Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          6r+FJ/PYUL6+LNFatVDu4pMb/q1FZlpCoaQ6p1xi90A=
Subject key identifier:   1C:53:FA:92:65:7E:0B:90:D8:85:E8:8C:02:54:ED:FF:55:1C:62:0E
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0197488C02D297FE158490245EA2472797E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          02D0
Signing time:             Sat 07 Jun 2025 04:00:24 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:24 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:24 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: RdmTTAu4n9WA1NHt3hdROywlgYAmhz4QcxtJAyNNoPs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:02:d2:97:fe:15:84:90:24:5e:a2:47:27:97:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Jun  7 04:00:24 2025 GMT
            Not After : Jun  8 04:00:24 2025 GMT
        Subject: CN=1c53fa92657e0b90d885e88c0254edff551c620e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:d1:a9:36:68:2d:96:ae:c8:30:05:31:72:a7:
                    48:ce:b3:9d:c6:4f:47:0d:03:37:f6:c9:2a:52:d3:
                    62:40:3f:f8:f7:b3:de:b4:d5:70:b4:f5:98:35:98:
                    d0:66:37:2c:c5:cf:a5:de:4e:45:06:f3:3c:1c:26:
                    e3:a5:ed:d4:ad:5c:be:14:db:36:b1:d1:8f:67:4c:
                    99:9b:3c:11:56:47:9e:4d:6a:00:ff:33:a5:d1:0d:
                    9b:46:bc:33:29:ad:47:c7:fb:dd:d9:58:05:b4:ec:
                    64:d6:3d:2e:b7:fe:8e:4b:46:61:bd:6e:cd:a7:f3:
                    44:62:4e:a9:e5:e5:02:14:50:e7:4d:e0:48:d6:04:
                    0e:33:6e:6f:a1:ce:92:08:c8:8c:56:bb:c3:10:a7:
                    2a:18:7c:84:d1:21:17:8a:42:74:40:67:d6:30:4b:
                    32:24:c1:e5:23:03:e9:97:a5:8c:dc:4d:3e:5b:4a:
                    ac:76:11:3a:7d:57:eb:4d:ea:7f:7d:41:81:1d:eb:
                    fb:9f:cb:3b:a6:53:84:97:01:cd:0e:2c:45:c2:ef:
                    6d:d2:47:bd:c7:9a:c1:d4:3c:d8:41:2e:f5:42:40:
                    2e:56:09:2e:39:73:f8:6f:ec:c5:23:70:50:97:4c:
                    ba:10:7f:82:0a:e7:15:91:44:71:3d:18:1c:b1:c3:
                    1f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:53:FA:92:65:7E:0B:90:D8:85:E8:8C:02:54:ED:FF:55:1C:62:0E
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:9d:da:1d:25:06:e7:c5:59:0a:dd:71:b8:52:c1:02:e1:94:
         7f:72:58:74:4b:d7:b1:eb:e4:f2:3f:e1:43:74:38:ce:18:91:
         41:ad:4f:c9:5b:69:fb:9c:6e:dd:5b:ce:f9:6e:40:4c:33:61:
         18:14:21:7d:3b:ca:e7:5f:f0:c2:5b:68:00:e1:80:a9:c1:05:
         a8:e6:e5:3f:fb:54:a0:5e:d0:81:13:23:7c:59:f1:2b:65:48:
         9c:3e:5f:ad:e8:02:e7:03:d4:69:a2:53:07:01:be:63:ec:c5:
         8f:2d:2f:fc:da:c1:2f:68:8f:60:83:12:91:cc:44:bd:2e:f9:
         87:9f:b0:0d:9b:15:53:13:75:c2:2a:e6:c2:cd:ac:65:55:26:
         27:db:73:2c:44:10:37:7f:7e:ea:fe:86:a6:38:d9:67:e1:15:
         61:b3:89:21:96:3b:43:f0:33:66:f8:04:49:a1:ec:56:23:e4:
         1f:4c:66:7f:49:e5:08:7a:5f:14:5f:14:c5:75:b8:1c:88:48:
         f3:2b:92:34:37:2d:f2:b8:76:c8:ae:50:b4:99:d3:4d:09:dd:
         9e:97:74:e7:6f:61:c1:a5:1d:d9:11:67:26:d1:36:05:4a:ee:
         85:65:fa:fd:5d:53:c0:c7:44:aa:7a:70:bc:25:0f:37:65:1f:
         26:5f:16:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjALSl/4VhJAkXqJHJ5foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUwNjA3MDQwMDI0WhcNMjUwNjA4MDQwMDI0WjAzMTEwLwYDVQQD
EygxYzUzZmE5MjY1N2UwYjkwZDg4NWU4OGMwMjU0ZWRmZjU1MWM2MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NGpNmgtlq7IMAUxcqdIzrOdxk9H
DQM39skqUtNiQD/497PetNVwtPWYNZjQZjcsxc+l3k5FBvM8HCbjpe3UrVy+FNs2
sdGPZ0yZmzwRVkeeTWoA/zOl0Q2bRrwzKa1Hx/vd2VgFtOxk1j0ut/6OS0ZhvW7N
p/NEYk6p5eUCFFDnTeBI1gQOM25voc6SCMiMVrvDEKcqGHyE0SEXikJ0QGfWMEsy
JMHlIwPpl6WM3E0+W0qsdhE6fVfrTep/fUGBHev7n8s7plOElwHNDixFwu9t0ke9
x5rB1DzYQS71QkAuVgkuOXP4b+zFI3BQl0y6EH+CCucVkURxPRgcscMfvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxT+pJlfguQ2IXojAJU7f9VHGIOMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYp3aHSUG
58VZCt1xuFLBAuGUf3JYdEvXsevk8j/hQ3Q4zhiRQa1PyVtp+5xu3VvO+W5ATDNh
GBQhfTvK51/wwltoAOGAqcEFqOblP/tUoF7QgRMjfFnxK2VInD5fregC5wPUaaJT
BwG+Y+zFjy0v/NrBL2iPYIMSkcxEvS75h5+wDZsVUxN1wirmws2sZVUmJ9tzLEQQ
N39+6v6GpjjZZ+EVYbOJIZY7Q/AzZvgESaHsViPkH0xmf0nlCHpfFF8UxXW4HIhI
8yuSNDct8rh2yK5QtJnTTQndnpd0529hwaUd2RFnJtE2BUruhWX6/V1TwMdEqnpw
vCUPN2UfJl8WuQ==
-----END CERTIFICATE-----