Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          AA49cDJmqTYC8Z6Z0iLBAtVDD5c/D0cxQW5amJtg6Uw=
Subject key identifier:   69:73:B6:40:9D:60:90:75:CA:37:FC:57:D5:43:D5:F1:2D:DB:9D:33
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       01974E5760C14953881FCED0BFA51B8A05C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 07:00:38 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:38 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:38 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: t5ftYgZ+mPhQx4QnnO4fgDIz1tFGjKl64dAfuoa0+xU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:60:c1:49:53:88:1f:ce:d0:bf:a5:1b:8a:05:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Jun  8 07:00:38 2025 GMT
            Not After : Jun  9 07:00:38 2025 GMT
        Subject: CN=6973b6409d609075ca37fc57d543d5f12ddb9d33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6a:9c:fc:16:70:f8:25:d4:62:ed:94:e5:c0:
                    53:ba:31:d5:f7:48:be:a6:54:ba:fd:ed:c7:5a:ff:
                    f4:e5:84:5d:b6:6a:ad:87:4a:ed:23:4c:82:df:33:
                    54:98:4f:d1:fb:04:e4:79:26:23:1e:97:76:d5:ab:
                    7f:83:71:e4:31:70:c8:a6:4a:83:38:e8:11:4a:d8:
                    df:d5:0b:e6:a5:34:ed:f8:c6:3e:96:45:b4:de:89:
                    b4:3f:96:4c:20:ef:4e:56:78:09:e3:60:3b:cf:44:
                    bb:c9:db:93:02:97:6c:58:6a:6e:84:3d:2f:e8:69:
                    68:ec:a0:5f:2d:d8:2b:27:ba:da:37:93:c2:a3:82:
                    53:1d:30:2b:9c:14:b6:52:9e:65:78:36:27:b1:be:
                    4a:9c:63:8a:f4:0e:11:13:be:fa:ad:f6:a2:b3:b3:
                    99:90:30:73:a3:f4:2a:5d:78:b6:86:1f:a9:49:c2:
                    7c:5b:04:d3:92:2c:e3:92:a6:b6:e7:55:70:15:c7:
                    44:2c:ae:3d:0f:d0:29:df:b4:02:44:dc:47:5c:70:
                    db:cc:c1:2b:bf:71:fe:22:d9:3e:2f:aa:38:d4:4a:
                    d0:de:f1:ae:a3:c9:eb:a7:cd:6f:f6:17:30:89:55:
                    6a:9d:45:65:b6:b0:84:7a:16:b5:80:cf:48:a7:c3:
                    4d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:73:B6:40:9D:60:90:75:CA:37:FC:57:D5:43:D5:F1:2D:DB:9D:33
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:b7:15:ba:f4:06:db:1e:9f:6c:69:ff:a3:b0:d3:87:41:f9:
         c3:f9:1f:29:13:c0:a6:5a:b1:90:a8:ba:5d:f0:6a:08:5f:34:
         37:1f:cb:75:94:b6:8b:12:1a:eb:44:15:76:40:1e:ed:13:d4:
         7c:8f:75:4a:c7:14:99:3e:a5:29:1e:41:4f:63:23:cc:3e:cf:
         f1:36:8b:eb:79:99:b2:a9:8e:13:f5:88:e7:db:df:3c:9a:9e:
         3d:4f:0a:8d:d3:7e:65:82:f0:e0:17:35:10:b0:a5:c0:79:28:
         58:6b:ba:be:2d:ea:5e:54:3f:a6:77:aa:cf:9b:63:10:77:d1:
         ba:eb:c6:e3:4b:88:fa:61:2f:95:40:b3:64:a7:cd:62:ee:d5:
         6a:88:21:45:39:67:45:ae:42:bd:e7:d6:77:be:c7:45:97:87:
         ea:68:13:c1:33:fa:b3:41:b1:ca:b4:d6:69:38:90:7b:71:61:
         e4:a2:e5:dd:f3:ca:66:d5:11:95:14:80:eb:4b:8a:31:9d:8d:
         b6:e6:a9:e4:01:fa:1d:2d:58:fb:b3:2d:6e:f1:7b:70:20:4b:
         15:08:b1:69:d4:e3:88:14:73:fc:54:bb:23:5a:42:17:8c:67:
         f8:9b:63:56:c7:c3:c9:f4:72:3c:08:ca:19:82:9b:91:e5:dc:
         ad:28:2e:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV2DBSVOIH87Qv6UbigXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjUwNjA4MDcwMDM4WhcNMjUwNjA5MDcwMDM4WjAzMTEwLwYDVQQD
Eyg2OTczYjY0MDlkNjA5MDc1Y2EzN2ZjNTdkNTQzZDVmMTJkZGI5ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWqc/BZw+CXUYu2U5cBTujHV90i+
plS6/e3HWv/05YRdtmqth0rtI0yC3zNUmE/R+wTkeSYjHpd21at/g3HkMXDIpkqD
OOgRStjf1QvmpTTt+MY+lkW03om0P5ZMIO9OVngJ42A7z0S7yduTApdsWGpuhD0v
6Glo7KBfLdgrJ7raN5PCo4JTHTArnBS2Up5leDYnsb5KnGOK9A4RE776rfais7OZ
kDBzo/QqXXi2hh+pScJ8WwTTkizjkqa251VwFcdELK49D9Ap37QCRNxHXHDbzMEr
v3H+Itk+L6o41ErQ3vGuo8nrp81v9hcwiVVqnUVltrCEeha1gM9Ip8NNNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlztkCdYJB1yjf8V9VD1fEt250zMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnbcVuvQG
2x6fbGn/o7DTh0H5w/kfKRPAplqxkKi6XfBqCF80Nx/LdZS2ixIa60QVdkAe7RPU
fI91SscUmT6lKR5BT2MjzD7P8TaL63mZsqmOE/WI59vfPJqePU8KjdN+ZYLw4Bc1
ELClwHkoWGu6vi3qXlQ/pneqz5tjEHfRuuvG40uI+mEvlUCzZKfNYu7VaoghRTln
Ra5CvefWd77HRZeH6mgTwTP6s0GxyrTWaTiQe3Fh5KLl3fPKZtURlRSA60uKMZ2N
tuap5AH6HS1Y+7MtbvF7cCBLFQixadTjiBRz/FS7I1pCF4xn+JtjVsfDyfRyPAjK
GYKbkeXcrSgu+Q==
-----END CERTIFICATE-----