Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          E9jz4GS+vT/eK85rkcS7EX68Ok1p3bXjaQuvnMeq4xQ=
Subject key identifier:   3C:14:5B:1F:11:56:6F:D0:D0:46:8E:CE:82:C8:2A:3E:F6:CC:0C:C8
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       019749D5D208B2352B2D44AC3CBFF49E6DC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          064E
Signing time:             Sat 07 Jun 2025 10:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:39 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: jVV1xJMfH6vhxL/iScLvW5oj/K5hJ+5gLlzzcic10OI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:d2:08:b2:35:2b:2d:44:ac:3c:bf:f4:9e:6d:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Jun  7 10:00:39 2025 GMT
            Not After : Jun  8 10:00:39 2025 GMT
        Subject: CN=3c145b1f11566fd0d0468ece82c82a3ef6cc0cc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:98:71:7c:60:fd:65:91:22:fa:0f:5b:83:7b:
                    9d:9c:7d:98:e3:15:cf:30:e0:bd:df:3e:cb:49:19:
                    24:20:86:1d:b2:60:34:04:49:26:22:99:5c:48:38:
                    66:15:08:48:0f:c4:ad:75:0b:0c:32:f6:a6:d8:cf:
                    5d:01:af:d8:15:fd:63:29:d4:bf:74:78:57:d5:95:
                    5f:10:02:62:23:75:56:fd:2d:ab:4c:c1:bf:df:be:
                    aa:5f:31:80:b8:0a:a9:f8:aa:8a:fa:b5:4d:81:66:
                    60:01:15:e7:9d:a4:35:fd:ba:9a:43:85:e3:c9:25:
                    f6:24:df:95:81:69:83:bd:c7:70:1d:11:5f:66:dd:
                    0e:a8:32:ff:fc:f9:4f:c9:6b:1c:73:fa:a0:fd:1b:
                    41:94:f1:4d:a7:d2:2a:27:0c:0d:3b:5a:65:55:5b:
                    d4:07:eb:73:2c:57:6b:3a:20:db:e8:b2:84:6b:f6:
                    b9:86:9b:ea:c8:bc:3b:cb:80:cb:7d:47:a7:94:80:
                    1c:c1:44:d9:6d:2f:a5:c7:80:f3:59:e7:46:dd:8e:
                    3b:08:af:d8:b3:7d:9b:fc:81:54:8e:6c:10:69:3b:
                    eb:fd:53:9f:71:ce:2f:1d:d4:c8:42:df:23:c8:e4:
                    0b:0f:ca:23:0e:5c:53:79:0f:2a:72:37:4b:6b:cd:
                    dd:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:14:5B:1F:11:56:6F:D0:D0:46:8E:CE:82:C8:2A:3E:F6:CC:0C:C8
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:43:05:22:bf:f1:32:f1:2b:7c:15:bf:7f:b4:26:2b:8c:d1:
         aa:15:be:37:93:12:97:cc:c1:fb:50:87:cb:85:f9:a3:6e:14:
         ed:3f:56:81:5e:fc:a7:46:52:c5:25:9c:7a:a0:d0:bc:85:37:
         29:49:46:ee:4b:fb:c0:ee:18:50:ac:78:ae:7b:5a:c5:03:ad:
         4b:1b:7a:df:39:93:0c:4a:27:a8:e9:6f:9d:cf:b2:0d:c1:20:
         7f:26:96:ac:81:34:d2:d2:21:95:63:77:40:b6:ac:bd:e3:ce:
         d2:f6:4d:8e:a0:47:f6:4e:5f:28:ed:d0:1c:4e:9c:d3:b6:6c:
         c3:0a:d8:d7:09:20:c0:6f:11:df:f1:e2:f1:84:cd:9b:12:0e:
         1b:d1:34:67:1c:c9:55:13:d7:a4:8c:6e:d4:90:5a:92:a6:bc:
         67:5b:6a:7b:ba:75:cd:d6:24:68:25:cd:fa:69:2e:09:8f:da:
         12:7e:c7:95:ad:ca:8d:34:52:17:ab:2a:dd:12:24:14:e3:01:
         6f:a8:73:05:42:00:12:a4:17:4e:31:21:fa:98:d0:a8:a5:47:
         c2:36:0f:0a:9c:f6:15:2e:4c:1a:fc:49:db:2b:f3:8a:99:76:
         23:ba:02:c8:3d:a8:52:ed:72:e3:c8:a6:47:cf:a8:44:9e:61:
         aa:f0:ff:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1dIIsjUrLUSsPL/0nm3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjUwNjA3MTAwMDM5WhcNMjUwNjA4MTAwMDM5WjAzMTEwLwYDVQQD
EygzYzE0NWIxZjExNTY2ZmQwZDA0NjhlY2U4MmM4MmEzZWY2Y2MwY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5hxfGD9ZZEi+g9bg3udnH2Y4xXP
MOC93z7LSRkkIIYdsmA0BEkmIplcSDhmFQhID8StdQsMMvam2M9dAa/YFf1jKdS/
dHhX1ZVfEAJiI3VW/S2rTMG/376qXzGAuAqp+KqK+rVNgWZgARXnnaQ1/bqaQ4Xj
ySX2JN+VgWmDvcdwHRFfZt0OqDL//PlPyWscc/qg/RtBlPFNp9IqJwwNO1plVVvU
B+tzLFdrOiDb6LKEa/a5hpvqyLw7y4DLfUenlIAcwUTZbS+lx4DzWedG3Y47CK/Y
s32b/IFUjmwQaTvr/VOfcc4vHdTIQt8jyOQLD8ojDlxTeQ8qcjdLa83dfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwUWx8RVm/Q0EaOzoLIKj72zAzIMB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0MFIr/x
MvErfBW/f7QmK4zRqhW+N5MSl8zB+1CHy4X5o24U7T9WgV78p0ZSxSWceqDQvIU3
KUlG7kv7wO4YUKx4rntaxQOtSxt63zmTDEonqOlvnc+yDcEgfyaWrIE00tIhlWN3
QLasvePO0vZNjqBH9k5fKO3QHE6c07ZswwrY1wkgwG8R3/Hi8YTNmxIOG9E0ZxzJ
VRPXpIxu1JBakqa8Z1tqe7p1zdYkaCXN+mkuCY/aEn7Hla3KjTRSF6sq3RIkFOMB
b6hzBUIAEqQXTjEh+pjQqKVHwjYPCpz2FS5MGvxJ2yvzipl2I7oCyD2oUu1y48im
R8+oRJ5hqvD/8w==
-----END CERTIFICATE-----