Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
File:                     xRlGjFXmvnFcDagFzvta7IXTKSY.mft (raw, json)
Hash identifier:          Yoq1Pr+swPpTAubjOh0XhMg1QC4iDf+j9f4tYbYV3xg=
Subject key identifier:   C8:9B:7F:B6:C8:03:CD:F1:32:33:D0:36:A7:A6:6A:99:E9:D1:E8:81
Authority key identifier: C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26
Certificate issuer:       /CN=c519468c55e6be715c0da805cefb5aec85d32926
Certificate serial:       01974A7AC55FA5722692AD0492E54D10A414
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
Manifest number:          0E76
Signing time:             Sat 07 Jun 2025 13:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:49 +0000
Files and hashes:         1: xRlGjFXmvnFcDagFzvta7IXTKSY.crl (hash: T44IldUHMr92ETOlULFVzKQ3073xrDtwwbwxCWMM2Wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:c5:5f:a5:72:26:92:ad:04:92:e5:4d:10:a4:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c519468c55e6be715c0da805cefb5aec85d32926
        Validity
            Not Before: Jun  7 13:00:49 2025 GMT
            Not After : Jun  8 13:00:49 2025 GMT
        Subject: CN=c89b7fb6c803cdf13233d036a7a66a99e9d1e881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e0:92:4d:1a:de:1f:77:18:ac:24:92:ff:51:
                    10:85:f9:49:f4:9f:72:87:43:99:f2:6d:41:bc:9b:
                    df:b3:3e:d4:7d:56:9b:e9:2e:4b:6e:15:6c:20:eb:
                    e0:ca:87:ff:d0:ea:b6:33:bd:e2:ce:d8:ad:62:6e:
                    dd:8a:74:25:f8:c2:59:2c:09:9e:59:30:7e:fa:38:
                    1a:a1:1c:38:c3:02:2a:41:75:c0:96:d9:ea:2a:4a:
                    8d:0f:0c:06:77:56:26:41:bc:51:65:35:b3:ea:c6:
                    db:a0:9c:f3:87:d1:e5:62:95:b7:43:f7:d5:d8:6c:
                    bf:f2:25:40:f3:3d:64:03:f6:e7:03:18:13:a2:5d:
                    4b:92:f2:16:3b:80:c1:6d:c7:36:56:9d:24:ce:39:
                    cc:a5:8c:8f:7a:fb:36:c6:3d:5a:96:96:91:86:16:
                    d7:ac:9e:55:67:c7:33:b0:02:03:65:93:6a:7c:2a:
                    90:5a:6a:cc:47:1e:40:03:86:56:b9:c4:21:44:fd:
                    84:66:a0:00:43:1a:86:fc:8f:6b:a8:4e:4d:47:3f:
                    3c:9a:84:ac:95:ef:39:27:57:7e:37:f8:cf:ea:a0:
                    64:2e:b2:10:d8:40:c2:57:fa:82:b1:26:9b:0f:39:
                    02:0b:3c:8b:8e:57:99:1e:a3:c2:8f:94:f5:45:38:
                    a6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:9B:7F:B6:C8:03:CD:F1:32:33:D0:36:A7:A6:6A:99:E9:D1:E8:81
            X509v3 Authority Key Identifier:
                keyid:C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:9f:8a:19:4f:c0:7c:53:5c:ba:f4:6b:0f:11:47:2c:76:7b:
         0e:5d:49:0e:05:33:b8:ee:a0:92:6f:d5:fb:39:5e:b8:2d:ec:
         1a:51:74:06:c5:62:0c:e8:0d:10:69:6b:fb:d3:d1:34:6d:5a:
         cd:cb:11:e5:49:77:3d:68:46:d2:e3:80:b6:8f:e1:f8:83:73:
         ed:1e:fc:ad:f1:79:5e:8a:71:60:f8:cc:27:51:a5:76:e1:41:
         aa:3e:48:45:79:d2:8a:63:15:67:69:e5:a4:27:11:86:9a:3b:
         f8:a8:a5:73:63:d1:f0:f9:6a:76:de:c4:e8:d3:2f:ce:24:fa:
         af:7a:e8:49:80:09:9d:1a:4e:a4:bd:b4:56:69:1f:70:d4:3f:
         6c:c2:fd:bb:6d:fc:ee:cb:20:61:e3:62:fc:ce:92:a9:85:63:
         af:69:27:b4:42:1f:0b:dd:bf:ab:eb:aa:1c:eb:b9:bd:f0:9d:
         9c:c2:5a:44:6e:b2:92:4d:42:ee:09:13:dc:ea:7b:3e:87:7a:
         c1:86:56:70:9e:16:ad:e3:39:a0:84:f8:9d:d3:f8:3e:ed:44:
         d0:7b:b5:ad:50:75:bc:f4:63:e4:2f:55:f2:bc:96:d5:65:db:
         8e:bc:6f:10:47:37:63:f2:ac:03:97:ba:dd:2b:79:31:e3:8c:
         58:71:b2:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKesVfpXImkq0EkuVNEKQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTk0NjhjNTVlNmJlNzE1YzBkYTgwNWNlZmI1YWVjODVk
MzI5MjYwHhcNMjUwNjA3MTMwMDQ5WhcNMjUwNjA4MTMwMDQ5WjAzMTEwLwYDVQQD
EyhjODliN2ZiNmM4MDNjZGYxMzIzM2QwMzZhN2E2NmE5OWU5ZDFlODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluCSTRreH3cYrCSS/1EQhflJ9J9y
h0OZ8m1BvJvfsz7UfVab6S5LbhVsIOvgyof/0Oq2M73iztitYm7dinQl+MJZLAme
WTB++jgaoRw4wwIqQXXAltnqKkqNDwwGd1YmQbxRZTWz6sbboJzzh9HlYpW3Q/fV
2Gy/8iVA8z1kA/bnAxgTol1LkvIWO4DBbcc2Vp0kzjnMpYyPevs2xj1alpaRhhbX
rJ5VZ8czsAIDZZNqfCqQWmrMRx5AA4ZWucQhRP2EZqAAQxqG/I9rqE5NRz88moSs
le85J1d+N/jP6qBkLrIQ2EDCV/qCsSabDzkCCzyLjleZHqPCj5T1RTim9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMibf7bIA83xMjPQNqemapnp0eiBMB8GA1UdIwQY
MBaAFMUZRoxV5r5xXA2oBc77WuyF0ykmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2Ut
NmE3MWI4NDRhZDY2LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2UtNmE3MWI4NDRhZDY2
LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJ+KGU/A
fFNcuvRrDxFHLHZ7Dl1JDgUzuO6gkm/V+zleuC3sGlF0BsViDOgNEGlr+9PRNG1a
zcsR5Ul3PWhG0uOAto/h+INz7R78rfF5XopxYPjMJ1GlduFBqj5IRXnSimMVZ2nl
pCcRhpo7+Kilc2PR8Plqdt7E6NMvziT6r3roSYAJnRpOpL20VmkfcNQ/bML9u238
7ssgYeNi/M6SqYVjr2kntEIfC92/q+uqHOu5vfCdnMJaRG6ykk1C7gkT3Op7Pod6
wYZWcJ4WreM5oIT4ndP4Pu1E0Hu1rVB1vPRj5C9V8ryW1WXbjrxvEEc3Y/KsA5e6
3St5MeOMWHGyBA==
-----END CERTIFICATE-----