Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          vxSdi0bt4/tR5f91YezFvzGksEmj69jwWkOFVB+2T6Y=
Subject key identifier:   E2:33:C0:0D:6E:40:4A:7F:55:3B:BD:D0:8B:0D:ED:8E:C8:D8:9B:FF
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       019771F654E5A4C2D0393FCC4E3EC496142C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          143D
Signing time:             Sun 15 Jun 2025 05:00:58 +0000
Manifest this update:     Sun 15 Jun 2025 05:00:58 +0000
Manifest next update:     Mon 16 Jun 2025 05:00:58 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: xbFYDgFbslMvS3I5D8/kQolt38TO7NtOclgxYa3Vx1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:f6:54:e5:a4:c2:d0:39:3f:cc:4e:3e:c4:96:14:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Jun 15 05:00:58 2025 GMT
            Not After : Jun 16 05:00:58 2025 GMT
        Subject: CN=e233c00d6e404a7f553bbdd08b0ded8ec8d89bff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:79:04:71:9f:f0:24:96:c8:68:68:81:81:36:
                    22:08:a5:99:95:bc:12:3b:8b:49:f7:b7:06:8b:99:
                    d8:42:ad:d6:70:e3:36:d8:62:03:49:50:b8:d7:b5:
                    6b:3d:bc:2a:df:74:e4:39:f4:a1:ad:11:fd:79:66:
                    16:89:7b:9f:34:09:82:20:4c:05:13:a1:62:e5:a7:
                    de:12:e1:9e:33:9e:42:d2:ab:63:ce:84:ba:cb:2e:
                    6a:0e:87:15:c6:ef:ef:55:43:96:44:95:65:59:ad:
                    b2:19:be:c9:91:7b:b5:a1:9a:d3:01:38:e6:a5:58:
                    89:c1:40:94:9e:d1:e4:82:2f:47:32:4b:66:4e:52:
                    c5:e6:1f:87:0e:c4:c2:64:16:92:9a:af:81:a1:d9:
                    bb:8a:26:4f:cc:0e:1d:4a:9a:5a:45:67:33:c4:b3:
                    9b:dc:15:c2:17:64:fc:9c:e9:6c:4e:9a:6d:76:64:
                    9f:27:db:6a:31:0e:78:6e:62:89:aa:31:bb:e9:ec:
                    af:3c:5c:a7:12:11:04:49:c0:f4:95:06:bd:41:15:
                    84:e1:f7:03:b2:a3:91:40:42:1e:01:7b:81:2e:3b:
                    f6:70:40:57:09:f4:ee:fa:7b:db:c5:c8:ae:b8:48:
                    0f:db:56:a4:fe:62:73:04:8f:23:8b:68:71:40:91:
                    ba:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:33:C0:0D:6E:40:4A:7F:55:3B:BD:D0:8B:0D:ED:8E:C8:D8:9B:FF
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:2d:3c:ce:2a:c4:67:bd:3b:7e:41:f5:03:ac:bb:a9:81:43:
         ad:b5:07:40:80:f4:2c:d6:1f:d1:af:6b:d5:b7:db:b7:1a:cc:
         75:f9:4e:49:62:e3:fb:c4:76:9b:43:4f:6f:6b:0c:7f:2a:c7:
         37:2a:f3:73:8e:4f:64:e4:dd:96:34:e0:83:0d:34:c4:ba:7b:
         4a:26:6a:5d:fe:04:5e:36:1f:c4:6e:c3:c2:a4:f4:9a:ea:d4:
         9a:24:c4:77:0c:55:45:49:a9:3d:a9:73:97:7c:9a:cf:5b:da:
         09:79:c6:7a:67:9a:c3:16:94:5f:a9:7c:80:11:88:78:b0:c7:
         4f:7c:12:e0:ad:16:b3:b9:dd:ad:ad:d4:7b:c7:c5:fb:1c:44:
         7a:4d:84:8e:75:de:28:0b:94:7d:67:66:3b:c9:b0:09:74:37:
         3a:61:2f:84:bd:68:fb:3c:b1:f4:57:57:1e:a1:9e:c2:be:27:
         e1:7d:b0:12:51:81:86:29:7c:eb:2f:9a:82:39:50:30:ae:20:
         15:22:b2:82:6a:e9:48:9c:4b:4b:84:87:98:b9:08:85:c5:eb:
         07:f0:81:62:de:d3:08:fd:d7:aa:0b:e3:c6:6b:cf:ed:0d:0d:
         2a:e8:11:d0:91:a0:e5:84:05:62:96:e8:95:d2:3e:b2:1c:5b:
         1d:ae:5b:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdx9lTlpMLQOT/MTj7ElhQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUwNjE1MDUwMDU4WhcNMjUwNjE2MDUwMDU4WjAzMTEwLwYDVQQD
EyhlMjMzYzAwZDZlNDA0YTdmNTUzYmJkZDA4YjBkZWQ4ZWM4ZDg5YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XkEcZ/wJJbIaGiBgTYiCKWZlbwS
O4tJ97cGi5nYQq3WcOM22GIDSVC417VrPbwq33TkOfShrRH9eWYWiXufNAmCIEwF
E6Fi5afeEuGeM55C0qtjzoS6yy5qDocVxu/vVUOWRJVlWa2yGb7JkXu1oZrTATjm
pViJwUCUntHkgi9HMktmTlLF5h+HDsTCZBaSmq+Bodm7iiZPzA4dSppaRWczxLOb
3BXCF2T8nOlsTpptdmSfJ9tqMQ54bmKJqjG76eyvPFynEhEEScD0lQa9QRWE4fcD
sqORQEIeAXuBLjv2cEBXCfTu+nvbxciuuEgP21ak/mJzBI8ji2hxQJG6NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIzwA1uQEp/VTu90IsN7Y7I2Jv/MB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjy08zirE
Z707fkH1A6y7qYFDrbUHQID0LNYf0a9r1bfbtxrMdflOSWLj+8R2m0NPb2sMfyrH
Nyrzc45PZOTdljTggw00xLp7SiZqXf4EXjYfxG7DwqT0murUmiTEdwxVRUmpPalz
l3yaz1vaCXnGemeawxaUX6l8gBGIeLDHT3wS4K0Ws7ndra3Ue8fF+xxEek2EjnXe
KAuUfWdmO8mwCXQ3OmEvhL1o+zyx9FdXHqGewr4n4X2wElGBhil86y+agjlQMK4g
FSKygmrpSJxLS4SHmLkIhcXrB/CBYt7TCP3XqgvjxmvP7Q0NKugR0JGg5YQFYpbo
ldI+shxbHa5b8g==
-----END CERTIFICATE-----