Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
File:                     WAFhHoC63kAvvWDnhvNPtxctIlo.mft (raw, json)
Hash identifier:          uF6JPtnIXWjHZmHUVGTEBPzL445W4JRaWTLiGGP+CJ4=
Subject key identifier:   EC:5D:7A:A4:49:47:DE:8E:62:22:32:E0:5B:E1:75:7F:AB:EC:70:9D
Authority key identifier: 58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A
Certificate issuer:       /CN=5801611e80bade402fbd60e786f34fb7172d225a
Certificate serial:       01974B56BABCBC031004494F004FD7792BBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
Manifest number:          12DD
Signing time:             Sat 07 Jun 2025 17:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 17:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 17:01:04 +0000
Files and hashes:         1: WAFhHoC63kAvvWDnhvNPtxctIlo.crl (hash: VZrMeCk5i7TAoChuvBEnY7VCnJlMvrQ+vRdFC98A4jw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:ba:bc:bc:03:10:04:49:4f:00:4f:d7:79:2b:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5801611e80bade402fbd60e786f34fb7172d225a
        Validity
            Not Before: Jun  7 17:01:04 2025 GMT
            Not After : Jun  8 17:01:04 2025 GMT
        Subject: CN=ec5d7aa44947de8e622232e05be1757fabec709d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:54:bb:94:72:66:ec:a7:53:cb:6a:a7:c5:0f:
                    9c:d9:e1:1f:c7:94:65:b5:96:a1:ca:e0:cd:56:a2:
                    a3:3d:ab:c7:d9:ac:52:09:2f:e3:22:7e:ca:67:a3:
                    2a:f4:fc:d5:35:f7:72:4b:9f:5f:c7:24:c9:c8:81:
                    cc:f0:58:25:a7:6f:71:52:2b:3d:6d:5f:b2:b7:7b:
                    d1:50:ab:2c:dc:bb:85:c6:43:36:c0:20:7c:93:8b:
                    af:e7:80:c4:04:e6:e5:3f:f1:6d:7c:67:19:6d:2d:
                    e1:27:46:b3:78:4b:88:22:60:08:41:59:9d:2f:35:
                    45:5e:7e:85:1a:85:22:23:36:4e:69:f4:b3:03:0a:
                    65:a7:2e:af:0c:2d:39:eb:fe:b6:4f:f4:7c:10:ea:
                    6f:1f:3b:7b:bf:1b:b7:79:d0:9e:9b:31:60:07:f7:
                    15:f3:c1:ce:37:50:c6:57:b8:8e:48:71:92:0a:ae:
                    fc:13:d1:9f:7c:7b:0b:79:6c:a3:46:51:64:7c:8f:
                    b1:6d:8a:0f:85:67:3f:1d:48:c9:96:4b:33:e1:99:
                    d8:7f:e4:ae:cd:d1:8e:76:76:48:18:11:f8:c7:c6:
                    4a:12:6a:67:14:91:5e:01:32:9c:f3:d0:a1:cd:5f:
                    1a:52:5e:df:85:8e:20:7b:fe:4d:32:d7:5f:b3:23:
                    7b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:5D:7A:A4:49:47:DE:8E:62:22:32:E0:5B:E1:75:7F:AB:EC:70:9D
            X509v3 Authority Key Identifier:
                keyid:58:01:61:1E:80:BA:DE:40:2F:BD:60:E7:86:F3:4F:B7:17:2D:22:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFhHoC63kAvvWDnhvNPtxctIlo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5fdc69-64c2-4b47-a4f8-ab39be656057/1/WAFhHoC63kAvvWDnhvNPtxctIlo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:cd:ff:fe:24:18:42:6e:89:bf:9a:a4:8f:9f:ed:72:98:62:
         2a:fd:f0:73:ce:70:de:c2:9a:24:6b:e9:08:8b:cb:a2:67:45:
         a2:49:5b:91:71:b9:82:5b:ca:f2:b5:a5:d5:c6:e0:0b:a6:90:
         2a:30:21:c6:97:1d:6f:c4:0a:16:08:bb:a1:14:c6:6f:aa:f1:
         c4:5c:9d:9d:be:f3:c6:92:e3:35:de:38:96:73:86:43:8b:1a:
         0b:b1:59:23:23:ef:14:ba:80:1a:90:62:7b:14:1d:a8:69:7d:
         ca:49:bb:42:33:f3:dd:5c:d1:b2:e2:c8:77:3b:df:d4:b0:04:
         be:82:79:df:50:63:60:59:12:69:30:cd:7e:e7:b6:6c:f9:75:
         b3:93:8f:44:3b:94:19:d8:86:9b:d1:a4:59:f1:3f:25:37:f8:
         e2:94:b4:ee:d1:a6:23:30:ab:99:7b:d4:75:a5:ef:a6:21:c4:
         91:e5:75:2a:c3:a2:93:e1:6e:00:8d:bb:07:e3:be:8c:71:4c:
         1c:97:9e:9b:04:a1:f0:5b:f9:39:f4:dc:50:b7:56:ec:70:61:
         35:9d:ff:3d:76:ac:60:47:fe:a8:fb:b3:23:48:6a:5e:54:d5:
         1e:c7:0f:dd:1c:83:65:0e:b3:59:34:73:ad:a9:a3:84:a4:e6:
         66:1d:19:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVrq8vAMQBElPAE/XeSu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE2MTFlODBiYWRlNDAyZmJkNjBlNzg2ZjM0ZmI3MTcy
ZDIyNWEwHhcNMjUwNjA3MTcwMTA0WhcNMjUwNjA4MTcwMTA0WjAzMTEwLwYDVQQD
EyhlYzVkN2FhNDQ5NDdkZThlNjIyMjMyZTA1YmUxNzU3ZmFiZWM3MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFS7lHJm7KdTy2qnxQ+c2eEfx5Rl
tZahyuDNVqKjPavH2axSCS/jIn7KZ6Mq9PzVNfdyS59fxyTJyIHM8Fglp29xUis9
bV+yt3vRUKss3LuFxkM2wCB8k4uv54DEBOblP/FtfGcZbS3hJ0azeEuIImAIQVmd
LzVFXn6FGoUiIzZOafSzAwplpy6vDC056/62T/R8EOpvHzt7vxu3edCemzFgB/cV
88HON1DGV7iOSHGSCq78E9GffHsLeWyjRlFkfI+xbYoPhWc/HUjJlksz4ZnYf+Su
zdGOdnZIGBH4x8ZKEmpnFJFeATKc89ChzV8aUl7fhY4ge/5NMtdfsyN7YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxdeqRJR96OYiIy4FvhdX+r7HCdMB8GA1UdIwQY
MBaAFFgBYR6Aut5AL71g54bzT7cXLSJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0Zjgt
YWIzOWJlNjU2MDU3LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZmRjNjktNjRjMi00YjQ3LWE0ZjgtYWIzOWJlNjU2MDU3
LzEvV0FGaEhvQzYza0F2dldEbmh2TlB0eGN0SWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2M3//iQY
Qm6Jv5qkj5/tcphiKv3wc85w3sKaJGvpCIvLomdFoklbkXG5glvK8rWl1cbgC6aQ
KjAhxpcdb8QKFgi7oRTGb6rxxFydnb7zxpLjNd44lnOGQ4saC7FZIyPvFLqAGpBi
exQdqGl9ykm7QjPz3VzRsuLIdzvf1LAEvoJ531BjYFkSaTDNfue2bPl1s5OPRDuU
GdiGm9GkWfE/JTf44pS07tGmIzCrmXvUdaXvpiHEkeV1KsOik+FuAI27B+O+jHFM
HJeemwSh8Fv5OfTcULdW7HBhNZ3/PXasYEf+qPuzI0hqXlTVHscP3RyDZQ6zWTRz
ramjhKTmZh0ZVw==
-----END CERTIFICATE-----