Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          NLuUBMZoMsY+dihydh5405phRuK3icJy30Z/qEmZj28=
Subject key identifier:   B7:9E:E3:F0:C3:AB:16:0F:75:F7:8A:C5:B8:6E:F2:18:CA:9B:83:6C
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       019849661587C1E27829D2420120E2368FC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          10B6
Signing time:             Sun 27 Jul 2025 01:01:23 +0000
Manifest this update:     Sun 27 Jul 2025 01:01:23 +0000
Manifest next update:     Mon 28 Jul 2025 01:01:23 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: leykrtJDtFCoKzzp22TqJtVQzZeS+R/y3PtOf9o5vvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:66:15:87:c1:e2:78:29:d2:42:01:20:e2:36:8f:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Jul 27 01:01:23 2025 GMT
            Not After : Jul 28 01:01:23 2025 GMT
        Subject: CN=b79ee3f0c3ab160f75f78ac5b86ef218ca9b836c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:61:a8:88:6c:cf:7b:fc:e0:44:ad:12:19:7c:
                    c0:8e:5a:a5:83:bc:34:e0:51:af:df:b5:0f:f6:c4:
                    e6:9a:c4:bb:d7:f6:73:4c:c4:a4:14:88:a1:00:04:
                    c3:3c:5c:a6:d6:8d:64:f2:3d:52:48:96:f7:c7:17:
                    eb:c2:3e:7a:e3:28:0d:b3:12:72:24:e3:cc:e2:d0:
                    f2:f6:f8:9e:3b:96:93:81:6d:fe:55:aa:17:1f:f8:
                    38:1c:1c:91:2e:d8:d0:ce:92:54:31:25:b3:de:19:
                    95:2c:eb:a2:b2:3e:fe:72:dc:31:61:72:a6:a0:79:
                    98:bf:88:80:2d:e2:fd:90:57:be:2d:e8:07:ee:68:
                    1a:8d:6c:59:9c:35:3f:4d:4f:e5:93:c4:56:32:c1:
                    e4:aa:84:40:d0:7a:2e:bc:d4:5c:a7:06:40:3f:f6:
                    e3:70:0d:d4:50:f6:5a:bd:95:2b:8b:80:83:ab:91:
                    d2:05:ab:36:53:cb:e0:f6:87:a6:c5:67:5f:57:02:
                    44:ff:90:10:df:86:cc:bc:06:52:b5:c5:c3:b1:b5:
                    db:64:44:9e:08:c6:20:3c:39:89:49:18:bf:29:5c:
                    10:c9:1d:d8:3f:94:2e:89:92:7a:27:0c:b9:fc:0f:
                    22:32:6f:68:0e:14:03:20:45:37:a4:bd:ad:f0:53:
                    76:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:9E:E3:F0:C3:AB:16:0F:75:F7:8A:C5:B8:6E:F2:18:CA:9B:83:6C
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:01:81:9a:70:a5:0e:0b:06:44:4b:56:19:d2:79:94:ac:d5:
         7a:84:54:58:69:90:f7:fb:67:d9:bd:02:53:0b:7b:6c:23:33:
         b8:08:ef:cc:14:f1:83:bf:1d:99:fc:45:83:ac:a4:91:7b:d1:
         92:0d:3b:d3:89:ca:75:79:4e:70:51:50:4d:07:9b:ca:7f:b5:
         e4:6e:4e:55:8a:72:80:85:81:12:db:83:91:f6:5e:50:21:54:
         12:4d:c5:71:2b:0b:a3:57:07:fd:3c:11:8b:7c:e6:44:7c:f7:
         03:7c:d1:73:0b:66:d8:5a:30:18:a9:c8:5a:03:88:30:fe:8c:
         a4:1d:e9:e4:9c:31:9b:2c:9f:c4:6c:8e:8b:0a:8d:f6:f8:1a:
         3a:b5:ae:33:fd:4a:6b:39:60:89:c6:db:31:17:10:cb:ee:8b:
         93:99:ea:de:5e:09:1b:de:c0:22:a9:a3:f5:29:ad:83:56:52:
         c0:4d:7d:6d:be:aa:50:60:f3:e3:94:e3:3b:0f:2f:40:50:85:
         f0:da:ca:77:a0:de:4e:63:d3:62:6c:45:81:38:a5:f8:39:ed:
         bd:8c:c6:90:59:0a:25:57:3d:3a:8b:0c:3a:08:44:e3:e9:25:
         c5:34:86:52:80:c5:c1:bf:42:00:a5:be:b0:db:6c:46:d9:9b:
         6e:95:99:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZhWHweJ4KdJCASDiNo/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjUwNzI3MDEwMTIzWhcNMjUwNzI4MDEwMTIzWjAzMTEwLwYDVQQD
EyhiNzllZTNmMGMzYWIxNjBmNzVmNzhhYzViODZlZjIxOGNhOWI4MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWGoiGzPe/zgRK0SGXzAjlqlg7w0
4FGv37UP9sTmmsS71/ZzTMSkFIihAATDPFym1o1k8j1SSJb3xxfrwj564ygNsxJy
JOPM4tDy9vieO5aTgW3+VaoXH/g4HByRLtjQzpJUMSWz3hmVLOuisj7+ctwxYXKm
oHmYv4iALeL9kFe+LegH7mgajWxZnDU/TU/lk8RWMsHkqoRA0HouvNRcpwZAP/bj
cA3UUPZavZUri4CDq5HSBas2U8vg9oemxWdfVwJE/5AQ34bMvAZStcXDsbXbZESe
CMYgPDmJSRi/KVwQyR3YP5QuiZJ6Jwy5/A8iMm9oDhQDIEU3pL2t8FN21QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLee4/DDqxYPdfeKxbhu8hjKm4NsMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAGBmnCl
DgsGREtWGdJ5lKzVeoRUWGmQ9/tn2b0CUwt7bCMzuAjvzBTxg78dmfxFg6ykkXvR
kg0704nKdXlOcFFQTQebyn+15G5OVYpygIWBEtuDkfZeUCFUEk3FcSsLo1cH/TwR
i3zmRHz3A3zRcwtm2FowGKnIWgOIMP6MpB3p5JwxmyyfxGyOiwqN9vgaOrWuM/1K
azlgicbbMRcQy+6Lk5nq3l4JG97AIqmj9Smtg1ZSwE19bb6qUGDz45TjOw8vQFCF
8NrKd6DeTmPTYmxFgTil+DntvYzGkFkKJVc9OosMOghE4+klxTSGUoDFwb9CAKW+
sNtsRtmbbpWZdA==
-----END CERTIFICATE-----