8:4E
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0a:71:40:78:64:e4:90:ba:dd:8a:6e:34:3f:ed:6a:21:55:
         28:fb:c8:d5:48:d3:cf:fb:f1:38:18:37:f3:1a:22:55:b2:4a:
         c3:b8:e6:e2:01:d5:f9:40:1f:2c:37:dd:e3:75:f2:65:f7:7b:
         6b:a4:c6:36:21:f4:a6:40:f2:72:36:b3:c8:f0:fa:81:2a:78:
         66:e5:99:f2:c7:6f:d0:61:17:03:0c:4d:c4:a7:51:36:b4:74:
         60:d6:96:36:30:2b:a2:6b:f9:f5:51:43:3e:72:9a:0c:84:d1:
         3d:62:1c:1a:b8:30:94:d8:32:86:88:20:08:25:ec:3f:1c:9e:
         2f:c7:89:8b:40:ba:51:c4:ff:07:18:eb:a9:0c:7a:6e:a8:83:
         0e:1d:fd:48:33:c4:55:13:e9:e5:3f:96:dc:fd:87:7b:30:d1:
         ce:ad:ad:53:c8:3e:e7:c4:4e:17:69:b0:a7:00:60:59:c8:70:
         c5:7b:70:71:ed:01:45:14:f3:59:f9:2c:b9:e9:d8:12:c6:c0:
         57:a6:2b:f1:d3:23:f7:cd:76:20:0a:d5:0b:6d:6b:11:f8:47:
         7b:96:13:53:57:05:78:5f:27:77:76:6c:9f:36:eb:8d:e8:68:
         82:66:30:eb:81:fc:fb:2f:c5:40:74:86:b2:4e:66:48:77:b2:
         e4:d2:82:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPUt2HfF0LgGVfurHJ1a9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjUwNjE0MDcwMDIyWhcNMjUwNjE1MDcwMDIyWjAzMTEwLwYDVQQD
EyhiYWFiNmZiMjUxOGE4MjY1MWYyYThhOTk4NjRiOThhNThkNmVjODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+cVDEFTkoU+e6upx8BZxLjQCfr01
NOm18WXmwhZRkBDgD73+XlSjSpCVrBjlbpsHtWdKiLp5ao/oSTqYw1xyO0yPhNnH
sTKxtVl+MfDsaiXWSpsMIMwPRPbpgpdnLhSTNU7kemCtnrhAApZXVyH5uSYoqGuF
QF4EIFN8LtP3wzj3u3/9615xkQqPUq/H5xhhaWHkw9p+ISZ2CZOCJu048GX7ku21
hxFI+jS5DYeJfIbqiQNYzqyRUS2uBayBzAr1lta1knY5+BG1yJfaJDcIUFMkp9H7
JzGQ5GHaLSDom+0t2njvwmrhCchTzH2yA4evT2C4qoOftQMLgfGeW9LqPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqrb7JRioJlHyqKmYZLmKWNbshOMB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkgpxQHhk
5JC63YpuND/taiFVKPvI1UjTz/vxOBg38xoiVbJKw7jm4gHV+UAfLDfd43XyZfd7
a6TGNiH0pkDycjazyPD6gSp4ZuWZ8sdv0GEXAwxNxKdRNrR0YNaWNjAromv59VFD
PnKaDITRPWIcGrgwlNgyhoggCCXsPxyeL8eJi0C6UcT/BxjrqQx6bqiDDh39SDPE
VRPp5T+W3P2HezDRzq2tU8g+58ROF2mwpwBgWchwxXtwce0BRRTzWfksuenYEsbA
V6Yr8dMj9812IArVC21rEfhHe5YTU1cFeF8nd3ZsnzbrjehogmYw64H8+y/FQHSG
sk5mSHey5NKCzQ==
-----END CERTIFICATE-----