Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
File:                     mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json)
Hash identifier:          LKt6aRSmXWY0KjE8Qs344ZQ7gH3QZ1H46EDMVqKOwQU=
Subject key identifier:   27:1A:5B:49:D6:1C:CF:9C:2B:08:E2:A6:C7:63:64:4E:F4:69:51:1A
Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF
Certificate issuer:       /CN=99715406e7217bfc13812a4704c62ae099e7c8ff
Certificate serial:       019749D64D2435DE648305D98B6BF14C4F63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
Manifest number:          029A
Signing time:             Sat 07 Jun 2025 10:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:10 +0000
Files and hashes:         1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: LSb3coH6sdW5xGEnEZNxe0ivXOGzVTM3uPYocLh1MMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:4d:24:35:de:64:83:05:d9:8b:6b:f1:4c:4f:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff
        Validity
            Not Before: Jun  7 10:01:10 2025 GMT
            Not After : Jun  8 10:01:10 2025 GMT
        Subject: CN=271a5b49d61ccf9c2b08e2a6c763644ef469511a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:87:bc:bc:ee:a9:9c:5b:f6:76:7f:e1:04:fe:
                    61:1a:00:37:b8:90:91:c3:7f:df:0e:1a:54:7f:1b:
                    83:fd:ad:26:70:75:5d:fb:b1:90:99:b1:d4:36:c4:
                    c1:d5:59:73:59:d8:60:d5:39:bf:f8:ed:d1:f8:2f:
                    ef:62:ae:6a:66:e0:d6:ff:44:87:37:23:88:3f:fa:
                    e9:75:f1:a1:1b:ad:ab:e0:e4:01:f0:87:17:2c:ec:
                    07:5d:9e:de:9c:3c:65:22:ba:d2:7c:ec:7d:1b:6a:
                    19:f1:be:05:ae:f2:7b:19:04:20:c8:56:f4:48:ef:
                    6e:03:f6:1a:4d:ff:03:c2:bf:54:06:08:a6:a0:52:
                    32:ca:d1:2a:29:f6:9a:39:62:9a:a6:0b:32:ca:24:
                    2e:f3:4d:bb:46:ab:1f:3a:94:9c:a2:48:4c:b7:56:
                    10:24:46:b5:18:83:d0:20:4a:18:90:65:9d:b1:2f:
                    6b:d9:d2:bf:3c:0f:ad:3f:92:50:e7:b1:83:33:07:
                    73:7f:a6:99:d4:63:35:fc:10:a8:65:49:cd:bd:17:
                    cf:4d:5e:ee:46:c4:6d:5c:ee:da:85:1c:67:8f:ac:
                    bc:b8:04:c8:70:e3:fc:df:39:7d:0b:3d:88:c9:3c:
                    a3:7a:2f:d0:98:ad:af:a7:91:56:70:c6:4a:25:bd:
                    df:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:1A:5B:49:D6:1C:CF:9C:2B:08:E2:A6:C7:63:64:4E:F4:69:51:1A
            X509v3 Authority Key Identifier:
                keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:fb:ad:c3:2f:96:be:0d:20:89:8f:cf:a6:3f:1d:91:a0:c4:
         4a:23:dd:89:fd:9a:33:24:31:7e:c6:0e:d0:0c:25:7e:3c:6c:
         d0:1b:c0:b4:b9:7e:ce:da:52:de:47:42:af:8a:38:1c:7b:2c:
         8c:cc:b2:5f:81:2e:0a:47:f3:93:d6:32:19:53:f2:f4:35:ba:
         01:e4:cf:03:96:88:94:bf:0e:cc:6f:e2:f3:19:ee:c7:9c:8d:
         a4:ee:bb:2a:e0:4e:b3:fa:eb:54:33:7f:53:d6:d6:06:45:b8:
         60:8f:67:a3:8f:d1:f6:2e:e1:0b:1f:33:f6:8a:7c:8b:d2:4c:
         2e:0a:c9:c9:77:65:2a:b1:61:5b:76:19:cd:ec:73:83:54:59:
         86:6a:06:b6:6c:85:0c:cf:fa:bb:dc:22:84:f8:72:93:20:e9:
         3c:10:c7:95:b0:99:3e:55:19:6e:13:69:97:4d:3b:83:22:e5:
         bc:5b:f3:0c:16:a1:79:6d:7d:e6:26:29:69:4a:f3:7e:ef:18:
         59:65:8f:2d:73:bd:70:61:97:e9:ef:b6:de:0d:c2:55:d0:22:
         b5:df:33:30:d4:ab:73:b8:24:3a:7d:d4:59:71:a8:e6:4c:88:
         e6:8c:c3:c2:9e:d1:c5:60:3f:65:66:59:78:fd:1e:ca:46:a2:
         6f:48:08:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1k0kNd5kgwXZi2vxTE9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll
N2M4ZmYwHhcNMjUwNjA3MTAwMTEwWhcNMjUwNjA4MTAwMTEwWjAzMTEwLwYDVQQD
EygyNzFhNWI0OWQ2MWNjZjljMmIwOGUyYTZjNzYzNjQ0ZWY0Njk1MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIe8vO6pnFv2dn/hBP5hGgA3uJCR
w3/fDhpUfxuD/a0mcHVd+7GQmbHUNsTB1VlzWdhg1Tm/+O3R+C/vYq5qZuDW/0SH
NyOIP/rpdfGhG62r4OQB8IcXLOwHXZ7enDxlIrrSfOx9G2oZ8b4FrvJ7GQQgyFb0
SO9uA/YaTf8Dwr9UBgimoFIyytEqKfaaOWKapgsyyiQu8027RqsfOpScokhMt1YQ
JEa1GIPQIEoYkGWdsS9r2dK/PA+tP5JQ57GDMwdzf6aZ1GM1/BCoZUnNvRfPTV7u
RsRtXO7ahRxnj6y8uATIcOP83zl9Cz2IyTyjei/QmK2vp5FWcMZKJb3fSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcaW0nWHM+cKwjipsdjZE70aVEaMB8GA1UdIwQY
MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt
MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk
LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPutwy+W
vg0giY/Ppj8dkaDESiPdif2aMyQxfsYO0Awlfjxs0BvAtLl+ztpS3kdCr4o4HHss
jMyyX4EuCkfzk9YyGVPy9DW6AeTPA5aIlL8OzG/i8xnux5yNpO67KuBOs/rrVDN/
U9bWBkW4YI9no4/R9i7hCx8z9op8i9JMLgrJyXdlKrFhW3YZzexzg1RZhmoGtmyF
DM/6u9wihPhykyDpPBDHlbCZPlUZbhNpl007gyLlvFvzDBaheW195iYpaUrzfu8Y
WWWPLXO9cGGX6e+23g3CVdAitd8zMNSrc7gkOn3UWXGo5kyI5ozDwp7RxWA/ZWZZ
eP0eykaib0gI/Q==
-----END CERTIFICATE-----