Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          CSnwlIMxB7mU2GK1SKKuqsVObrUBBqZehDKiLOdH7ms=
Subject key identifier:   8A:4D:F5:E8:29:32:77:3B:84:B4:02:5B:84:57:3F:8F:B5:B4:E5:66
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       0197488CA4C6D4A1996C98140934B0222290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0A88
Signing time:             Sat 07 Jun 2025 04:01:06 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:06 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:06 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: iusNkCmmnrCbN8A6ZSZX86u9PAEs4jADOUFLVOdLmtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:a4:c6:d4:a1:99:6c:98:14:09:34:b0:22:22:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Jun  7 04:01:06 2025 GMT
            Not After : Jun  8 04:01:06 2025 GMT
        Subject: CN=8a4df5e82932773b84b4025b84573f8fb5b4e566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:7d:96:ea:7a:27:de:9f:1e:e2:8c:db:80:98:
                    97:6d:da:a9:a4:17:93:ea:b1:28:bd:71:a4:6f:ff:
                    88:c4:75:60:e9:0f:c1:68:4f:30:23:4d:c2:73:c6:
                    ca:29:73:56:de:ee:b6:19:f3:26:68:a8:35:6e:c8:
                    31:dd:fa:8f:91:e0:87:bb:a5:45:5d:8c:30:50:c9:
                    c6:7f:f6:c3:58:0d:50:b3:52:25:3e:e8:f3:d5:10:
                    39:0e:72:08:eb:e0:a6:03:13:88:e3:14:9f:96:39:
                    46:3f:5d:ec:b8:21:a7:be:fb:b9:28:c6:79:b3:0f:
                    08:72:cb:84:bd:d7:f3:e7:ee:2e:5a:21:4d:7e:21:
                    3e:62:62:e4:10:33:5a:0c:43:d3:55:73:b3:8c:95:
                    b5:47:23:c8:19:2b:5a:a5:0f:03:8e:e7:50:3d:21:
                    f3:5f:04:5d:0c:55:33:bc:2f:64:b5:05:e4:4c:02:
                    5d:f4:1a:7a:fa:9e:ef:22:da:9a:9d:66:38:a2:c8:
                    5a:67:5d:41:35:2b:68:6b:f9:10:f1:9b:81:8f:40:
                    c6:6d:70:ae:71:a6:28:c0:48:31:d7:13:89:6e:0c:
                    f6:5f:f8:70:2f:b3:b3:ae:5c:53:11:09:a5:fc:68:
                    4d:af:76:9b:e0:34:b4:10:a5:70:b8:22:44:ca:52:
                    69:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:4D:F5:E8:29:32:77:3B:84:B4:02:5B:84:57:3F:8F:B5:B4:E5:66
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:89:a7:78:37:36:12:16:67:0b:81:5d:b3:16:af:79:6a:7b:
         7a:3f:65:ea:c5:81:8c:90:c1:1b:b4:f9:67:3e:5a:33:c3:fb:
         f9:4e:77:da:2d:dc:06:3d:95:8d:09:45:b2:3a:eb:d7:d2:a6:
         8a:9e:c8:06:05:48:56:26:83:d3:a2:c4:71:b7:47:54:5b:a3:
         b8:ec:d8:6e:48:4c:b9:62:76:55:b5:cc:85:f9:63:be:fd:80:
         24:43:9f:ec:af:7b:22:72:5e:41:cd:65:e6:fe:21:17:79:3b:
         f2:aa:11:67:9c:ab:de:b8:76:0f:a7:be:d3:47:bf:9f:d4:38:
         c2:a6:d6:9a:cb:20:f1:c3:bb:9a:72:dd:72:8d:06:78:b4:5f:
         a7:2b:f2:f8:d3:01:e4:a5:24:eb:7d:2f:01:2f:ca:46:63:6f:
         e2:7c:66:e2:d4:85:68:1b:96:11:4b:cd:ca:b3:5d:f9:e8:9d:
         e5:37:bb:16:e9:34:e1:50:4a:44:d8:3a:ae:51:10:5c:3c:55:
         2f:eb:0b:d1:95:5b:f9:66:66:2f:9f:01:21:c1:56:bb:a0:87:
         e5:ee:a3:68:ab:ce:7b:5a:e9:79:d0:44:db:53:e8:dc:e4:f8:
         30:27:1e:52:2b:5c:df:2c:92:7c:0c:43:b8:8b:85:00:9b:3b:
         9a:5d:63:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKTG1KGZbJgUCTSwIiKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjUwNjA3MDQwMTA2WhcNMjUwNjA4MDQwMTA2WjAzMTEwLwYDVQQD
Eyg4YTRkZjVlODI5MzI3NzNiODRiNDAyNWI4NDU3M2Y4ZmI1YjRlNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX2W6non3p8e4ozbgJiXbdqppBeT
6rEovXGkb/+IxHVg6Q/BaE8wI03Cc8bKKXNW3u62GfMmaKg1bsgx3fqPkeCHu6VF
XYwwUMnGf/bDWA1Qs1IlPujz1RA5DnII6+CmAxOI4xSfljlGP13suCGnvvu5KMZ5
sw8IcsuEvdfz5+4uWiFNfiE+YmLkEDNaDEPTVXOzjJW1RyPIGStapQ8DjudQPSHz
XwRdDFUzvC9ktQXkTAJd9Bp6+p7vItqanWY4oshaZ11BNStoa/kQ8ZuBj0DGbXCu
caYowEgx1xOJbgz2X/hwL7OzrlxTEQml/GhNr3ab4DS0EKVwuCJEylJp6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpN9egpMnc7hLQCW4RXP4+1tOVmMB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4mneDc2
EhZnC4FdsxaveWp7ej9l6sWBjJDBG7T5Zz5aM8P7+U532i3cBj2VjQlFsjrr19Km
ip7IBgVIViaD06LEcbdHVFujuOzYbkhMuWJ2VbXMhfljvv2AJEOf7K97InJeQc1l
5v4hF3k78qoRZ5yr3rh2D6e+00e/n9Q4wqbWmssg8cO7mnLdco0GeLRfpyvy+NMB
5KUk630vAS/KRmNv4nxm4tSFaBuWEUvNyrNd+eid5Te7Fuk04VBKRNg6rlEQXDxV
L+sL0ZVb+WZmL58BIcFWu6CH5e6jaKvOe1rpedBE21Po3OT4MCceUitc3yySfAxD
uIuFAJs7ml1j7Q==
-----END CERTIFICATE-----