Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          16mRPdoYR+/WD8p+OzEjQ8aHeMhX/uf4c1/j5cfU5BI=
Subject key identifier:   A7:8C:5C:64:42:4B:A1:7A:A2:5B:22:F9:22:5B:DA:74:E4:F1:8E:F4
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       01976A73231E8716378AECBC0E61A24141C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          1C
Signing time:             Fri 13 Jun 2025 18:00:19 +0000
Manifest this update:     Fri 13 Jun 2025 18:00:19 +0000
Manifest next update:     Sat 14 Jun 2025 18:00:19 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: GMrXv0y/clpnM1NrzJDgix8YZIKg/uQGwb9xaJEPa48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:73:23:1e:87:16:37:8a:ec:bc:0e:61:a2:41:41:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Jun 13 18:00:19 2025 GMT
            Not After : Jun 14 18:00:19 2025 GMT
        Subject: CN=a78c5c64424ba17aa25b22f9225bda74e4f18ef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:da:21:68:6d:df:11:f3:04:b3:57:50:e7:40:
                    bf:99:c1:53:e5:be:ab:b4:bd:91:12:7d:eb:66:ef:
                    28:17:56:5b:5e:44:ef:9f:4c:ca:d1:9e:81:af:8f:
                    e2:ba:22:f7:9e:6c:32:2c:6a:c7:31:51:7c:05:37:
                    a8:1d:cb:7a:41:93:42:61:47:b4:2b:ac:df:05:2b:
                    54:46:f0:68:47:1a:b0:e7:d9:17:4a:8f:2d:3e:22:
                    4c:5f:16:0d:bc:e2:58:2c:b3:b6:0d:d0:fa:64:a1:
                    ae:82:00:35:aa:ff:32:dd:33:9b:d4:f2:6f:62:db:
                    46:e1:16:c0:d5:69:b1:19:4a:d1:33:9a:df:41:e6:
                    31:74:8f:7f:e0:e4:a3:d7:0e:8f:e0:c8:4b:54:e9:
                    13:bd:5c:19:94:53:cf:ab:9d:3d:6b:8a:13:00:75:
                    f4:47:0e:70:fc:12:ad:d2:13:9d:73:d8:d5:6d:c7:
                    4b:5a:14:0c:b9:a4:0a:43:c0:d0:aa:db:ff:d2:03:
                    39:4e:20:dd:a2:39:50:22:56:1f:bc:25:2d:7b:cd:
                    cd:ba:83:0d:a6:5d:31:b7:14:cd:9b:5c:3b:b0:ad:
                    6d:2c:48:63:83:cb:f6:f8:e2:1e:49:c6:6e:ab:28:
                    8e:fe:25:92:a0:70:1a:79:9a:2b:31:58:76:e9:a1:
                    87:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:8C:5C:64:42:4B:A1:7A:A2:5B:22:F9:22:5B:DA:74:E4:F1:8E:F4
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:35:94:63:28:1e:d5:a4:90:4b:b7:9f:4c:22:98:b7:e4:6d:
         52:65:ba:0a:f6:a3:09:c4:9d:0b:b7:cd:e0:25:08:ed:f5:82:
         7a:e8:e1:2d:af:16:21:db:78:28:62:b6:d2:7a:d6:8f:a3:16:
         95:f2:6f:74:a4:00:de:1c:23:f5:a5:69:b8:3f:36:9c:f5:eb:
         80:da:ed:32:06:03:18:59:ba:4c:af:b3:87:1f:57:65:5f:26:
         9b:ce:73:e6:f7:7a:12:ea:1f:bb:6e:d5:d7:71:9a:f9:0a:8c:
         34:f3:fd:2f:bd:d7:9f:dc:fc:ce:03:8f:a6:12:25:fa:41:6e:
         30:de:79:ce:83:59:f5:7a:4c:7a:85:ed:5e:9c:e2:92:41:d4:
         b2:90:68:7c:19:5e:52:1b:d0:c5:5f:51:6a:b7:43:c4:1c:c7:
         93:9a:45:91:11:dc:65:86:b5:59:81:cd:1f:f3:20:fc:b0:11:
         bb:73:ee:e1:52:67:e3:5c:b4:46:04:d4:f3:c9:78:31:e9:92:
         56:29:82:a8:0a:7d:a5:89:ff:ad:9e:f5:6f:ce:66:12:dc:08:
         10:07:78:79:c7:06:c6:36:9b:89:58:53:80:0d:bf:53:ea:5a:
         a4:68:94:4e:45:8a:75:e4:03:ca:f8:34:e3:2d:0d:b3:6e:20:
         64:a8:1f:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqcyMehxY3iuy8DmGiQUHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwNjEzMTgwMDE5WhcNMjUwNjE0MTgwMDE5WjAzMTEwLwYDVQQD
EyhhNzhjNWM2NDQyNGJhMTdhYTI1YjIyZjkyMjViZGE3NGU0ZjE4ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dohaG3fEfMEs1dQ50C/mcFT5b6r
tL2REn3rZu8oF1ZbXkTvn0zK0Z6Br4/iuiL3nmwyLGrHMVF8BTeoHct6QZNCYUe0
K6zfBStURvBoRxqw59kXSo8tPiJMXxYNvOJYLLO2DdD6ZKGuggA1qv8y3TOb1PJv
YttG4RbA1WmxGUrRM5rfQeYxdI9/4OSj1w6P4MhLVOkTvVwZlFPPq509a4oTAHX0
Rw5w/BKt0hOdc9jVbcdLWhQMuaQKQ8DQqtv/0gM5TiDdojlQIlYfvCUte83NuoMN
pl0xtxTNm1w7sK1tLEhjg8v2+OIeScZuqyiO/iWSoHAaeZorMVh26aGHPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKeMXGRCS6F6olsi+SJb2nTk8Y70MB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyzWUYyge
1aSQS7efTCKYt+RtUmW6CvajCcSdC7fN4CUI7fWCeujhLa8WIdt4KGK20nrWj6MW
lfJvdKQA3hwj9aVpuD82nPXrgNrtMgYDGFm6TK+zhx9XZV8mm85z5vd6Euofu27V
13Ga+QqMNPP9L73Xn9z8zgOPphIl+kFuMN55zoNZ9XpMeoXtXpzikkHUspBofBle
UhvQxV9RardDxBzHk5pFkRHcZYa1WYHNH/Mg/LARu3Pu4VJn41y0RgTU88l4MemS
VimCqAp9pYn/rZ71b85mEtwIEAd4eccGxjabiVhTgA2/U+papGiUTkWKdeQDyvg0
4y0Ns24gZKgf2g==
-----END CERTIFICATE-----