Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
File:                     xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json)
Hash identifier:          F5/gOvfqPUpcpdDfiKXRTEQiOBvdcDGulhdWoQiiZhs=
Subject key identifier:   A7:3E:81:73:F8:AC:AC:6D:A1:CE:33:EE:69:02:57:02:95:F0:7B:1B
Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A
Certificate issuer:       /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
Certificate serial:       01975610C89ABA473974A416CE38A1E706A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
Manifest number:          0CE1
Signing time:             Mon 09 Jun 2025 19:00:29 +0000
Manifest this update:     Mon 09 Jun 2025 19:00:29 +0000
Manifest next update:     Tue 10 Jun 2025 19:00:29 +0000
Files and hashes:         1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: SRjKddinKpZ66NV4yFmBsZ3q6smypgYed985GJn8pCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 19:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:10:c8:9a:ba:47:39:74:a4:16:ce:38:a1:e7:06:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
        Validity
            Not Before: Jun  9 19:00:29 2025 GMT
            Not After : Jun 10 19:00:29 2025 GMT
        Subject: CN=a73e8173f8acac6da1ce33ee6902570295f07b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c8:41:2a:94:e4:78:2c:f7:c5:9c:43:62:19:
                    7a:d1:db:b0:0b:fe:1d:9c:8b:e8:d8:d6:bc:6f:b7:
                    2d:52:8e:cb:4b:da:bf:29:e8:90:34:af:73:d4:3e:
                    59:50:97:85:b2:68:a8:56:1c:a5:cc:d4:de:ab:4f:
                    32:65:0d:a4:54:b1:5a:25:cd:ea:25:09:f4:f4:3f:
                    d0:62:44:0d:75:1b:2b:1e:44:64:74:0e:e0:27:8f:
                    3e:be:97:4b:2b:2d:03:15:2c:ec:b2:5c:0c:d8:e9:
                    e2:e3:00:86:a5:e7:4f:54:0d:c4:87:53:6b:87:6a:
                    a4:a7:60:3d:14:71:5a:21:f6:02:1f:39:54:a2:d7:
                    db:f6:4c:71:4a:f5:53:c5:62:77:e8:2a:ac:ad:a1:
                    cd:a9:a0:59:c2:96:bf:ff:ea:89:f9:33:d6:03:11:
                    92:3f:95:c0:05:68:5f:21:35:77:95:c9:21:9e:fa:
                    0a:9e:ae:0e:d7:e0:b1:a6:99:b6:5a:61:42:f8:52:
                    77:3b:24:08:47:cd:88:bf:fb:d5:9b:1e:4e:52:38:
                    20:bf:d3:28:a8:40:e7:06:91:d1:1a:69:20:25:f2:
                    56:9f:64:37:8a:5c:21:82:5d:40:3a:41:a6:00:d1:
                    1b:d1:2e:5a:e9:fe:7c:cc:3c:13:06:b3:d6:bf:f0:
                    e4:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3E:81:73:F8:AC:AC:6D:A1:CE:33:EE:69:02:57:02:95:F0:7B:1B
            X509v3 Authority Key Identifier:
                keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:bc:82:e9:29:11:38:a3:16:d2:57:ea:84:59:d9:17:3f:d0:
         7e:80:4a:cc:9f:b2:3a:4c:7b:77:3c:0d:65:bd:ef:af:0f:df:
         40:58:8e:ee:10:3c:48:0b:89:4b:08:d9:f2:76:4a:37:98:1b:
         da:50:2a:23:e2:50:ae:60:07:f7:9b:bc:55:99:bb:a1:c9:e0:
         6a:7c:5a:51:ae:78:ca:54:b7:25:02:5f:62:bf:43:68:fc:58:
         32:e6:12:bb:41:88:3d:64:66:f8:3c:9e:27:3a:b6:c6:fc:b1:
         ef:d2:83:cd:34:e9:94:df:05:a7:78:22:51:15:0f:fd:1b:25:
         12:52:fd:a0:5c:4b:4a:dd:e8:90:d5:e3:b7:a4:6c:83:ff:ac:
         4e:96:6e:1d:42:ec:9d:c1:13:e2:75:ec:34:4a:86:2a:07:27:
         ab:62:a6:bc:eb:f9:10:86:ba:6c:7c:63:e2:c5:36:b8:0e:8f:
         bd:76:1a:f0:32:1f:24:09:73:ae:7b:a8:79:ac:74:65:5d:20:
         ab:17:7d:d9:d6:19:7f:f7:21:39:9d:66:ba:37:a8:12:3c:5a:
         5e:7c:2d:4b:9a:95:5f:c0:11:cc:bb:2c:21:74:8d:03:de:2c:
         c5:6f:8c:d6:d3:9a:bc:28:18:e4:e1:91:34:52:a5:32:3e:1b:
         fc:85:31:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWEMiaukc5dKQWzjih5wapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4
MzFlMWEwHhcNMjUwNjA5MTkwMDI5WhcNMjUwNjEwMTkwMDI5WjAzMTEwLwYDVQQD
EyhhNzNlODE3M2Y4YWNhYzZkYTFjZTMzZWU2OTAyNTcwMjk1ZjA3YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzshBKpTkeCz3xZxDYhl60duwC/4d
nIvo2Na8b7ctUo7LS9q/KeiQNK9z1D5ZUJeFsmioVhylzNTeq08yZQ2kVLFaJc3q
JQn09D/QYkQNdRsrHkRkdA7gJ48+vpdLKy0DFSzsslwM2Oni4wCGpedPVA3Eh1Nr
h2qkp2A9FHFaIfYCHzlUotfb9kxxSvVTxWJ36CqsraHNqaBZwpa//+qJ+TPWAxGS
P5XABWhfITV3lckhnvoKnq4O1+Cxppm2WmFC+FJ3OyQIR82Iv/vVmx5OUjggv9Mo
qEDnBpHRGmkgJfJWn2Q3ilwhgl1AOkGmANEb0S5a6f58zDwTBrPWv/DkMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKc+gXP4rKxtoc4z7mkCVwKV8HsbMB8GA1UdIwQY
MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct
NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk
LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELyC6SkR
OKMW0lfqhFnZFz/QfoBKzJ+yOkx7dzwNZb3vrw/fQFiO7hA8SAuJSwjZ8nZKN5gb
2lAqI+JQrmAH95u8VZm7ocnganxaUa54ylS3JQJfYr9DaPxYMuYSu0GIPWRm+Dye
Jzq2xvyx79KDzTTplN8Fp3giURUP/RslElL9oFxLSt3okNXjt6Rsg/+sTpZuHULs
ncET4nXsNEqGKgcnq2KmvOv5EIa6bHxj4sU2uA6PvXYa8DIfJAlzrnuoeax0ZV0g
qxd92dYZf/chOZ1mujeoEjxaXnwtS5qVX8ARzLssIXSNA94sxW+M1tOavCgY5OGR
NFKlMj4b/IUx4g==
-----END CERTIFICATE-----