Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          7bUJGSVblDjE41ZWwAQ61OssrkzcXxD0z+725lfMRQw=
Subject key identifier:   25:F3:07:AB:F7:DB:B0:35:FE:19:31:AF:3E:86:C8:2D:43:38:0A:C8
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       0197711ACE86AD52719C9153FE5351939B6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          1008
Signing time:             Sun 15 Jun 2025 01:01:11 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:11 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:11 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: HDqgKTu6hsNSRh9CJT7yG5sb5RWACrfLtC7Q+k2mZYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:ce:86:ad:52:71:9c:91:53:fe:53:51:93:9b:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Jun 15 01:01:11 2025 GMT
            Not After : Jun 16 01:01:11 2025 GMT
        Subject: CN=25f307abf7dbb035fe1931af3e86c82d43380ac8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:36:1b:b1:68:c1:61:bb:fe:fd:7c:9b:c2:47:
                    c4:78:65:9b:ec:76:06:d3:59:fb:86:96:13:85:72:
                    88:9f:51:60:a0:ea:ad:22:77:c4:cd:79:2d:4e:01:
                    45:6e:8a:f1:75:e6:0a:96:a9:85:c8:1f:a6:86:a6:
                    56:c2:6e:12:0e:e3:26:c2:99:0d:13:7e:06:99:48:
                    af:68:f3:e9:31:5f:87:8c:9d:ab:b4:7d:e2:00:09:
                    0e:9f:81:cb:cb:bd:7e:c3:94:79:b8:ef:bb:3c:e9:
                    2d:c8:7e:86:7d:b9:da:2f:e8:59:a7:23:04:96:bd:
                    bd:cc:ae:cc:31:80:4a:92:68:a5:b8:02:ef:1a:69:
                    63:8f:e0:12:7c:c9:ed:40:65:0b:a3:2f:c0:5f:a2:
                    28:7b:ba:7b:e5:4d:9f:d2:e4:69:63:d4:d2:db:e6:
                    a2:08:bf:17:7c:4d:98:6e:1a:3c:34:74:3e:18:ec:
                    10:16:ae:3f:da:6a:b4:15:90:de:3e:81:bd:87:7f:
                    aa:18:5a:89:35:6f:ae:0f:fe:d7:45:bc:41:2b:bb:
                    0a:08:1c:b2:c0:b8:e0:9b:c8:8c:a3:b6:e1:f7:5f:
                    88:ce:1a:1f:9d:f6:8a:4d:16:ad:71:00:18:4d:0a:
                    2b:df:58:cc:b2:7e:3e:9a:c6:23:b8:96:36:21:63:
                    9e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F3:07:AB:F7:DB:B0:35:FE:19:31:AF:3E:86:C8:2D:43:38:0A:C8
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:ed:9c:2f:ca:dc:d3:53:b3:d8:70:e2:0f:14:16:4d:c5:b9:
         78:6c:60:09:7b:8b:4d:50:15:99:d6:5f:67:c3:16:a4:42:dc:
         62:b7:01:df:55:26:6e:25:33:0b:31:ef:23:b7:c2:41:8e:a1:
         46:e4:17:28:43:4b:dc:69:45:4b:40:ef:36:ad:2f:59:96:31:
         c9:49:84:b9:f2:60:ab:ef:d5:2d:d4:1e:c6:0b:e9:34:6b:68:
         9d:33:71:51:87:2c:76:db:df:c1:ac:07:8d:53:6c:aa:c3:a7:
         5b:14:44:74:80:eb:63:25:8f:84:c3:3a:94:28:e6:5f:72:d3:
         41:47:5f:d4:0b:6f:b3:4c:87:8d:2c:eb:ab:d8:7a:55:6d:df:
         88:e3:17:14:5f:ca:a0:4d:bc:25:f0:f6:93:28:7e:c7:d4:e2:
         d6:72:4c:88:7d:7a:d8:df:bd:34:e5:b2:8f:a5:c0:e9:7d:5e:
         d1:0a:6a:23:5e:b0:65:72:c1:28:e3:51:b3:68:ed:0b:8a:c3:
         80:46:06:d2:e0:c6:a3:55:7b:20:d5:6b:76:94:0f:62:5e:07:
         98:0f:41:70:c0:2f:b2:f0:2b:e3:fc:e6:63:88:04:d9:4f:11:
         fc:37:9b:c7:85:66:c4:4d:ad:16:bc:db:8b:5e:92:94:c1:7b:
         43:74:26:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGs6GrVJxnJFT/lNRk5tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjUwNjE1MDEwMTExWhcNMjUwNjE2MDEwMTExWjAzMTEwLwYDVQQD
EygyNWYzMDdhYmY3ZGJiMDM1ZmUxOTMxYWYzZTg2YzgyZDQzMzgwYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DYbsWjBYbv+/XybwkfEeGWb7HYG
01n7hpYThXKIn1FgoOqtInfEzXktTgFFborxdeYKlqmFyB+mhqZWwm4SDuMmwpkN
E34GmUivaPPpMV+HjJ2rtH3iAAkOn4HLy71+w5R5uO+7POktyH6GfbnaL+hZpyME
lr29zK7MMYBKkmiluALvGmljj+ASfMntQGULoy/AX6Ioe7p75U2f0uRpY9TS2+ai
CL8XfE2Ybho8NHQ+GOwQFq4/2mq0FZDePoG9h3+qGFqJNW+uD/7XRbxBK7sKCByy
wLjgm8iMo7bh91+IzhofnfaKTRatcQAYTQor31jMsn4+msYjuJY2IWOeJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXzB6v327A1/hkxrz6GyC1DOArIMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+2cL8rc
01Oz2HDiDxQWTcW5eGxgCXuLTVAVmdZfZ8MWpELcYrcB31UmbiUzCzHvI7fCQY6h
RuQXKENL3GlFS0DvNq0vWZYxyUmEufJgq+/VLdQexgvpNGtonTNxUYcsdtvfwawH
jVNsqsOnWxREdIDrYyWPhMM6lCjmX3LTQUdf1Atvs0yHjSzrq9h6VW3fiOMXFF/K
oE28JfD2kyh+x9Ti1nJMiH162N+9NOWyj6XA6X1e0QpqI16wZXLBKONRs2jtC4rD
gEYG0uDGo1V7INVrdpQPYl4HmA9BcMAvsvAr4/zmY4gE2U8R/Debx4VmxE2tFrzb
i16SlMF7Q3QmBg==
-----END CERTIFICATE-----