Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          ViqYZ1Xxm3KlvigbPo+yrdNw3x/PFGkcfe4XQz3Ql7U=
Subject key identifier:   01:AF:E8:99:55:02:29:14:5F:A9:24:95:C1:6A:DF:32:61:30:DC:1D
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       0197458B20E449075292E1F35A015D4A1B20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          0615
Signing time:             Fri 06 Jun 2025 14:00:34 +0000
Manifest this update:     Fri 06 Jun 2025 14:00:34 +0000
Manifest next update:     Sat 07 Jun 2025 14:00:34 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: 2hQGYb17Mt9Ol1UPMXZnM10Smb2EAvjz31u84DXos/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:8b:20:e4:49:07:52:92:e1:f3:5a:01:5d:4a:1b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Jun  6 14:00:34 2025 GMT
            Not After : Jun  7 14:00:34 2025 GMT
        Subject: CN=01afe899550229145fa92495c16adf326130dc1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ed:25:e8:18:dc:25:e7:ff:f5:b5:f2:99:40:
                    85:6e:6d:e4:c7:32:16:7a:74:38:49:4e:d6:27:47:
                    77:94:77:c1:d6:97:5c:66:75:fe:35:1f:d5:53:93:
                    99:1b:28:39:85:ba:b3:22:b6:2c:a7:dc:e7:01:ce:
                    bb:15:1c:c0:c0:b6:66:c4:d9:3c:53:19:c3:48:16:
                    94:ee:f9:67:40:6b:9f:a1:79:28:09:70:33:29:c3:
                    1c:18:cd:7b:fa:32:e7:1d:4a:ca:5d:f4:74:84:a1:
                    84:03:65:79:41:43:ab:38:70:9b:c9:39:b9:e8:70:
                    45:de:9c:bb:6c:f6:75:24:a5:dd:1e:56:fa:eb:3e:
                    4a:7d:3d:29:15:6b:d5:1c:a4:a2:f8:01:43:9f:a3:
                    ce:5c:9b:65:e6:a0:9c:1a:84:c9:32:80:2e:cb:a0:
                    bc:88:78:b7:5f:33:80:0e:51:b4:df:71:c0:7f:58:
                    b0:55:9a:24:a3:74:18:d6:dc:1a:73:7c:52:f6:4b:
                    cb:c9:81:72:55:3b:2d:2f:02:5a:1d:ab:bc:65:49:
                    e2:05:44:bd:24:d8:d6:92:b5:95:43:96:02:3d:e0:
                    e2:32:58:5a:89:07:58:35:e7:0e:d0:5d:9e:b4:92:
                    c6:74:b4:e7:db:5a:97:25:31:21:92:d3:ef:ee:57:
                    92:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:AF:E8:99:55:02:29:14:5F:A9:24:95:C1:6A:DF:32:61:30:DC:1D
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:31:d0:2e:c8:23:79:65:6b:4a:1f:8d:b7:ad:7e:24:78:a0:
         cd:47:c5:6b:8e:a9:1f:b4:2a:4f:6e:3e:2d:2b:c4:e1:91:b9:
         1a:35:01:9c:4a:be:f4:c8:f6:2f:41:fe:c6:02:97:2b:e1:5d:
         bd:f5:03:a6:c4:37:1c:a2:9a:16:f2:06:d2:b3:70:21:03:f1:
         fb:03:ba:3c:c0:92:bc:f6:9a:4c:17:5b:3f:3d:73:d6:f7:5e:
         f0:43:22:cc:5d:f2:ce:b2:6b:61:31:f0:35:e2:a3:7d:be:61:
         c1:8e:f3:49:fc:32:a8:4b:18:72:a4:40:ff:e8:37:1a:fd:34:
         7c:cb:8d:45:33:6c:d3:57:a7:4b:43:d4:4e:d5:a2:de:e7:25:
         cd:1a:d9:38:af:72:61:8d:68:16:f4:ba:ac:da:67:76:40:c2:
         13:5c:95:98:d7:10:18:4f:a5:99:08:4f:8e:ed:90:29:18:62:
         00:66:28:81:0f:8f:6b:32:15:7c:bd:97:36:5e:00:4e:09:44:
         d5:7d:64:d7:91:43:c0:60:88:da:e8:74:1a:89:2f:ec:09:8a:
         c9:55:ee:fe:87:ed:c4:a2:e0:5c:48:10:41:55:da:fe:53:1b:
         a8:87:87:32:81:61:59:82:8a:48:7a:07:34:4d:5e:92:70:41:
         19:df:eb:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdFiyDkSQdSkuHzWgFdShsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNjA2MTQwMDM0WhcNMjUwNjA3MTQwMDM0WjAzMTEwLwYDVQQD
EygwMWFmZTg5OTU1MDIyOTE0NWZhOTI0OTVjMTZhZGYzMjYxMzBkYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO0l6BjcJef/9bXymUCFbm3kxzIW
enQ4SU7WJ0d3lHfB1pdcZnX+NR/VU5OZGyg5hbqzIrYsp9znAc67FRzAwLZmxNk8
UxnDSBaU7vlnQGufoXkoCXAzKcMcGM17+jLnHUrKXfR0hKGEA2V5QUOrOHCbyTm5
6HBF3py7bPZ1JKXdHlb66z5KfT0pFWvVHKSi+AFDn6POXJtl5qCcGoTJMoAuy6C8
iHi3XzOADlG033HAf1iwVZoko3QY1twac3xS9kvLyYFyVTstLwJaHau8ZUniBUS9
JNjWkrWVQ5YCPeDiMlhaiQdYNecO0F2etJLGdLTn21qXJTEhktPv7leSDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGv6JlVAikUX6kklcFq3zJhMNwdMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzHQLsgj
eWVrSh+Nt61+JHigzUfFa46pH7QqT24+LSvE4ZG5GjUBnEq+9Mj2L0H+xgKXK+Fd
vfUDpsQ3HKKaFvIG0rNwIQPx+wO6PMCSvPaaTBdbPz1z1vde8EMizF3yzrJrYTHw
NeKjfb5hwY7zSfwyqEsYcqRA/+g3Gv00fMuNRTNs01enS0PUTtWi3uclzRrZOK9y
YY1oFvS6rNpndkDCE1yVmNcQGE+lmQhPju2QKRhiAGYogQ+PazIVfL2XNl4ATglE
1X1k15FDwGCI2uh0Gokv7AmKyVXu/oftxKLgXEgQQVXa/lMbqIeHMoFhWYKKSHoH
NE1eknBBGd/rkg==
-----END CERTIFICATE-----