Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
File:                     do5xE0z2ctauj2b8RNW-5iTNAqM.mft (raw, json)
Hash identifier:          lPQxQTqgLciwJi7yF45feX83AGyahiSA2TUADW5K1fk=
Subject key identifier:   75:3E:EC:EB:D2:35:75:7F:C7:97:9A:39:4A:27:D8:49:E6:9E:63:F8
Authority key identifier: 76:8E:71:13:4C:F6:72:D6:AE:8F:66:FC:44:D5:BE:E6:24:CD:02:A3
Certificate issuer:       /CN=768e71134cf672d6ae8f66fc44d5bee624cd02a3
Certificate serial:       0197D85108C0F2A6C290D2A11707D8BE8AAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
Manifest number:          061A
Signing time:             Sat 05 Jul 2025 02:01:18 +0000
Manifest this update:     Sat 05 Jul 2025 02:01:18 +0000
Manifest next update:     Sun 06 Jul 2025 02:01:18 +0000
Files and hashes:         1: do5xE0z2ctauj2b8RNW-5iTNAqM.crl (hash: hV9AAIgDsmgEs04Yg9IwknWdNOAG8+fQEj2IuyJntJU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d8:51:08:c0:f2:a6:c2:90:d2:a1:17:07:d8:be:8a:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=768e71134cf672d6ae8f66fc44d5bee624cd02a3
        Validity
            Not Before: Jul  5 02:01:18 2025 GMT
            Not After : Jul  6 02:01:18 2025 GMT
        Subject: CN=753eecebd235757fc7979a394a27d849e69e63f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2d:f1:f7:09:6c:4b:fe:1f:07:c5:b4:fe:ec:
                    c5:72:fe:99:6d:3c:d0:fd:67:a8:ec:e3:60:46:08:
                    5c:58:c8:f5:65:65:fb:a2:08:fb:f8:90:6d:51:ac:
                    b3:b4:09:c2:03:4d:dc:24:70:3c:70:27:2e:3b:b1:
                    d3:0e:0d:90:73:08:a0:93:0f:9f:80:1f:e8:f5:b7:
                    ce:45:2c:94:5b:a9:b1:93:87:07:76:a0:4b:c5:0c:
                    c8:74:33:51:2f:1e:fc:10:9a:e0:a1:e8:4d:24:a8:
                    b0:74:c1:0c:6e:ef:b9:ca:e9:78:eb:77:df:a8:c3:
                    bc:49:e6:2d:8a:55:9d:8d:f4:d4:fd:1d:f9:1f:d7:
                    d3:75:56:1f:ec:1b:00:eb:98:70:58:30:5a:81:8c:
                    73:ae:20:15:cb:eb:8c:9f:fd:a8:e7:25:b4:dd:19:
                    b9:a2:e8:3a:a6:bf:48:43:8c:fd:c0:ab:97:ea:59:
                    b1:87:38:14:06:14:a6:c4:1b:32:e5:58:11:d7:d6:
                    24:79:26:02:05:f3:f0:90:ec:76:7b:44:a7:6d:a4:
                    06:71:84:9a:84:a5:40:b1:43:c2:26:b9:fa:87:61:
                    03:89:e3:e5:37:ec:a3:ad:0b:bb:0b:82:6e:01:c4:
                    a0:25:b7:af:6e:b2:ad:36:62:7c:a7:82:c6:6e:86:
                    65:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:3E:EC:EB:D2:35:75:7F:C7:97:9A:39:4A:27:D8:49:E6:9E:63:F8
            X509v3 Authority Key Identifier:
                keyid:76:8E:71:13:4C:F6:72:D6:AE:8F:66:FC:44:D5:BE:E6:24:CD:02:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do5xE0z2ctauj2b8RNW-5iTNAqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ab82a4-5a72-45a7-96fd-9480b1633f9c/1/do5xE0z2ctauj2b8RNW-5iTNAqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:33:bc:99:c2:f9:1f:4a:7a:21:e4:8e:93:17:63:11:84:18:
         07:fe:4a:e0:7c:46:16:86:2d:80:70:4c:f8:7e:e5:2c:26:bc:
         22:97:b2:8b:87:f7:94:af:60:08:6c:92:62:ce:ae:a0:4a:5c:
         3f:f2:a7:cc:36:bd:9d:63:fc:86:7f:42:33:1c:f5:c3:8f:bb:
         25:98:95:19:67:de:c3:48:52:e8:ce:06:00:e5:5f:68:43:c7:
         92:4b:ff:97:6e:a4:4a:b3:33:b0:1d:62:39:ad:6a:a3:a9:22:
         bf:2c:a4:27:d2:c8:3b:cc:3f:b2:fc:a9:56:3e:bc:59:55:97:
         fb:6c:11:a1:0b:5c:a8:18:11:43:ee:81:21:02:ae:c8:4b:18:
         e1:50:e5:bc:eb:2b:d4:57:60:fb:f3:4d:c1:cb:17:08:c4:35:
         11:44:69:b9:1c:8f:d0:ce:b7:c8:5d:6e:9b:a3:81:a6:01:be:
         58:68:c1:59:0f:f1:67:eb:70:41:c8:ed:e3:b9:71:9b:63:25:
         e8:58:3f:6e:89:38:06:02:e9:94:e0:1c:d2:79:bf:31:43:03:
         ec:c4:77:2b:ca:d1:42:b2:db:64:85:aa:53:1e:d4:91:0b:82:
         9e:25:5f:4f:82:d4:07:7a:29:6b:17:cd:c0:72:47:3f:e8:dd:
         42:8a:76:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfYUQjA8qbCkNKhFwfYvoqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGU3MTEzNGNmNjcyZDZhZThmNjZmYzQ0ZDViZWU2MjRj
ZDAyYTMwHhcNMjUwNzA1MDIwMTE4WhcNMjUwNzA2MDIwMTE4WjAzMTEwLwYDVQQD
Eyg3NTNlZWNlYmQyMzU3NTdmYzc5NzlhMzk0YTI3ZDg0OWU2OWU2M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S3x9wlsS/4fB8W0/uzFcv6ZbTzQ
/Weo7ONgRghcWMj1ZWX7ogj7+JBtUayztAnCA03cJHA8cCcuO7HTDg2Qcwigkw+f
gB/o9bfORSyUW6mxk4cHdqBLxQzIdDNRLx78EJrgoehNJKiwdMEMbu+5yul463ff
qMO8SeYtilWdjfTU/R35H9fTdVYf7BsA65hwWDBagYxzriAVy+uMn/2o5yW03Rm5
oug6pr9IQ4z9wKuX6lmxhzgUBhSmxBsy5VgR19YkeSYCBfPwkOx2e0SnbaQGcYSa
hKVAsUPCJrn6h2EDiePlN+yjrQu7C4JuAcSgJbevbrKtNmJ8p4LGboZlKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU+7OvSNXV/x5eaOUon2EnmnmP4MB8GA1UdIwQY
MBaAFHaOcRNM9nLWro9m/ETVvuYkzQKjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hYjgyYTQtNWE3Mi00NWE3LTk2ZmQt
OTQ4MGIxNjMzZjljLzEvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hYjgyYTQtNWE3Mi00NWE3LTk2ZmQtOTQ4MGIxNjMzZjlj
LzEvZG81eEUwejJjdGF1ajJiOFJOVy01aVROQXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDO8mcL5
H0p6IeSOkxdjEYQYB/5K4HxGFoYtgHBM+H7lLCa8Ipeyi4f3lK9gCGySYs6uoEpc
P/KnzDa9nWP8hn9CMxz1w4+7JZiVGWfew0hS6M4GAOVfaEPHkkv/l26kSrMzsB1i
Oa1qo6kivyykJ9LIO8w/svypVj68WVWX+2wRoQtcqBgRQ+6BIQKuyEsY4VDlvOsr
1Fdg+/NNwcsXCMQ1EURpuRyP0M63yF1um6OBpgG+WGjBWQ/xZ+twQcjt47lxm2Ml
6Fg/bok4BgLplOAc0nm/MUMD7MR3K8rRQrLbZIWqUx7UkQuCniVfT4LUB3opaxfN
wHJHP+jdQop2LA==
-----END CERTIFICATE-----