Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          KQMlJECqclYPvhDW+ls/a5b9y4d+p2s1zFKPc1/vfrs=
Subject key identifier:   F8:BE:38:C9:E5:94:9F:71:C8:98:0E:B1:78:40:0F:D9:B2:8D:4A:01
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       01974BC3F14BDD119B765E63467CE13F4955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0AC2
Signing time:             Sat 07 Jun 2025 19:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:21 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: YgXX9cG+a0+MzeuTCU7NKGQrHjDa35mDJNm0Eh4lqbE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c3:f1:4b:dd:11:9b:76:5e:63:46:7c:e1:3f:49:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Jun  7 19:00:21 2025 GMT
            Not After : Jun  8 19:00:21 2025 GMT
        Subject: CN=f8be38c9e5949f71c8980eb178400fd9b28d4a01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ec:4f:eb:26:96:d7:80:e7:a5:1f:e8:97:bc:
                    45:c8:01:19:f0:24:d2:41:c7:c6:6e:9e:d7:03:a1:
                    78:57:2c:1a:5d:5b:1a:dc:9d:b9:5b:0c:25:4f:c4:
                    d5:87:08:63:3d:42:e3:9a:69:9c:8d:69:60:19:d7:
                    bf:a8:67:91:66:b5:8e:de:7f:f5:71:8d:36:5c:87:
                    16:b6:dd:58:c0:ef:7b:53:10:0d:76:11:e1:3e:d8:
                    08:55:80:3b:15:c0:fd:a0:bc:fb:8f:7b:19:01:74:
                    7a:e8:41:ee:1a:fa:7d:7e:b7:22:11:f3:1e:8f:c8:
                    80:42:58:99:a7:62:f6:df:74:83:2d:bd:e6:c3:4a:
                    2b:29:b8:37:72:49:a1:ac:67:51:3c:d2:59:30:23:
                    e3:b9:fd:6d:67:7b:19:ce:1c:58:67:73:d7:d0:54:
                    8b:94:be:48:a2:93:05:8f:c6:5d:7f:4c:b8:12:71:
                    f1:06:b2:bd:1e:26:31:b0:54:10:06:15:76:89:ce:
                    d8:ab:a0:34:74:25:04:cb:3e:0f:6d:45:9e:32:8f:
                    c8:1f:57:33:42:15:84:f2:fd:7b:8f:e1:60:0e:0d:
                    d7:22:34:3a:60:77:30:0f:f5:ab:1b:ec:a6:d5:b5:
                    62:c2:3a:10:2b:63:dc:a5:48:1f:79:e9:3d:7b:e2:
                    d2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:BE:38:C9:E5:94:9F:71:C8:98:0E:B1:78:40:0F:D9:B2:8D:4A:01
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:03:53:a5:c0:cc:2b:18:d4:2b:ed:7b:98:5a:ab:ca:fe:4f:
         02:79:3d:d8:79:69:56:00:e1:40:89:6c:4a:e3:5e:26:22:77:
         6a:38:bb:91:70:3d:fd:ca:db:65:75:cd:6e:a5:0b:7d:d3:d9:
         fd:b3:40:67:b7:55:5e:80:c1:fe:02:19:c8:bf:4e:6f:88:65:
         f1:e9:43:08:c5:05:84:55:2e:f4:5b:c9:69:fe:75:a0:0c:b2:
         8a:58:7a:7c:88:ee:5c:24:8b:b6:9b:44:ca:a0:db:a5:02:f9:
         3e:96:83:9f:75:57:52:cf:9e:ec:53:5f:66:9f:85:87:ce:3c:
         2e:77:1f:a2:42:57:0e:d0:37:6d:5c:93:0b:03:b7:ee:4e:60:
         6c:e4:b9:fd:34:0e:9f:9f:ee:0f:a3:2f:73:26:18:18:ba:8d:
         3f:30:82:d7:e0:dd:6a:b4:66:e3:bf:46:95:50:f5:ac:cd:5d:
         3d:b7:f3:2a:da:70:24:68:ca:e3:b4:ce:45:b3:ef:a8:39:43:
         69:22:3e:18:b0:34:98:c5:9a:b0:d5:01:c2:05:e4:6f:8c:b5:
         f7:37:c8:58:ba:94:e7:39:52:88:09:2a:a9:0a:a3:b7:c0:01:
         aa:b3:aa:fa:e0:ea:26:78:41:1b:d6:94:b7:58:97:54:89:c8:
         ad:b6:19:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLw/FL3RGbdl5jRnzhP0lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUwNjA3MTkwMDIxWhcNMjUwNjA4MTkwMDIxWjAzMTEwLwYDVQQD
EyhmOGJlMzhjOWU1OTQ5ZjcxYzg5ODBlYjE3ODQwMGZkOWIyOGQ0YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOxP6yaW14DnpR/ol7xFyAEZ8CTS
QcfGbp7XA6F4VywaXVsa3J25WwwlT8TVhwhjPULjmmmcjWlgGde/qGeRZrWO3n/1
cY02XIcWtt1YwO97UxANdhHhPtgIVYA7FcD9oLz7j3sZAXR66EHuGvp9frciEfMe
j8iAQliZp2L233SDLb3mw0orKbg3ckmhrGdRPNJZMCPjuf1tZ3sZzhxYZ3PX0FSL
lL5IopMFj8Zdf0y4EnHxBrK9HiYxsFQQBhV2ic7Yq6A0dCUEyz4PbUWeMo/IH1cz
QhWE8v17j+FgDg3XIjQ6YHcwD/WrG+ym1bViwjoQK2PcpUgfeek9e+LSpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPi+OMnllJ9xyJgOsXhAD9myjUoBMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzQNTpcDM
KxjUK+17mFqryv5PAnk92HlpVgDhQIlsSuNeJiJ3aji7kXA9/crbZXXNbqULfdPZ
/bNAZ7dVXoDB/gIZyL9Ob4hl8elDCMUFhFUu9FvJaf51oAyyilh6fIjuXCSLtptE
yqDbpQL5PpaDn3VXUs+e7FNfZp+Fh848LncfokJXDtA3bVyTCwO37k5gbOS5/TQO
n5/uD6MvcyYYGLqNPzCC1+DdarRm479GlVD1rM1dPbfzKtpwJGjK47TORbPvqDlD
aSI+GLA0mMWasNUBwgXkb4y19zfIWLqU5zlSiAkqqQqjt8ABqrOq+uDqJnhBG9aU
t1iXVInIrbYZmQ==
-----END CERTIFICATE-----