Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          lNDOhXtiA4QopPbq5Xy3VKBz81+8510RwAMX/u6pqGE=
Subject key identifier:   9F:04:13:C2:F0:D2:57:C2:85:64:42:24:78:F3:E1:F4:65:85:BA:6D
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       01976D3E8FF46B24690BA5D7AFD3CD73C42F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0E24
Signing time:             Sat 14 Jun 2025 07:01:46 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:46 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:46 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: GGJ/W8nKn11EqZbg9h9q5pahqmeB/S+gCnDr0ZtE+1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:8f:f4:6b:24:69:0b:a5:d7:af:d3:cd:73:c4:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Jun 14 07:01:46 2025 GMT
            Not After : Jun 15 07:01:46 2025 GMT
        Subject: CN=9f0413c2f0d257c28564422478f3e1f46585ba6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:82:f4:22:a2:7b:33:03:8b:99:1d:c6:d0:a2:
                    0e:08:17:d7:f4:ee:f2:3c:db:61:d8:e3:7a:af:67:
                    bc:f7:93:f6:19:9c:24:45:9a:04:0b:91:6b:1e:3f:
                    26:60:fc:40:c2:bc:05:9c:57:5b:22:25:1b:24:e7:
                    8b:41:0c:31:aa:d2:48:4b:66:c6:0a:4d:de:84:89:
                    72:8d:a5:58:5e:0d:60:ed:da:95:ca:69:22:8e:ad:
                    9f:32:63:5d:88:03:38:71:2c:bc:e3:d7:df:c8:ab:
                    97:d7:47:50:b5:78:5e:a6:f4:6e:cf:4e:30:f9:f7:
                    19:e5:0d:29:b0:3b:93:e5:9d:f0:97:16:7b:11:81:
                    98:73:10:7d:84:a2:bd:c6:16:a6:87:3c:3f:7c:bb:
                    60:6f:9e:7a:4d:13:fd:5c:5d:36:79:9b:89:48:fc:
                    6b:0e:5c:7f:bb:0a:e1:47:e3:9f:11:19:35:fb:bb:
                    c5:92:93:d6:d0:0d:2d:05:ac:b4:51:c5:35:59:b5:
                    78:97:3f:0a:a8:bd:1b:17:60:5c:39:ea:ed:b0:8e:
                    cd:ca:ae:92:4e:ad:30:8e:f4:f3:bc:95:0d:dc:a6:
                    2d:1f:f7:1e:14:73:88:b2:97:33:18:21:cb:11:3a:
                    b6:26:e0:9b:a1:8e:28:3a:00:e0:2e:f7:37:23:ac:
                    32:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:04:13:C2:F0:D2:57:C2:85:64:42:24:78:F3:E1:F4:65:85:BA:6D
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:e6:dc:81:5a:44:3d:2a:c5:81:8d:b2:3a:ea:9a:99:62:7d:
         77:9a:10:b1:17:59:b8:e8:87:62:61:f6:2d:3d:a3:0a:50:17:
         18:4c:3a:a8:24:1f:09:88:4a:fe:db:b4:73:dd:84:2f:1c:55:
         02:6a:0c:f1:2d:0b:a3:ff:47:38:09:f4:99:43:ba:e6:4a:d4:
         60:14:5c:3b:ae:24:d3:15:40:4a:39:ce:a6:43:0d:7d:1e:50:
         42:6d:4b:90:a7:97:83:c4:2f:8f:8f:81:39:ed:d4:80:49:f0:
         96:4b:ed:03:63:57:c6:a6:3b:33:1e:97:6c:a1:36:83:9d:13:
         d0:54:1e:c8:a6:d3:6e:7c:6a:3b:ea:85:ba:7d:06:96:cc:eb:
         54:ed:22:f6:8a:20:ec:e9:8a:48:97:e2:f0:0b:8d:3f:4d:2d:
         e9:38:59:db:d3:97:f1:ac:68:13:5f:e4:e5:16:7b:a3:44:b7:
         d2:68:a1:27:d4:6d:50:c8:f8:90:ad:38:a3:2e:ca:19:bf:37:
         5e:0b:16:04:3d:a7:d9:85:81:df:06:2e:de:ed:f2:99:38:47:
         d1:e3:88:27:e2:c4:81:5e:f3:3f:af:2a:fe:67:4b:e2:01:eb:
         a5:84:8a:fb:f3:76:e7:3a:b3:35:7f:28:f1:89:30:3b:db:9f:
         13:f4:82:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPo/0ayRpC6XXr9PNc8QvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUwNjE0MDcwMTQ2WhcNMjUwNjE1MDcwMTQ2WjAzMTEwLwYDVQQD
Eyg5ZjA0MTNjMmYwZDI1N2MyODU2NDQyMjQ3OGYzZTFmNDY1ODViYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoL0IqJ7MwOLmR3G0KIOCBfX9O7y
PNth2ON6r2e895P2GZwkRZoEC5FrHj8mYPxAwrwFnFdbIiUbJOeLQQwxqtJIS2bG
Ck3ehIlyjaVYXg1g7dqVymkijq2fMmNdiAM4cSy849ffyKuX10dQtXhepvRuz04w
+fcZ5Q0psDuT5Z3wlxZ7EYGYcxB9hKK9xhamhzw/fLtgb556TRP9XF02eZuJSPxr
Dlx/uwrhR+OfERk1+7vFkpPW0A0tBay0UcU1WbV4lz8KqL0bF2BcOertsI7Nyq6S
Tq0wjvTzvJUN3KYtH/ceFHOIspczGCHLETq2JuCboY4oOgDgLvc3I6wyXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8EE8Lw0lfChWRCJHjz4fRlhbptMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgubcgVpE
PSrFgY2yOuqamWJ9d5oQsRdZuOiHYmH2LT2jClAXGEw6qCQfCYhK/tu0c92ELxxV
AmoM8S0Lo/9HOAn0mUO65krUYBRcO64k0xVASjnOpkMNfR5QQm1LkKeXg8Qvj4+B
Oe3UgEnwlkvtA2NXxqY7Mx6XbKE2g50T0FQeyKbTbnxqO+qFun0GlszrVO0i9oog
7OmKSJfi8AuNP00t6ThZ29OX8axoE1/k5RZ7o0S30mihJ9RtUMj4kK04oy7KGb83
XgsWBD2n2YWB3wYu3u3ymThH0eOIJ+LEgV7zP68q/mdL4gHrpYSK+/N25zqzNX8o
8YkwO9ufE/SCSw==
-----END CERTIFICATE-----