Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          mdAYUeL531zutB5+XZCpxQW9xuVduO7V8e2linBmD3Q=
Subject key identifier:   5B:B7:03:E9:F8:C8:DE:91:B9:0E:12:AE:4E:D0:29:C4:36:7F:A0:85
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       01974C68FAF460A7EBB0CE2824938F3EE022
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          70
Signing time:             Sat 07 Jun 2025 22:00:37 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:37 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:37 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: C3NAe2iRslhTGjXL8kayhVi7248UrEUZqDJHoE7zv5s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:fa:f4:60:a7:eb:b0:ce:28:24:93:8f:3e:e0:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Jun  7 22:00:37 2025 GMT
            Not After : Jun  8 22:00:37 2025 GMT
        Subject: CN=5bb703e9f8c8de91b90e12ae4ed029c4367fa085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b3:a4:c3:7d:1e:93:26:26:20:8b:17:2a:c5:
                    87:63:79:9a:5b:59:03:f9:33:75:17:e3:89:51:d2:
                    f6:ad:b3:36:9c:55:f7:42:cf:b9:d9:cc:e6:e1:17:
                    ba:0d:51:07:86:b0:a9:86:30:cd:b3:35:2c:d7:c9:
                    9d:2e:98:f4:7f:e3:3b:53:3a:d2:fe:96:62:ad:40:
                    9e:6c:55:22:86:9b:c2:7f:e9:66:44:c5:a9:c4:fe:
                    c3:fd:aa:c3:07:c0:4f:5f:c9:e8:94:08:fd:7c:cc:
                    89:15:7c:50:43:72:de:cc:c8:8f:7e:38:88:43:b5:
                    7c:f2:aa:12:28:9a:bd:f1:00:25:b9:64:48:e2:9b:
                    5f:2d:a3:7d:bd:d5:71:e2:22:85:f8:d1:2c:b5:a9:
                    51:0c:f1:10:f9:f7:f4:59:1b:dd:b2:4a:af:40:4c:
                    20:84:e8:2b:a1:e5:13:0f:5a:b6:56:b8:6f:3d:39:
                    e0:bb:01:e4:f2:76:91:d6:85:b1:17:17:58:96:26:
                    23:17:89:97:bb:f3:da:ff:38:90:f0:08:64:8e:63:
                    1d:52:b1:99:52:bf:b8:5f:32:72:c3:c7:1d:d3:80:
                    21:ef:ef:b1:31:04:27:0d:7d:c7:39:3e:60:e8:e9:
                    16:5c:f2:03:74:9f:28:34:4b:1f:4e:f7:5b:70:c0:
                    5c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:B7:03:E9:F8:C8:DE:91:B9:0E:12:AE:4E:D0:29:C4:36:7F:A0:85
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:30:d7:2b:99:3c:ab:8a:ab:22:ee:8f:5f:54:7e:ee:62:3c:
         7f:10:96:ab:5c:f2:79:17:dd:b4:ce:79:94:9c:d4:13:8f:d5:
         d9:dc:0b:ee:c0:27:de:cc:a7:ae:fe:d8:b4:03:26:ab:30:6c:
         e4:be:f2:89:be:49:82:6e:fa:16:67:e9:94:ff:86:a7:5e:ed:
         5c:04:6b:75:cf:81:72:dc:65:3e:2a:4b:ef:57:c0:7a:2b:37:
         3b:36:f6:21:dd:12:bc:80:54:bb:c9:bb:51:5a:e4:b2:25:fa:
         09:27:4d:3d:89:90:1e:a2:ce:1a:df:06:18:fb:b9:5c:3d:0b:
         89:39:32:11:10:f7:88:81:ab:67:ca:2c:68:b2:64:8f:57:63:
         df:6c:7f:62:b6:4a:65:99:a9:1c:54:a7:01:67:bd:b3:be:c1:
         7f:1e:a7:71:ee:6e:68:72:bf:3d:b2:d2:f6:3e:81:2a:68:e9:
         f9:bc:ea:05:49:59:cf:9f:d2:8f:e7:4d:77:63:7a:59:c6:d9:
         05:de:b1:f3:de:03:c9:a7:e7:66:ce:18:5a:a0:50:76:85:e5:
         cf:f6:4b:73:3c:dd:c0:f9:b0:af:62:12:ba:9c:44:fa:2b:3c:
         dd:d4:aa:00:b5:8f:6e:88:c6:2f:28:29:49:6b:fe:23:d0:e3:
         d4:ee:95:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaPr0YKfrsM4oJJOPPuAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwNjA3MjIwMDM3WhcNMjUwNjA4MjIwMDM3WjAzMTEwLwYDVQQD
Eyg1YmI3MDNlOWY4YzhkZTkxYjkwZTEyYWU0ZWQwMjljNDM2N2ZhMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLOkw30ekyYmIIsXKsWHY3maW1kD
+TN1F+OJUdL2rbM2nFX3Qs+52czm4Re6DVEHhrCphjDNszUs18mdLpj0f+M7UzrS
/pZirUCebFUihpvCf+lmRMWpxP7D/arDB8BPX8nolAj9fMyJFXxQQ3LezMiPfjiI
Q7V88qoSKJq98QAluWRI4ptfLaN9vdVx4iKF+NEstalRDPEQ+ff0WRvdskqvQEwg
hOgroeUTD1q2VrhvPTnguwHk8naR1oWxFxdYliYjF4mXu/Pa/ziQ8AhkjmMdUrGZ
Ur+4XzJyw8cd04Ah7++xMQQnDX3HOT5g6OkWXPIDdJ8oNEsfTvdbcMBcnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFu3A+n4yN6RuQ4Srk7QKcQ2f6CFMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDDXK5k8
q4qrIu6PX1R+7mI8fxCWq1zyeRfdtM55lJzUE4/V2dwL7sAn3synrv7YtAMmqzBs
5L7yib5Jgm76FmfplP+Gp17tXARrdc+BctxlPipL71fAeis3Ozb2Id0SvIBUu8m7
UVrksiX6CSdNPYmQHqLOGt8GGPu5XD0LiTkyERD3iIGrZ8osaLJkj1dj32x/YrZK
ZZmpHFSnAWe9s77Bfx6nce5uaHK/PbLS9j6BKmjp+bzqBUlZz5/Sj+dNd2N6WcbZ
Bd6x894DyafnZs4YWqBQdoXlz/ZLczzdwPmwr2ISupxE+is83dSqALWPbojGLygp
SWv+I9Dj1O6Vlg==
-----END CERTIFICATE-----