Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          4/fiICfNT7UdfwdkYz483nst607A8Z1viG+B2fEsK60=
Subject key identifier:   57:CF:2A:0E:78:F8:82:51:21:96:86:84:FD:3A:8F:E6:4F:12:A8:B9
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       01976960E72536BE5D4E7606035D5A775799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0192
Signing time:             Fri 13 Jun 2025 13:00:47 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:47 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:47 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: aov3GIlDm91C5JihW/x5bK69tXdvq+mOSUItbo9M+CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:e7:25:36:be:5d:4e:76:06:03:5d:5a:77:57:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Jun 13 13:00:47 2025 GMT
            Not After : Jun 14 13:00:47 2025 GMT
        Subject: CN=57cf2a0e78f8825121968684fd3a8fe64f12a8b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:78:76:e9:8e:4a:31:15:a6:1b:4b:03:cf:ba:
                    8d:e6:98:9f:67:8b:a2:cc:08:10:83:f9:5e:25:37:
                    6f:8d:f3:3f:2e:95:d5:e7:d9:07:38:62:44:4d:e9:
                    7f:2a:33:49:1b:0c:76:57:38:8a:77:75:bf:c4:fc:
                    e9:e8:3a:4a:dd:32:dd:f1:3c:a0:c4:2a:f0:b5:4b:
                    ab:63:c0:2b:66:08:5c:1e:c2:c9:c2:9e:a5:ba:75:
                    62:13:dd:5c:16:8f:fb:3d:c5:e4:77:d8:40:2f:6b:
                    44:a5:e1:82:bc:0b:01:7d:2a:2e:d5:1c:4b:bf:c9:
                    f7:4b:8d:27:c3:13:be:83:b2:32:c1:b6:04:f3:98:
                    a4:58:52:a4:5f:08:b1:e7:8d:fa:c8:38:70:ad:a6:
                    65:75:31:ad:23:2b:85:7d:f1:17:6c:8b:fb:57:19:
                    93:69:28:d9:51:92:28:bf:b0:2c:ab:07:36:d0:97:
                    49:58:6e:40:15:a8:9d:45:f0:a7:6d:e6:97:4a:bf:
                    d3:8d:cd:76:09:51:1b:e7:17:b5:eb:cd:cf:b9:01:
                    88:c6:c9:21:6a:32:36:16:3b:0f:72:96:4f:9b:c6:
                    4f:d4:0e:66:d5:f9:64:7c:8d:9e:d8:50:31:21:b1:
                    cc:ac:2c:09:06:0f:38:6f:04:c9:3d:19:9a:74:81:
                    4e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:CF:2A:0E:78:F8:82:51:21:96:86:84:FD:3A:8F:E6:4F:12:A8:B9
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:4e:f3:b2:a4:b3:3e:c9:84:50:5c:e5:d2:e3:2e:bd:95:06:
         c2:4a:bd:39:31:de:75:80:be:f2:ed:55:b7:ed:97:cf:3a:dc:
         0c:2a:90:d0:eb:2b:ee:f4:90:e8:e8:f3:03:9f:ca:dd:1f:07:
         87:f2:5d:b1:0d:fa:70:35:bf:a6:91:67:e0:58:fc:21:fb:49:
         5e:ac:f0:d8:bb:31:db:69:21:0b:b1:5e:8d:76:3a:98:4d:a0:
         bd:e3:87:4a:3b:3b:74:dd:88:63:41:c8:43:23:95:3b:ce:7e:
         99:e6:45:17:47:0c:13:ad:fa:92:8e:31:ad:8d:f4:d7:be:08:
         f7:01:cf:96:6e:8c:68:e8:a2:f7:2b:78:40:a0:47:d9:ea:62:
         24:74:8d:b2:f7:4e:7d:18:22:7e:d6:81:e5:9b:96:03:ec:33:
         89:ff:88:c0:a6:f1:af:03:4d:12:b3:1c:03:1f:73:06:03:2f:
         c1:1a:1e:6b:c5:4d:c3:e9:0d:bd:db:a4:81:03:9b:43:0c:f7:
         a6:1a:5c:ce:bc:f2:fe:c8:82:35:25:ec:69:71:75:65:28:12:
         a3:96:7b:6d:2f:e0:e8:b5:6f:43:f7:50:29:d2:72:f1:9f:ad:
         74:ad:d4:6e:7d:cb:a0:d6:6c:af:0b:d3:09:f1:17:57:83:cb:
         e9:17:96:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYOclNr5dTnYGA11ad1eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUwNjEzMTMwMDQ3WhcNMjUwNjE0MTMwMDQ3WjAzMTEwLwYDVQQD
Eyg1N2NmMmEwZTc4Zjg4MjUxMjE5Njg2ODRmZDNhOGZlNjRmMTJhOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3h26Y5KMRWmG0sDz7qN5pifZ4ui
zAgQg/leJTdvjfM/LpXV59kHOGJETel/KjNJGwx2VziKd3W/xPzp6DpK3TLd8Tyg
xCrwtUurY8ArZghcHsLJwp6lunViE91cFo/7PcXkd9hAL2tEpeGCvAsBfSou1RxL
v8n3S40nwxO+g7IywbYE85ikWFKkXwix5436yDhwraZldTGtIyuFffEXbIv7VxmT
aSjZUZIov7Asqwc20JdJWG5AFaidRfCnbeaXSr/Tjc12CVEb5xe1683PuQGIxskh
ajI2FjsPcpZPm8ZP1A5m1flkfI2e2FAxIbHMrCwJBg84bwTJPRmadIFOxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfPKg54+IJRIZaGhP06j+ZPEqi5MB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATU7zsqSz
PsmEUFzl0uMuvZUGwkq9OTHedYC+8u1Vt+2XzzrcDCqQ0Osr7vSQ6OjzA5/K3R8H
h/JdsQ36cDW/ppFn4Fj8IftJXqzw2Lsx22khC7FejXY6mE2gveOHSjs7dN2IY0HI
QyOVO85+meZFF0cME636ko4xrY30174I9wHPlm6MaOii9yt4QKBH2epiJHSNsvdO
fRgiftaB5ZuWA+wzif+IwKbxrwNNErMcAx9zBgMvwRoea8VNw+kNvdukgQObQwz3
phpczrzy/siCNSXsaXF1ZSgSo5Z7bS/g6LVvQ/dQKdJy8Z+tdK3Ubn3LoNZsrwvT
CfEXV4PL6ReWIQ==
-----END CERTIFICATE-----