Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
File:                     chgSXs-7IR7fwt4EcvlkqobL6Z4.mft (raw, json)
Hash identifier:          ZW09/yuEU+DSCtAFGq8+5n315umPdyc6x46aKVCpznQ=
Subject key identifier:   8D:4D:B4:DA:02:77:6F:56:BC:73:2F:BA:98:56:95:05:84:85:44:72
Authority key identifier: 72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E
Certificate issuer:       /CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
Certificate serial:       01984B545799238F3D9038C9E2EAA7740FCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
Manifest number:          0CE7
Signing time:             Sun 27 Jul 2025 10:01:15 +0000
Manifest this update:     Sun 27 Jul 2025 10:01:15 +0000
Manifest next update:     Mon 28 Jul 2025 10:01:15 +0000
Files and hashes:         1: chgSXs-7IR7fwt4EcvlkqobL6Z4.crl (hash: zHUeQWHbky3iKzAhX4O5OhULalJUBuQYv+tKzVmt3Vo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:54:57:99:23:8f:3d:90:38:c9:e2:ea:a7:74:0f:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7218125ecfbb211edfc2de0472f964aa86cbe99e
        Validity
            Not Before: Jul 27 10:01:15 2025 GMT
            Not After : Jul 28 10:01:15 2025 GMT
        Subject: CN=8d4db4da02776f56bc732fba9856950584854472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:af:37:a0:56:23:6c:cf:fb:6d:fe:bb:f9:15:
                    2c:9b:d9:9e:86:0e:42:87:60:16:33:e5:bd:33:41:
                    76:21:ce:bb:1d:8b:0c:38:0e:e9:05:4f:41:c6:04:
                    76:ee:13:b7:a0:1e:1c:ae:9a:d6:fd:db:be:74:91:
                    89:ae:74:fc:74:76:d5:5d:ed:10:f0:2a:87:2f:62:
                    1f:20:1c:25:81:83:13:52:7b:36:cd:51:71:34:d9:
                    43:08:6e:c5:af:27:8d:a1:af:73:f4:8c:e2:83:7a:
                    a2:59:31:2a:d3:2a:07:61:6b:ee:6b:47:53:a9:8b:
                    28:e6:28:01:5f:b2:9f:6b:5e:e9:b0:e1:56:dd:8e:
                    5a:0e:8e:30:43:bc:2d:04:ff:41:7b:3b:77:e6:8e:
                    96:ee:23:bf:6e:a9:32:67:c4:68:d3:b0:67:62:d9:
                    98:85:94:bf:c3:51:b1:ab:da:66:67:2d:d4:34:46:
                    f5:0f:d3:93:92:f3:f5:db:ac:1e:de:ff:37:c1:99:
                    fd:1b:a2:36:f8:35:6a:02:8f:80:3a:36:6c:65:a0:
                    dc:a5:1b:9b:51:94:e6:e5:e9:01:c2:db:13:89:1c:
                    8c:0a:cd:fd:02:ba:23:f5:bf:b9:6f:11:68:2f:b2:
                    be:25:3d:13:a8:57:70:f6:07:58:59:79:b1:84:ad:
                    f2:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:4D:B4:DA:02:77:6F:56:BC:73:2F:BA:98:56:95:05:84:85:44:72
            X509v3 Authority Key Identifier:
                keyid:72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:6e:5a:4e:19:c7:1e:7b:6b:c4:d2:a4:95:b9:db:7c:b7:7c:
         b0:fa:08:c4:29:2f:c3:c0:eb:d0:9b:57:72:07:17:48:57:a0:
         e0:eb:43:f3:a4:44:65:c0:34:6b:9f:b2:be:6a:00:dc:2a:00:
         09:ec:c7:1f:55:2f:52:93:a4:4f:40:c6:27:18:ea:03:ea:64:
         16:a2:a0:d5:4d:87:4a:b4:f8:b8:6c:ee:db:76:0b:6b:30:40:
         7c:19:14:9d:09:f9:56:93:35:48:5f:cb:c8:d8:31:c1:29:31:
         f5:3e:71:fa:0d:ad:c7:21:82:ca:f3:91:17:77:cf:5d:f2:e8:
         29:87:eb:ea:28:f0:c1:28:0d:d8:43:6a:30:a7:04:4d:5f:e5:
         0a:38:7a:e9:f2:70:94:e9:00:fc:88:8e:06:11:99:4c:03:2b:
         3c:0e:b8:36:6f:62:76:b0:f0:7c:df:e0:61:03:94:66:12:29:
         9d:90:ad:be:cc:1a:84:07:1e:d4:dc:25:d0:56:9a:5a:03:dc:
         fe:7a:ab:91:8e:3d:d2:c9:78:3a:16:b8:db:9d:06:db:8c:a4:
         83:c8:92:bf:da:94:c7:b5:bb:d3:ac:b9:39:2c:ff:4b:5e:98:
         86:e6:90:9f:ff:9b:af:a3:b1:0e:10:d5:cc:31:97:57:20:ee:
         49:1d:74:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVFeZI489kDjJ4uqndA/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMTgxMjVlY2ZiYjIxMWVkZmMyZGUwNDcyZjk2NGFhODZj
YmU5OWUwHhcNMjUwNzI3MTAwMTE1WhcNMjUwNzI4MTAwMTE1WjAzMTEwLwYDVQQD
Eyg4ZDRkYjRkYTAyNzc2ZjU2YmM3MzJmYmE5ODU2OTUwNTg0ODU0NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu683oFYjbM/7bf67+RUsm9mehg5C
h2AWM+W9M0F2Ic67HYsMOA7pBU9BxgR27hO3oB4crprW/du+dJGJrnT8dHbVXe0Q
8CqHL2IfIBwlgYMTUns2zVFxNNlDCG7FryeNoa9z9Izig3qiWTEq0yoHYWvua0dT
qYso5igBX7Kfa17psOFW3Y5aDo4wQ7wtBP9Bezt35o6W7iO/bqkyZ8Ro07BnYtmY
hZS/w1Gxq9pmZy3UNEb1D9OTkvP126we3v83wZn9G6I2+DVqAo+AOjZsZaDcpRub
UZTm5ekBwtsTiRyMCs39Aroj9b+5bxFoL7K+JT0TqFdw9gdYWXmxhK3yJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1NtNoCd29WvHMvuphWlQWEhURyMB8GA1UdIwQY
MBaAFHIYEl7PuyEe38LeBHL5ZKqGy+meMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWIt
MGRiMGZkNzRkYjMyLzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWItMGRiMGZkNzRkYjMy
LzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHW5aThnH
HntrxNKklbnbfLd8sPoIxCkvw8Dr0JtXcgcXSFeg4OtD86REZcA0a5+yvmoA3CoA
CezHH1UvUpOkT0DGJxjqA+pkFqKg1U2HSrT4uGzu23YLazBAfBkUnQn5VpM1SF/L
yNgxwSkx9T5x+g2txyGCyvORF3fPXfLoKYfr6ijwwSgN2ENqMKcETV/lCjh66fJw
lOkA/IiOBhGZTAMrPA64Nm9idrDwfN/gYQOUZhIpnZCtvswahAce1Nwl0FaaWgPc
/nqrkY490sl4Oha4250G24ykg8iSv9qUx7W706y5OSz/S16YhuaQn/+br6OxDhDV
zDGXVyDuSR10fw==
-----END CERTIFICATE-----