Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
File:                     6gYhpKcsclr8dUFej4rPdTPUIH0.mft (raw, json)
Hash identifier:          Ho42+MWrkUnIYn2oVH56TcWAneydS9lVemeHQrpx0hg=
Subject key identifier:   4D:75:0C:9C:CB:50:25:2B:C7:BA:06:E4:0B:0A:7C:26:11:2A:C2:9D
Authority key identifier: EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D
Certificate issuer:       /CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
Certificate serial:       0197488D1FC7842AB94FB29E58A47A0F275E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
Manifest number:          13C7
Signing time:             Sat 07 Jun 2025 04:01:37 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:37 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:37 +0000
Files and hashes:         1: 6gYhpKcsclr8dUFej4rPdTPUIH0.crl (hash: 1wo1Cp8whXp3ArFjBRwxQ9tl3StI65X74xcYRyHOOs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8d:1f:c7:84:2a:b9:4f:b2:9e:58:a4:7a:0f:27:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
        Validity
            Not Before: Jun  7 04:01:37 2025 GMT
            Not After : Jun  8 04:01:37 2025 GMT
        Subject: CN=4d750c9ccb50252bc7ba06e40b0a7c26112ac29d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0f:13:91:ae:b5:f5:3b:73:9f:9e:c4:c2:98:
                    a8:0f:4b:0f:5a:8b:e3:84:af:c7:60:ed:b8:05:4d:
                    2e:07:35:8d:b5:ce:94:9c:97:42:dc:bf:29:4c:02:
                    d3:fe:d7:43:54:1b:ae:b1:a5:84:5e:4b:2c:f8:fe:
                    5e:f1:1a:ae:de:1d:e6:bd:bc:50:d6:61:3c:62:02:
                    12:6f:42:5e:a7:24:e7:70:d5:43:6f:c7:80:79:bf:
                    ac:b0:28:32:dd:0b:60:da:f9:2c:b9:75:8a:5c:30:
                    e3:93:5f:b3:9b:15:de:ff:3b:e0:2c:01:b5:3e:90:
                    de:53:04:c8:f5:a3:e2:70:cc:5e:fa:e2:f0:12:19:
                    53:0f:b2:ba:3c:07:eb:1b:52:d0:48:04:1e:f4:b9:
                    9b:6c:b6:36:f6:ff:26:b0:4c:08:e8:2a:e4:d1:1a:
                    43:12:91:8b:ef:9e:fb:e4:13:b0:59:34:1d:0c:00:
                    de:84:6e:21:14:5d:0f:99:17:73:d8:9f:5c:cd:75:
                    30:1d:f8:8f:c3:59:26:dd:ae:1f:0e:bc:93:85:ca:
                    33:c0:4c:49:d4:ad:d5:d8:f8:07:6e:5a:7d:dc:c4:
                    6e:56:ca:b6:a2:10:79:01:92:70:b7:84:0d:d8:53:
                    a4:1c:08:25:60:5e:2c:55:0f:3c:c3:f1:bd:ec:46:
                    b4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:75:0C:9C:CB:50:25:2B:C7:BA:06:E4:0B:0A:7C:26:11:2A:C2:9D
            X509v3 Authority Key Identifier:
                keyid:EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:2f:dc:d9:98:87:fb:8d:e9:af:b8:8f:8f:d4:ce:a4:39:51:
         fa:62:70:20:3d:9c:66:1e:39:61:54:77:50:a9:1d:b9:da:80:
         c2:21:db:64:c6:cc:d3:9d:d9:8c:91:0c:fb:c6:bd:42:f4:99:
         d7:09:aa:f9:7c:de:0e:7b:00:6f:8d:cb:02:1b:13:1f:bb:ea:
         eb:d3:91:74:03:99:13:63:bc:1b:92:6f:1f:a8:c7:8e:9d:b8:
         25:e9:e4:f7:ff:b0:52:96:79:de:5f:77:d2:17:1e:16:46:e6:
         37:d9:bf:a8:44:08:32:44:ea:d1:c2:70:a5:df:09:00:f1:14:
         bf:09:73:c4:98:22:10:51:89:21:8d:e5:cf:0a:ec:35:21:84:
         25:ee:5f:83:52:06:cc:9f:d2:6f:86:9f:5d:87:96:21:70:5e:
         d3:1e:88:87:16:62:cd:28:58:1e:a4:3f:f0:ea:02:c6:eb:08:
         cc:ce:9b:ab:2f:6c:9d:6e:8a:36:ac:4e:37:f6:17:bb:28:79:
         14:c5:95:62:d3:f6:94:22:21:88:a0:63:bb:54:97:15:ce:14:
         c4:52:f2:f9:d1:b6:45:35:ca:58:d2:71:e4:25:8c:f6:fb:d4:
         7b:6e:b2:6f:c8:b9:a0:1f:cc:1d:44:d4:72:79:e8:96:ff:82:
         91:0d:3a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjR/HhCq5T7KeWKR6DydeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMDYyMWE0YTcyYzcyNWFmYzc1NDE1ZThmOGFjZjc1MzNk
NDIwN2QwHhcNMjUwNjA3MDQwMTM3WhcNMjUwNjA4MDQwMTM3WjAzMTEwLwYDVQQD
Eyg0ZDc1MGM5Y2NiNTAyNTJiYzdiYTA2ZTQwYjBhN2MyNjExMmFjMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug8Tka619Ttzn57EwpioD0sPWovj
hK/HYO24BU0uBzWNtc6UnJdC3L8pTALT/tdDVBuusaWEXkss+P5e8Rqu3h3mvbxQ
1mE8YgISb0JepyTncNVDb8eAeb+ssCgy3Qtg2vksuXWKXDDjk1+zmxXe/zvgLAG1
PpDeUwTI9aPicMxe+uLwEhlTD7K6PAfrG1LQSAQe9LmbbLY29v8msEwI6Crk0RpD
EpGL75775BOwWTQdDADehG4hFF0PmRdz2J9czXUwHfiPw1km3a4fDryThcozwExJ
1K3V2PgHblp93MRuVsq2ohB5AZJwt4QN2FOkHAglYF4sVQ88w/G97Ea0cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE11DJzLUCUrx7oG5AsKfCYRKsKdMB8GA1UdIwQY
MBaAFOoGIaSnLHJa/HVBXo+Kz3Uz1CB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMt
YzM4NGQ4YmMzYmVmLzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMtYzM4NGQ4YmMzYmVm
LzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjC/c2ZiH
+43pr7iPj9TOpDlR+mJwID2cZh45YVR3UKkdudqAwiHbZMbM053ZjJEM+8a9QvSZ
1wmq+XzeDnsAb43LAhsTH7vq69ORdAOZE2O8G5JvH6jHjp24Jenk9/+wUpZ53l93
0hceFkbmN9m/qEQIMkTq0cJwpd8JAPEUvwlzxJgiEFGJIY3lzwrsNSGEJe5fg1IG
zJ/Sb4afXYeWIXBe0x6IhxZizShYHqQ/8OoCxusIzM6bqy9snW6KNqxON/YXuyh5
FMWVYtP2lCIhiKBju1SXFc4UxFLy+dG2RTXKWNJx5CWM9vvUe26yb8i5oB/MHUTU
cnnolv+CkQ06Kg==
-----END CERTIFICATE-----