Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          yGPZ2wTAGf9ab7/1NuwpRlPnbztfMItJ92pWMpJVQwI=
Subject key identifier:   BA:D8:3B:65:A7:0A:5A:2E:62:0E:F8:23:82:7D:CA:4D:5D:4D:8E:AB
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       01975723D4D9685239731E83F546F4348073
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          12
Signing time:             Tue 10 Jun 2025 00:00:55 +0000
Manifest this update:     Tue 10 Jun 2025 00:00:55 +0000
Manifest next update:     Wed 11 Jun 2025 00:00:55 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: t3USiJdSYOj/jMGWg0RPNN4PWpRhpKcMZGRlXKD7WLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:23:d4:d9:68:52:39:73:1e:83:f5:46:f4:34:80:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Jun 10 00:00:55 2025 GMT
            Not After : Jun 11 00:00:55 2025 GMT
        Subject: CN=bad83b65a70a5a2e620ef823827dca4d5d4d8eab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e6:e6:46:4d:ba:6e:81:e1:06:f9:37:d1:44:
                    ad:42:08:f8:c3:47:83:95:97:8a:4f:b8:fa:ef:c0:
                    83:92:a9:1f:3f:5b:31:89:88:eb:3b:b5:da:5e:59:
                    79:ad:f7:ca:3c:fb:cd:1b:9c:4b:9a:12:8b:bd:02:
                    cd:b6:03:1b:6d:e8:d8:8f:80:05:6f:b8:3d:cf:16:
                    d8:74:36:20:fe:60:37:d8:6f:0e:f3:4b:bf:11:ca:
                    6e:54:63:c4:f3:d3:aa:28:7a:df:88:0d:0f:4f:9e:
                    31:f8:fb:d1:c4:2d:cd:d0:b3:d0:e9:0d:2e:aa:e9:
                    4f:f2:c9:4b:96:d6:78:5a:29:64:87:e2:d5:61:f6:
                    b4:f0:33:6a:52:42:d3:4b:b0:99:62:f8:0e:0b:6c:
                    fe:89:c5:a7:9f:ec:0d:50:99:28:7c:21:64:a9:1f:
                    26:a1:e4:fb:71:40:c1:0a:3c:16:bb:0c:f5:6b:dc:
                    e6:6c:05:7f:e5:7a:1b:b9:b5:80:83:a0:80:92:b6:
                    ce:b7:1a:90:71:c0:4e:b4:8b:eb:d6:fc:b8:78:59:
                    52:77:ce:9c:61:69:9b:6f:37:cd:d9:e5:8b:d9:f0:
                    03:3d:8b:6b:ab:ea:ba:9f:ae:ed:3a:e7:03:a5:58:
                    ff:82:b1:81:ca:1f:ee:54:6a:be:cf:0a:1d:af:71:
                    be:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D8:3B:65:A7:0A:5A:2E:62:0E:F8:23:82:7D:CA:4D:5D:4D:8E:AB
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:74:39:8c:37:03:f3:e0:27:e8:38:c8:17:f5:a3:82:f3:f1:
         d7:e0:f5:b0:3a:1e:e3:18:c3:ce:c9:97:93:ae:4f:a1:cc:ba:
         21:b2:8a:f6:bd:0e:84:c9:6a:0f:cc:66:d9:fd:7b:9f:f3:0f:
         a2:8c:fc:4e:b2:e4:67:a1:e3:79:d1:68:dd:34:8a:9a:87:b1:
         9d:81:4b:6b:4f:bb:12:7f:66:a2:da:d6:5b:80:bc:3b:29:0d:
         7f:cf:d9:b8:03:e8:34:cc:9b:16:fb:46:d6:5f:b6:89:7e:ea:
         e7:cd:22:79:a0:a4:ce:53:5f:72:3c:f1:a3:4a:cc:26:d4:ae:
         72:2a:c7:e2:bb:f8:e6:7c:97:05:7c:a7:01:c5:0f:8b:83:7b:
         3b:4b:fa:72:37:29:03:e3:3e:56:bf:5f:f7:55:d1:ba:76:5f:
         15:f3:23:53:04:88:5e:7b:1c:39:a7:62:75:d2:b0:b2:49:83:
         1f:53:ff:40:77:75:1a:98:5f:e6:da:86:0b:e1:d5:65:d7:c6:
         f0:cb:94:06:d1:05:7e:31:b6:b2:de:0d:84:ba:b0:b6:e2:48:
         75:8f:df:7f:ba:92:f7:c7:06:a7:88:cd:70:24:5d:a5:6e:0e:
         b6:9a:6d:63:2a:f4:20:f5:c9:6f:3a:b9:6d:5f:aa:2b:cf:80:
         86:1d:db:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXI9TZaFI5cx6D9Ub0NIBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjUwNjEwMDAwMDU1WhcNMjUwNjExMDAwMDU1WjAzMTEwLwYDVQQD
EyhiYWQ4M2I2NWE3MGE1YTJlNjIwZWY4MjM4MjdkY2E0ZDVkNGQ4ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+bmRk26boHhBvk30UStQgj4w0eD
lZeKT7j678CDkqkfP1sxiYjrO7XaXll5rffKPPvNG5xLmhKLvQLNtgMbbejYj4AF
b7g9zxbYdDYg/mA32G8O80u/EcpuVGPE89OqKHrfiA0PT54x+PvRxC3N0LPQ6Q0u
qulP8slLltZ4Wilkh+LVYfa08DNqUkLTS7CZYvgOC2z+icWnn+wNUJkofCFkqR8m
oeT7cUDBCjwWuwz1a9zmbAV/5XobubWAg6CAkrbOtxqQccBOtIvr1vy4eFlSd86c
YWmbbzfN2eWL2fADPYtrq+q6n67tOucDpVj/grGByh/uVGq+zwodr3G+5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrYO2WnClouYg74I4J9yk1dTY6rMB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3Q5jDcD
8+An6DjIF/WjgvPx1+D1sDoe4xjDzsmXk65Pocy6IbKK9r0OhMlqD8xm2f17n/MP
ooz8TrLkZ6HjedFo3TSKmoexnYFLa0+7En9motrWW4C8OykNf8/ZuAPoNMybFvtG
1l+2iX7q580ieaCkzlNfcjzxo0rMJtSucirH4rv45nyXBXynAcUPi4N7O0v6cjcp
A+M+Vr9f91XRunZfFfMjUwSIXnscOadiddKwskmDH1P/QHd1Gphf5tqGC+HVZdfG
8MuUBtEFfjG2st4NhLqwtuJIdY/ff7qS98cGp4jNcCRdpW4OtpptYyr0IPXJbzq5
bV+qK8+Ahh3bdA==
-----END CERTIFICATE-----