Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          slLdRBK77Tx9rwOZFKphAjdgr3Ll3UuY3G//E8PWAac=
Subject key identifier:   11:1C:FF:18:51:1E:5D:80:16:F7:FB:99:92:30:E4:E9:51:98:57:BE
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       01976696DF754E3B89416E6C243B084D2063
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          1A
Signing time:             Fri 13 Jun 2025 00:00:53 +0000
Manifest this update:     Fri 13 Jun 2025 00:00:53 +0000
Manifest next update:     Sat 14 Jun 2025 00:00:53 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: 8JMa6U93ovQqn4G1JSp71FVZzz52Eqwj8+tlFJh7xcc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:96:df:75:4e:3b:89:41:6e:6c:24:3b:08:4d:20:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Jun 13 00:00:53 2025 GMT
            Not After : Jun 14 00:00:53 2025 GMT
        Subject: CN=111cff18511e5d8016f7fb999230e4e9519857be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ac:c7:0a:6b:e2:74:e3:73:8a:d8:a2:1c:f8:
                    80:0a:5d:ff:0d:fd:09:d5:24:b8:6b:c0:b6:8c:92:
                    0c:09:72:d6:a6:e7:be:93:b4:fc:b4:ef:1e:4a:4d:
                    72:04:bb:ba:10:5a:d2:ae:c5:61:15:6f:20:fc:b3:
                    15:39:a6:b9:03:ca:11:34:dd:7f:4d:1a:d4:de:4a:
                    ac:6b:95:2a:d6:e2:0a:b9:1b:b1:9b:17:5e:03:5d:
                    00:26:60:e8:7f:a3:93:b2:e4:2e:b3:73:5f:4f:98:
                    a1:a0:62:22:fb:5a:c6:7b:b8:bc:44:a3:28:3a:33:
                    cd:8d:2d:ff:50:06:8a:f7:5c:45:fe:db:5d:a7:90:
                    dd:f3:2a:69:48:29:a9:39:df:7b:f9:64:ea:b8:61:
                    36:89:1a:6f:c8:00:e8:7e:92:28:73:30:79:04:a3:
                    79:55:d6:2a:8c:94:7a:95:1f:02:14:12:9f:91:ff:
                    e6:0d:d0:0b:2f:22:95:d5:93:0c:17:8e:93:a6:d5:
                    4f:bb:b2:d3:60:3c:42:c8:6b:64:78:bf:d3:ca:68:
                    ca:10:0f:51:61:d9:2f:41:da:05:de:1d:49:0b:9a:
                    ad:7e:de:ab:6d:62:ca:1c:bf:c3:6a:af:cd:4e:0b:
                    94:59:df:e9:ae:97:ac:98:f4:f3:77:8d:a8:4a:6e:
                    e8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:1C:FF:18:51:1E:5D:80:16:F7:FB:99:92:30:E4:E9:51:98:57:BE
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:a9:4b:6e:84:e6:af:e3:bf:cb:4f:78:ac:4e:08:f6:db:08:
         4a:96:41:d1:c5:38:89:50:f9:56:29:0a:d3:21:a0:08:ea:3b:
         84:78:82:94:79:e1:b2:65:61:26:2b:22:4b:7d:76:c0:14:45:
         94:2f:a8:7a:e0:00:22:43:26:12:4e:57:50:22:af:9a:96:fc:
         60:6a:aa:31:ae:76:b5:7c:b6:4b:76:1e:8b:5d:87:e7:ab:8a:
         b1:69:eb:39:5d:9c:c9:31:44:ad:d7:ea:fc:29:6e:e0:71:93:
         c5:e2:8a:f6:d8:3a:cc:74:56:c3:7b:66:ad:68:32:42:9f:9e:
         68:ab:14:21:17:a4:4d:37:d6:8b:b1:de:5e:31:43:6e:4f:c8:
         a2:49:c2:8e:91:64:6b:a7:8d:87:86:2a:4f:c3:45:1a:6f:86:
         36:00:74:1c:ea:bf:6d:d6:9f:14:12:50:8a:32:8f:e6:39:21:
         ca:57:72:38:04:2e:d0:91:b0:3b:a5:23:3f:cd:cb:b0:3e:d3:
         89:fd:8f:e6:56:1d:aa:16:39:78:9c:50:c2:55:03:8c:f3:45:
         60:35:16:7e:44:8e:ed:4d:dc:83:21:e8:e0:5c:ea:e2:ad:92:
         d7:26:72:f6:dc:28:07:d1:8f:53:29:0b:68:28:4f:61:a0:6c:
         e0:f2:1b:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmlt91TjuJQW5sJDsITSBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwNjEzMDAwMDUzWhcNMjUwNjE0MDAwMDUzWjAzMTEwLwYDVQQD
EygxMTFjZmYxODUxMWU1ZDgwMTZmN2ZiOTk5MjMwZTRlOTUxOTg1N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqzHCmvidONzitiiHPiACl3/Df0J
1SS4a8C2jJIMCXLWpue+k7T8tO8eSk1yBLu6EFrSrsVhFW8g/LMVOaa5A8oRNN1/
TRrU3kqsa5Uq1uIKuRuxmxdeA10AJmDof6OTsuQus3NfT5ihoGIi+1rGe7i8RKMo
OjPNjS3/UAaK91xF/ttdp5Dd8yppSCmpOd97+WTquGE2iRpvyADofpIoczB5BKN5
VdYqjJR6lR8CFBKfkf/mDdALLyKV1ZMMF46TptVPu7LTYDxCyGtkeL/TymjKEA9R
YdkvQdoF3h1JC5qtft6rbWLKHL/Daq/NTguUWd/prpesmPTzd42oSm7onQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEc/xhRHl2AFvf7mZIw5OlRmFe+MB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6lLboTm
r+O/y094rE4I9tsISpZB0cU4iVD5VikK0yGgCOo7hHiClHnhsmVhJisiS312wBRF
lC+oeuAAIkMmEk5XUCKvmpb8YGqqMa52tXy2S3Yei12H56uKsWnrOV2cyTFErdfq
/Clu4HGTxeKK9tg6zHRWw3tmrWgyQp+eaKsUIRekTTfWi7HeXjFDbk/IoknCjpFk
a6eNh4YqT8NFGm+GNgB0HOq/bdafFBJQijKP5jkhyldyOAQu0JGwO6UjP83LsD7T
if2P5lYdqhY5eJxQwlUDjPNFYDUWfkSO7U3cgyHo4Fzq4q2S1yZy9twoB9GPUykL
aChPYaBs4PIb7g==
-----END CERTIFICATE-----