Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
File:                     h16pmc28YATHGlRwyg7HrnOCCPo.mft (raw, json)
Hash identifier:          2VjO2dJtp2ZEZeFc/V2u0CQQ3bqRRfii6DpIDANlPRY=
Subject key identifier:   9F:08:95:F4:2E:EB:59:73:2E:E0:07:79:BF:7B:2D:F1:B2:4A:1D:87
Authority key identifier: 87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA
Certificate issuer:       /CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
Certificate serial:       01977D1EF480E01C3B9E6A4A8CBF95E3520C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
Manifest number:          04F8
Signing time:             Tue 17 Jun 2025 09:01:09 +0000
Manifest this update:     Tue 17 Jun 2025 09:01:09 +0000
Manifest next update:     Wed 18 Jun 2025 09:01:09 +0000
Files and hashes:         1: h16pmc28YATHGlRwyg7HrnOCCPo.crl (hash: 2uZXZ5bEJPDhym+j+qd0ppnnJHyKjZHJfaF7TQ0J9I8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7d:1e:f4:80:e0:1c:3b:9e:6a:4a:8c:bf:95:e3:52:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875ea999cdbc6004c71a5470ca0ec7ae738208fa
        Validity
            Not Before: Jun 17 09:01:09 2025 GMT
            Not After : Jun 18 09:01:09 2025 GMT
        Subject: CN=9f0895f42eeb59732ee00779bf7b2df1b24a1d87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bf:32:6e:af:c5:f7:52:c6:2a:bf:02:4a:93:
                    7a:f3:b9:50:e8:a4:fb:35:48:70:e0:99:5e:86:6c:
                    ec:bb:7b:4b:97:a2:ee:b6:66:a3:b9:9a:b6:0f:60:
                    59:f4:33:65:05:b0:00:73:98:26:09:e5:9d:6e:90:
                    c4:98:4a:a1:16:e9:6f:73:9f:60:28:f6:6f:db:0b:
                    54:ea:b1:e9:26:db:71:bf:d7:77:1a:fe:0d:57:b3:
                    1a:5a:f2:84:e8:4f:ec:4a:95:98:b5:04:b1:ed:9d:
                    b7:72:39:70:9e:56:e7:4b:5f:e9:d5:d1:51:2a:69:
                    77:6e:ad:50:68:16:6a:18:62:23:6c:18:57:5c:26:
                    38:b8:cc:af:e8:5f:e2:a3:ae:7b:bb:e5:b8:8a:41:
                    0d:de:5a:7c:85:0d:04:a6:3a:85:87:bc:fc:ac:04:
                    16:06:23:11:c6:6c:db:db:16:0e:b7:93:b4:56:a8:
                    2d:f0:52:30:2c:b4:f2:47:76:2d:7b:90:33:cb:39:
                    3f:4e:e6:aa:96:c8:74:9d:dc:1b:c6:49:8f:d8:c3:
                    00:fd:12:ac:c2:75:d8:84:c3:56:ef:8d:94:03:4b:
                    a2:9c:bb:8e:02:18:e8:0d:ff:5d:91:7d:17:33:fe:
                    4b:50:95:57:26:6d:38:6a:30:f8:e6:e0:ea:fb:48:
                    52:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:08:95:F4:2E:EB:59:73:2E:E0:07:79:BF:7B:2D:F1:B2:4A:1D:87
            X509v3 Authority Key Identifier:
                keyid:87:5E:A9:99:CD:BC:60:04:C7:1A:54:70:CA:0E:C7:AE:73:82:08:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h16pmc28YATHGlRwyg7HrnOCCPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/687f10-1744-49df-bd7e-4d12fd25d978/1/h16pmc28YATHGlRwyg7HrnOCCPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:8c:df:ca:7c:72:63:2f:32:c1:45:9c:d3:c8:e0:f8:6f:30:
         99:ee:e4:70:c6:44:67:82:64:e6:db:97:f7:04:9f:c5:34:1a:
         88:4b:6f:4d:01:22:b1:4b:78:ec:ef:de:b5:a5:4a:7c:86:e8:
         2d:52:46:f8:3f:6b:e6:08:34:b0:3f:45:41:35:42:90:6a:24:
         26:bb:00:30:47:f6:b0:c7:2a:d1:d9:eb:d8:3d:d1:6d:e3:2d:
         70:92:aa:91:65:b9:36:b4:2f:4b:81:ee:bf:bd:c3:aa:14:67:
         36:cb:77:98:3a:e8:b6:66:9e:1f:9c:e4:16:91:3e:6b:23:25:
         81:ab:3f:21:73:ad:bf:e6:d1:16:b8:2a:4b:71:88:ff:c1:e1:
         a4:fb:ae:f8:63:71:67:62:27:ef:d4:02:d8:62:94:eb:d8:fc:
         c3:95:91:6d:26:28:52:7f:04:72:a1:98:10:52:1b:ca:59:f8:
         ae:f4:01:98:d9:30:15:4f:60:cf:80:78:26:34:67:4a:7c:12:
         c3:6e:20:ef:1c:6e:89:82:b8:cb:f9:b0:db:dc:7e:5a:4b:d7:
         90:be:25:38:d5:90:79:fa:5f:9b:11:48:3a:be:44:dc:d0:b5:
         12:a6:96:3a:20:4f:63:1c:33:10:f6:43:bf:49:6a:f8:8d:49:
         7f:f7:ff:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd9HvSA4Bw7nmpKjL+V41IMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWVhOTk5Y2RiYzYwMDRjNzFhNTQ3MGNhMGVjN2FlNzM4
MjA4ZmEwHhcNMjUwNjE3MDkwMTA5WhcNMjUwNjE4MDkwMTA5WjAzMTEwLwYDVQQD
Eyg5ZjA4OTVmNDJlZWI1OTczMmVlMDA3NzliZjdiMmRmMWIyNGExZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA278ybq/F91LGKr8CSpN687lQ6KT7
NUhw4Jlehmzsu3tLl6LutmajuZq2D2BZ9DNlBbAAc5gmCeWdbpDEmEqhFulvc59g
KPZv2wtU6rHpJttxv9d3Gv4NV7MaWvKE6E/sSpWYtQSx7Z23cjlwnlbnS1/p1dFR
Kml3bq1QaBZqGGIjbBhXXCY4uMyv6F/io657u+W4ikEN3lp8hQ0EpjqFh7z8rAQW
BiMRxmzb2xYOt5O0Vqgt8FIwLLTyR3Yte5Azyzk/Tuaqlsh0ndwbxkmP2MMA/RKs
wnXYhMNW742UA0uinLuOAhjoDf9dkX0XM/5LUJVXJm04ajD45uDq+0hS2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8IlfQu61lzLuAHeb97LfGySh2HMB8GA1UdIwQY
MBaAFIdeqZnNvGAExxpUcMoOx65zggj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2Ut
NGQxMmZkMjVkOTc4LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ODdmMTAtMTc0NC00OWRmLWJkN2UtNGQxMmZkMjVkOTc4
LzEvaDE2cG1jMjhZQVRIR2xSd3lnN0hybk9DQ1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4zfynxy
Yy8ywUWc08jg+G8wme7kcMZEZ4Jk5tuX9wSfxTQaiEtvTQEisUt47O/etaVKfIbo
LVJG+D9r5gg0sD9FQTVCkGokJrsAMEf2sMcq0dnr2D3RbeMtcJKqkWW5NrQvS4Hu
v73DqhRnNst3mDrotmaeH5zkFpE+ayMlgas/IXOtv+bRFrgqS3GI/8HhpPuu+GNx
Z2In79QC2GKU69j8w5WRbSYoUn8EcqGYEFIbyln4rvQBmNkwFU9gz4B4JjRnSnwS
w24g7xxuiYK4y/mw29x+WkvXkL4lONWQefpfmxFIOr5E3NC1EqaWOiBPYxwzEPZD
v0lq+I1Jf/f/gA==
-----END CERTIFICATE-----