Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          ADqdfxtMUX3MPYL0+qiTmqwybXuGTQgxyPEL5o0ZX24=
Subject key identifier:   2C:12:C6:6B:54:8D:9F:79:24:49:77:3F:EF:3A:5A:49:21:DE:D9:39
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       01975CEF1A9BB131D6689C5369D03392EE26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          15
Signing time:             Wed 11 Jun 2025 03:01:03 +0000
Manifest this update:     Wed 11 Jun 2025 03:01:03 +0000
Manifest next update:     Thu 12 Jun 2025 03:01:03 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: 1kydvIHlE/bJSTT1mcgY20GvwmdgonHmUOUpnrvb5SI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:ef:1a:9b:b1:31:d6:68:9c:53:69:d0:33:92:ee:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Jun 11 03:01:03 2025 GMT
            Not After : Jun 12 03:01:03 2025 GMT
        Subject: CN=2c12c66b548d9f792449773fef3a5a4921ded939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d6:76:4d:b8:bb:ee:43:8f:4f:b7:63:ac:84:
                    c9:fd:20:54:25:2a:38:6b:e3:6c:5a:e6:12:0c:28:
                    03:97:c3:1a:ad:55:57:4f:62:56:da:10:53:f9:b9:
                    e6:12:b6:8f:d2:1e:32:18:5c:de:f3:25:2b:56:8f:
                    b6:18:69:ed:9d:32:32:31:1f:58:77:9f:0f:81:b3:
                    a2:52:9a:1f:d6:cc:7e:e3:2e:27:ed:c7:a1:4d:bb:
                    14:cb:98:77:8b:a1:6c:1f:d9:5f:5a:32:20:63:fe:
                    0c:74:48:93:c1:71:b2:b0:c1:39:a6:b9:ed:14:be:
                    55:59:94:13:04:1a:41:ab:0c:0f:8b:71:43:a9:ba:
                    5c:29:ee:d0:c3:7e:fb:63:e4:33:1e:b3:b4:f0:72:
                    8e:bb:5d:1b:3f:35:08:49:fc:5e:39:99:0e:2c:23:
                    ef:9f:e0:e7:8a:00:6a:a4:eb:90:2c:03:df:3a:9e:
                    74:c4:51:7c:34:3a:e1:d5:af:ff:8f:41:2d:4c:31:
                    c1:1b:fd:a5:7d:e6:c9:6b:db:07:96:79:f1:72:68:
                    57:fd:47:ba:1a:4c:9a:1f:39:51:1a:17:42:3a:ad:
                    e0:58:1b:73:5d:1f:90:d0:ec:98:67:e6:f2:fa:66:
                    5a:6e:aa:58:d6:d2:4d:50:42:2f:92:14:13:ff:e7:
                    88:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:12:C6:6B:54:8D:9F:79:24:49:77:3F:EF:3A:5A:49:21:DE:D9:39
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:d8:0d:f4:66:eb:b9:18:a5:83:30:f9:c4:39:f7:b4:ad:5f:
         2f:96:ff:b5:89:a2:b9:d3:51:17:d0:f2:02:db:ae:5d:a7:ca:
         6c:a2:56:b8:c1:e6:9e:c5:92:a6:bf:7f:1b:10:d8:62:30:4e:
         aa:09:7c:f3:c6:bd:12:6f:c5:7f:5e:2b:e6:09:9d:c5:9e:26:
         ce:c1:9a:76:f4:d3:03:36:ec:4b:0a:30:3e:27:52:4f:f3:ad:
         71:ba:33:b1:08:05:53:b3:71:6f:80:6b:a2:36:df:e6:b8:21:
         91:66:7c:f1:a4:2d:1f:5e:76:24:3d:b6:a8:88:81:2b:f1:ce:
         b5:19:71:d5:7b:44:6f:81:a8:94:40:0b:30:4a:b3:90:7d:be:
         c0:84:4e:01:03:52:e2:4e:d1:c5:70:d3:80:a6:78:e3:b0:23:
         b6:c0:50:3e:37:d4:21:57:28:62:94:cb:23:91:1a:42:b1:31:
         ba:68:ef:0e:44:0a:34:a7:6d:8f:e2:50:b7:93:6b:d5:f2:d2:
         67:c9:18:60:8e:a3:b5:11:0f:f3:97:9a:a0:e8:c6:ff:bb:50:
         84:05:cd:37:7d:76:4e:d2:cc:f2:5b:23:cc:9d:bb:d8:ab:53:
         31:0d:c1:25:a6:21:44:28:7a:67:ff:5c:08:10:a2:3d:53:7a:
         e8:9e:dc:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdc7xqbsTHWaJxTadAzku4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwNjExMDMwMTAzWhcNMjUwNjEyMDMwMTAzWjAzMTEwLwYDVQQD
EygyYzEyYzY2YjU0OGQ5Zjc5MjQ0OTc3M2ZlZjNhNWE0OTIxZGVkOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Z2Tbi77kOPT7djrITJ/SBUJSo4
a+NsWuYSDCgDl8MarVVXT2JW2hBT+bnmEraP0h4yGFze8yUrVo+2GGntnTIyMR9Y
d58PgbOiUpof1sx+4y4n7cehTbsUy5h3i6FsH9lfWjIgY/4MdEiTwXGysME5prnt
FL5VWZQTBBpBqwwPi3FDqbpcKe7Qw377Y+QzHrO08HKOu10bPzUISfxeOZkOLCPv
n+DnigBqpOuQLAPfOp50xFF8NDrh1a//j0EtTDHBG/2lfebJa9sHlnnxcmhX/Ue6
GkyaHzlRGhdCOq3gWBtzXR+Q0OyYZ+by+mZabqpY1tJNUEIvkhQT/+eI7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwSxmtUjZ95JEl3P+86Wkkh3tk5MB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtgN9Gbr
uRilgzD5xDn3tK1fL5b/tYmiudNRF9DyAtuuXafKbKJWuMHmnsWSpr9/GxDYYjBO
qgl888a9Em/Ff14r5gmdxZ4mzsGadvTTAzbsSwowPidST/OtcbozsQgFU7Nxb4Br
ojbf5rghkWZ88aQtH152JD22qIiBK/HOtRlx1XtEb4GolEALMEqzkH2+wIROAQNS
4k7RxXDTgKZ447AjtsBQPjfUIVcoYpTLI5EaQrExumjvDkQKNKdtj+JQt5Nr1fLS
Z8kYYI6jtREP85eaoOjG/7tQhAXNN312TtLM8lsjzJ272KtTMQ3BJaYhRCh6Z/9c
CBCiPVN66J7cEw==
-----END CERTIFICATE-----