Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          fnLVxRI3UQAzW8pdyFJs50MURXrLR8iZwsIg5BD9dpc=
Subject key identifier:   76:45:A6:0A:D2:55:CF:09:C5:95:9B:A5:46:AF:71:05:0A:14:74:75
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       01974F3351FF50D8BB9BBED6CF27590BCC3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          037C
Signing time:             Sun 08 Jun 2025 11:00:52 +0000
Manifest this update:     Sun 08 Jun 2025 11:00:52 +0000
Manifest next update:     Mon 09 Jun 2025 11:00:52 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: 1oWpJURrBmsfFppZC4eBUTTJ5UlG1ViQB20p9pXAX4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 11:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:33:51:ff:50:d8:bb:9b:be:d6:cf:27:59:0b:cc:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Jun  8 11:00:52 2025 GMT
            Not After : Jun  9 11:00:52 2025 GMT
        Subject: CN=7645a60ad255cf09c5959ba546af71050a147475
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:12:52:1d:a2:ce:37:fb:1f:d3:8b:e7:b4:c0:
                    23:a8:da:55:82:7d:ec:98:a5:5d:65:da:dc:55:82:
                    8f:33:ee:47:d7:5f:51:6e:ee:04:c6:15:77:29:ea:
                    bd:0b:71:a4:b0:61:3b:a6:1c:a6:66:46:3d:fc:e6:
                    8e:1f:52:df:2b:91:45:dd:14:16:78:e9:5f:d1:8d:
                    93:d4:af:c6:61:71:e4:1a:2a:81:a1:25:35:ff:04:
                    67:af:7e:c9:33:27:0e:30:d5:2b:c2:88:48:5f:f5:
                    fe:13:58:24:3a:7e:ed:c5:b1:97:66:68:89:1e:5a:
                    4f:1b:dd:8e:ad:4d:96:58:2d:3b:ed:77:36:b1:9b:
                    df:fb:9e:ac:58:63:97:aa:62:38:09:0c:39:92:0c:
                    dc:44:e3:6b:56:46:e7:b1:a7:80:f5:94:3b:00:43:
                    db:2e:dc:c4:da:45:08:20:db:5d:6c:e1:2c:fd:92:
                    6a:36:79:7d:4e:01:07:c9:7f:71:09:1c:f5:92:bf:
                    54:fe:d2:92:64:d8:22:70:27:d2:b1:a7:5b:81:e3:
                    58:5f:f9:71:48:75:b4:d2:65:24:f0:2a:28:c2:b9:
                    d3:04:5b:26:aa:70:e9:88:2e:1a:6b:07:5d:d5:63:
                    58:83:e3:51:19:68:1b:ce:d0:75:84:30:37:7d:d8:
                    f5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:45:A6:0A:D2:55:CF:09:C5:95:9B:A5:46:AF:71:05:0A:14:74:75
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:02:6c:a5:be:0f:1a:b5:30:e4:fa:5f:9f:21:e5:3b:1b:6e:
         72:89:3c:16:b4:44:6e:87:9c:db:d6:b7:9c:59:ae:2c:60:6b:
         0b:30:f8:11:c2:09:c9:da:89:0c:21:0c:f4:76:39:ec:b9:72:
         96:7b:dc:d3:71:61:96:ee:74:d5:90:08:f9:c8:87:59:fd:f7:
         9e:cb:92:2c:3e:1a:83:3b:65:10:c6:aa:6e:d8:34:db:7f:83:
         47:9b:ba:7d:c2:07:c7:78:24:fe:5b:96:9c:73:e6:5f:fc:79:
         05:4c:3c:1d:09:0a:c7:c5:ce:88:9a:d2:29:16:c9:6f:d0:dd:
         76:b5:90:90:5f:52:9a:7e:7d:51:5b:52:51:0c:b0:b7:f7:88:
         59:25:10:3c:d9:f3:32:50:38:7d:2b:89:3c:b8:b5:7c:56:d8:
         d3:3f:fa:74:ea:3e:90:7e:ff:10:8f:2b:d7:6e:1f:6c:e9:45:
         45:06:d6:62:40:23:4f:58:60:3d:72:27:b2:d6:34:52:4c:31:
         8c:33:d9:4f:00:3a:cd:77:45:4f:cd:ab:dc:a1:6c:18:d4:b8:
         f6:6b:fe:42:88:81:6b:85:b0:c9:48:82:18:38:a2:bf:69:ff:
         f1:18:47:39:ea:c5:00:9d:07:ce:f4:e6:56:c1:c0:d2:ab:91:
         72:51:3e:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPM1H/UNi7m77WzydZC8w+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjUwNjA4MTEwMDUyWhcNMjUwNjA5MTEwMDUyWjAzMTEwLwYDVQQD
Eyg3NjQ1YTYwYWQyNTVjZjA5YzU5NTliYTU0NmFmNzEwNTBhMTQ3NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxJSHaLON/sf04vntMAjqNpVgn3s
mKVdZdrcVYKPM+5H119Rbu4ExhV3Keq9C3GksGE7phymZkY9/OaOH1LfK5FF3RQW
eOlf0Y2T1K/GYXHkGiqBoSU1/wRnr37JMycOMNUrwohIX/X+E1gkOn7txbGXZmiJ
HlpPG92OrU2WWC077Xc2sZvf+56sWGOXqmI4CQw5kgzcRONrVkbnsaeA9ZQ7AEPb
LtzE2kUIINtdbOEs/ZJqNnl9TgEHyX9xCRz1kr9U/tKSZNgicCfSsadbgeNYX/lx
SHW00mUk8CoowrnTBFsmqnDpiC4aawdd1WNYg+NRGWgbztB1hDA3fdj1RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZFpgrSVc8JxZWbpUavcQUKFHR1MB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdgJspb4P
GrUw5PpfnyHlOxtucok8FrREboec29a3nFmuLGBrCzD4EcIJydqJDCEM9HY57Lly
lnvc03Fhlu501ZAI+ciHWf33nsuSLD4agztlEMaqbtg023+DR5u6fcIHx3gk/luW
nHPmX/x5BUw8HQkKx8XOiJrSKRbJb9DddrWQkF9Smn59UVtSUQywt/eIWSUQPNnz
MlA4fSuJPLi1fFbY0z/6dOo+kH7/EI8r124fbOlFRQbWYkAjT1hgPXInstY0Ukwx
jDPZTwA6zXdFT82r3KFsGNS49mv+QoiBa4WwyUiCGDiiv2n/8RhHOerFAJ0HzvTm
VsHA0quRclE+GQ==
-----END CERTIFICATE-----