Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
File:                     EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft (raw, json)
Hash identifier:          d6YwVxBXCrsnRt3ZRTodDdUllNr7KFfHEQbnlGwqsdY=
Subject key identifier:   B6:9D:B6:06:63:A1:05:17:78:47:DC:0C:EB:F5:53:9B:C3:AE:F7:85
Authority key identifier: 11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB
Certificate issuer:       /CN=1171641f157cb57b532626359e71582742c2dccb
Certificate serial:       01977FE9643018D41271100C91D220FB080A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
Manifest number:          146A
Signing time:             Tue 17 Jun 2025 22:01:31 +0000
Manifest this update:     Tue 17 Jun 2025 22:01:31 +0000
Manifest next update:     Wed 18 Jun 2025 22:01:31 +0000
Files and hashes:         1: EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl (hash: NS182KQCW7EGI+pDtgLeKyZedfBq/6Yjn5SX6d1Wd6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7f:e9:64:30:18:d4:12:71:10:0c:91:d2:20:fb:08:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1171641f157cb57b532626359e71582742c2dccb
        Validity
            Not Before: Jun 17 22:01:31 2025 GMT
            Not After : Jun 18 22:01:31 2025 GMT
        Subject: CN=b69db60663a105177847dc0cebf5539bc3aef785
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2c:07:0b:1b:bd:85:e6:ca:30:76:61:2c:42:
                    9a:1f:3b:36:59:17:1f:52:cb:f3:ac:db:60:95:4e:
                    8c:60:95:4b:8c:d9:4b:f9:2c:f9:9a:fc:6b:97:c8:
                    32:51:d5:92:6d:8a:4c:32:92:72:04:eb:f6:30:b8:
                    4a:31:e7:5b:38:ca:b2:eb:ba:bf:01:c9:07:75:1f:
                    7a:cc:96:63:d9:67:e5:c5:4f:da:80:b2:57:bb:39:
                    d9:a9:f5:3a:37:04:45:f2:01:bf:ec:53:ec:49:22:
                    1f:3b:06:7e:8d:66:b3:e4:04:43:ae:95:ba:24:6c:
                    05:86:4d:97:b2:00:0f:26:ee:7b:c7:1e:ae:88:1c:
                    ca:63:fa:9f:84:65:a0:4f:c0:9d:c2:95:b2:15:86:
                    b1:d8:fa:cf:4f:1c:bb:ac:dc:59:4e:ce:34:71:0b:
                    ac:59:7f:a8:d8:a2:8a:59:a0:75:b7:fe:0d:0d:27:
                    08:c7:7f:fd:37:4e:c5:7b:43:1e:39:d3:32:70:c3:
                    62:a0:17:65:cb:8c:28:d6:f7:60:f1:57:26:f8:fa:
                    84:c4:31:be:7a:90:77:d9:c6:1c:5f:b2:c0:fe:25:
                    1b:0d:cc:18:b3:be:1e:58:34:09:15:51:19:60:69:
                    05:4b:a1:5c:25:ed:3b:aa:88:8a:72:77:6f:cf:53:
                    14:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:9D:B6:06:63:A1:05:17:78:47:DC:0C:EB:F5:53:9B:C3:AE:F7:85
            X509v3 Authority Key Identifier:
                keyid:11:71:64:1F:15:7C:B5:7B:53:26:26:35:9E:71:58:27:42:C2:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3fa711-06b0-41e3-9c72-3cb9e102afe0/1/EXFkHxV8tXtTJiY1nnFYJ0LC3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:a1:b8:3c:98:9f:c3:d6:30:dd:ba:bb:f0:6c:07:22:5b:01:
         0a:5e:ae:a6:87:b7:9c:d7:04:51:55:bd:ee:20:a9:cc:22:fb:
         06:f1:8c:4e:7f:b9:12:b3:dc:a4:18:3f:ab:a7:7d:c4:1e:bd:
         26:20:33:94:19:be:3d:c1:c2:6d:7b:3d:fe:61:4c:f8:e8:ae:
         fe:42:14:36:05:18:79:d5:b7:85:e0:b0:9e:7e:6a:20:d1:0c:
         e5:73:2c:c0:70:3d:7f:a9:97:70:c9:3a:aa:ee:07:c9:70:7b:
         c7:6a:5c:78:33:18:e7:fc:b5:61:e6:14:ae:3d:f5:6f:7d:46:
         4e:8d:b3:0c:89:c2:c7:8c:78:d2:a2:b4:a3:6c:4e:2f:0f:2e:
         2a:1d:61:b4:74:d4:4f:ca:43:74:cd:b7:61:23:4d:53:50:bf:
         5f:9f:7d:37:3a:65:6f:08:17:7b:e3:aa:90:2b:c7:7d:14:c5:
         01:a9:11:29:a9:22:f0:37:b2:9c:e0:ad:03:fc:a2:ce:f4:95:
         e3:97:20:7c:3c:72:44:ec:4c:09:0a:26:97:51:34:50:ee:3f:
         77:7d:f3:db:74:13:f3:c9:d7:13:d2:e5:9a:aa:0f:b7:58:71:
         71:ce:a5:f5:d1:b9:11:66:44:f6:e8:f3:45:02:f5:a2:9e:b6:
         ac:28:1f:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd/6WQwGNQScRAMkdIg+wgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNzE2NDFmMTU3Y2I1N2I1MzI2MjYzNTllNzE1ODI3NDJj
MmRjY2IwHhcNMjUwNjE3MjIwMTMxWhcNMjUwNjE4MjIwMTMxWjAzMTEwLwYDVQQD
EyhiNjlkYjYwNjYzYTEwNTE3Nzg0N2RjMGNlYmY1NTM5YmMzYWVmNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSwHCxu9hebKMHZhLEKaHzs2WRcf
UsvzrNtglU6MYJVLjNlL+Sz5mvxrl8gyUdWSbYpMMpJyBOv2MLhKMedbOMqy67q/
AckHdR96zJZj2WflxU/agLJXuznZqfU6NwRF8gG/7FPsSSIfOwZ+jWaz5ARDrpW6
JGwFhk2XsgAPJu57xx6uiBzKY/qfhGWgT8CdwpWyFYax2PrPTxy7rNxZTs40cQus
WX+o2KKKWaB1t/4NDScIx3/9N07Fe0MeOdMycMNioBdly4wo1vdg8Vcm+PqExDG+
epB32cYcX7LA/iUbDcwYs74eWDQJFVEZYGkFS6FcJe07qoiKcndvz1MUOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLadtgZjoQUXeEfcDOv1U5vDrveFMB8GA1UdIwQY
MBaAFBFxZB8VfLV7UyYmNZ5xWCdCwtzLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzIt
M2NiOWUxMDJhZmUwLzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zZmE3MTEtMDZiMC00MWUzLTljNzItM2NiOWUxMDJhZmUw
LzEvRVhGa0h4Vjh0WHRUSmlZMW5uRllKMExDM01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeaG4PJif
w9Yw3bq78GwHIlsBCl6upoe3nNcEUVW97iCpzCL7BvGMTn+5ErPcpBg/q6d9xB69
JiAzlBm+PcHCbXs9/mFM+Oiu/kIUNgUYedW3heCwnn5qINEM5XMswHA9f6mXcMk6
qu4HyXB7x2pceDMY5/y1YeYUrj31b31GTo2zDInCx4x40qK0o2xOLw8uKh1htHTU
T8pDdM23YSNNU1C/X599NzplbwgXe+OqkCvHfRTFAakRKaki8DeynOCtA/yizvSV
45cgfDxyROxMCQoml1E0UO4/d33z23QT88nXE9LlmqoPt1hxcc6l9dG5EWZE9ujz
RQL1op62rCgfMg==
-----END CERTIFICATE-----