Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          KKqIpy45HZsYomNoJIsR2PpBPpk/jZtYQeUMMetDPmk=
Subject key identifier:   10:38:6F:FA:C7:74:54:E6:F2:C7:DD:07:2E:69:D5:4C:81:D1:92:B6
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       01976C987A258625B11A8DA81CFB10C3CA9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          051F
Signing time:             Sat 14 Jun 2025 04:00:21 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:21 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:21 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: i5up3v3qh40IkmK54LAgJHb2MlFpkTEgmZS/jqpUPKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:7a:25:86:25:b1:1a:8d:a8:1c:fb:10:c3:ca:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Jun 14 04:00:21 2025 GMT
            Not After : Jun 15 04:00:21 2025 GMT
        Subject: CN=10386ffac77454e6f2c7dd072e69d54c81d192b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:26:88:79:63:0c:78:d2:42:ba:00:f7:e1:7f:
                    af:2d:08:0d:43:d7:72:ea:0b:50:fa:4f:b0:5c:25:
                    32:88:e0:bc:fc:4f:fe:d3:4e:2a:a0:bc:0f:e7:78:
                    50:e9:59:6b:51:aa:8d:97:bf:a8:fe:ab:6b:da:c0:
                    ca:88:2c:d6:e5:2d:a3:19:61:1d:c9:66:c2:3c:d9:
                    99:ae:52:24:26:f8:17:b6:dd:da:06:96:9e:4f:95:
                    67:5f:7d:79:38:f1:eb:d3:0c:46:f9:9f:59:c3:38:
                    21:96:f4:80:45:b6:fe:20:06:fd:43:ce:bd:a3:05:
                    bb:49:f0:59:56:22:ca:e2:6c:c4:0d:ae:51:ac:16:
                    3b:95:7c:03:d5:5b:a8:ac:27:d4:f2:57:cb:e2:05:
                    e5:01:45:31:1e:f7:f4:de:03:49:d0:ba:bf:84:cf:
                    38:b9:5b:78:9c:cf:a8:27:66:2c:b5:35:18:22:ad:
                    64:fb:ca:0c:5b:a2:e7:3d:ad:f5:d5:a9:9a:40:be:
                    84:24:11:96:ed:85:38:0c:3a:c3:86:cb:d4:06:be:
                    48:19:6a:57:65:f4:1f:93:a4:49:8d:fa:a4:24:86:
                    f8:72:d3:cf:70:a9:e2:c4:4b:ef:e0:b7:ef:06:ad:
                    83:ea:72:5b:70:b7:77:18:06:d2:3a:b3:51:20:3e:
                    4c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:38:6F:FA:C7:74:54:E6:F2:C7:DD:07:2E:69:D5:4C:81:D1:92:B6
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:da:c5:31:4e:d7:83:ec:03:fe:2b:c0:86:73:1b:93:67:07:
         b8:7d:58:d4:0f:84:c9:b7:73:70:eb:c6:63:4d:8b:0a:51:1e:
         66:99:bb:27:e9:07:57:24:fa:f4:b0:67:10:0c:ae:86:c1:eb:
         f7:a8:96:4d:d8:a7:43:1f:08:ff:9e:00:83:09:43:d2:21:cf:
         fb:17:49:bf:3d:ae:99:ba:4a:9a:0b:55:c5:c5:fa:10:2d:eb:
         89:80:c9:9d:4d:0d:79:94:7a:c1:be:c1:3a:97:bf:36:eb:16:
         8b:d5:c6:65:5b:32:be:b8:cf:26:6b:49:a5:8e:fe:e3:f0:6d:
         70:5a:c1:4c:28:19:9b:f1:22:c2:ae:4e:fb:b0:b7:f0:e8:95:
         59:6c:05:fc:1a:c0:fe:5d:b9:b5:e2:bb:39:ab:38:85:4a:d7:
         c7:a3:f7:10:52:0c:e9:b3:a7:5a:bf:b7:e3:01:dd:06:e6:be:
         c1:a2:35:fa:e0:c6:70:de:b9:6c:84:ef:d0:5a:42:de:3b:1b:
         f7:5a:40:c5:51:6b:99:30:bb:fb:b0:8b:05:24:6c:82:06:4b:
         c7:b7:3c:d8:c0:46:e0:54:6e:b2:c5:da:d5:cf:a2:83:d3:5d:
         6c:d7:34:b8:c7:82:2f:9e:32:0d:a6:55:1f:55:0f:b0:6c:5e:
         03:7e:af:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmHolhiWxGo2oHPsQw8qdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwNjE0MDQwMDIxWhcNMjUwNjE1MDQwMDIxWjAzMTEwLwYDVQQD
EygxMDM4NmZmYWM3NzQ1NGU2ZjJjN2RkMDcyZTY5ZDU0YzgxZDE5MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiaIeWMMeNJCugD34X+vLQgNQ9dy
6gtQ+k+wXCUyiOC8/E/+004qoLwP53hQ6VlrUaqNl7+o/qtr2sDKiCzW5S2jGWEd
yWbCPNmZrlIkJvgXtt3aBpaeT5VnX315OPHr0wxG+Z9ZwzghlvSARbb+IAb9Q869
owW7SfBZViLK4mzEDa5RrBY7lXwD1VuorCfU8lfL4gXlAUUxHvf03gNJ0Lq/hM84
uVt4nM+oJ2YstTUYIq1k+8oMW6LnPa311amaQL6EJBGW7YU4DDrDhsvUBr5IGWpX
ZfQfk6RJjfqkJIb4ctPPcKnixEvv4LfvBq2D6nJbcLd3GAbSOrNRID5MhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBA4b/rHdFTm8sfdBy5p1UyB0ZK2MB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv9rFMU7X
g+wD/ivAhnMbk2cHuH1Y1A+EybdzcOvGY02LClEeZpm7J+kHVyT69LBnEAyuhsHr
96iWTdinQx8I/54AgwlD0iHP+xdJvz2umbpKmgtVxcX6EC3riYDJnU0NeZR6wb7B
Ope/NusWi9XGZVsyvrjPJmtJpY7+4/BtcFrBTCgZm/Eiwq5O+7C38OiVWWwF/BrA
/l25teK7Oas4hUrXx6P3EFIM6bOnWr+34wHdBua+waI1+uDGcN65bITv0FpC3jsb
91pAxVFrmTC7+7CLBSRsggZLx7c82MBG4FRussXa1c+ig9NdbNc0uMeCL54yDaZV
H1UPsGxeA36vnA==
-----END CERTIFICATE-----