Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          6S3IBLOwgDX4WeNt/JhSUcIQI9bD2CcHHfyiMESp6l0=
Subject key identifier:   A2:57:B8:7D:12:D8:D0:EE:17:80:ED:C1:06:CA:85:03:15:3F:05:EC
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       01974F33993D15C7916FBAE1FED6FCF7F925
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          02A6
Signing time:             Sun 08 Jun 2025 11:01:10 +0000
Manifest this update:     Sun 08 Jun 2025 11:01:10 +0000
Manifest next update:     Mon 09 Jun 2025 11:01:10 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: 7xjo7wwzXrAVks57p2Cd91Yxg+yTJ0y6TSgTcO3G7Ag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:33:99:3d:15:c7:91:6f:ba:e1:fe:d6:fc:f7:f9:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Jun  8 11:01:10 2025 GMT
            Not After : Jun  9 11:01:10 2025 GMT
        Subject: CN=a257b87d12d8d0ee1780edc106ca8503153f05ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:50:90:12:e7:75:13:e4:6a:75:04:97:84:41:
                    9c:ab:71:7c:ca:a1:b7:a7:dd:cb:7e:48:e4:7f:c3:
                    fd:6b:e0:bf:7c:5a:50:50:98:5c:47:6f:eb:c6:38:
                    4a:05:f8:cc:d6:29:51:fd:66:49:be:1e:29:89:8b:
                    17:31:0b:ca:f5:f4:9a:7e:e4:30:18:71:5b:77:9f:
                    54:09:d3:c2:d1:f4:d2:22:19:e1:17:09:1e:18:9f:
                    2e:ba:31:6d:b5:ef:2b:42:eb:85:88:d7:20:e6:17:
                    62:ed:ac:ba:5a:ee:0f:b1:e6:94:b0:16:ee:58:18:
                    5c:13:9d:5e:45:e2:12:2f:da:cc:7a:4b:f2:12:a4:
                    2c:e4:85:0c:25:af:78:85:88:a4:00:d2:0b:bf:d4:
                    de:a4:c8:c7:eb:a8:02:92:c8:db:7a:be:09:c4:0e:
                    c2:18:a6:a8:99:a4:d6:ee:ba:bf:4d:ee:30:7d:87:
                    ab:10:fe:4b:be:d6:19:f8:14:f0:5f:c0:18:f1:29:
                    6d:c0:cd:66:0d:cc:20:c9:46:1a:20:6f:79:7f:c3:
                    a6:14:84:17:97:33:8f:45:4b:ae:89:d2:b0:08:55:
                    f0:cc:f4:2b:78:d0:11:7d:5a:30:62:6f:94:0d:21:
                    41:82:72:fd:25:73:a9:97:bc:51:3b:27:74:12:b6:
                    e1:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:57:B8:7D:12:D8:D0:EE:17:80:ED:C1:06:CA:85:03:15:3F:05:EC
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:ea:9f:eb:06:85:57:c7:ec:9d:27:07:a2:79:41:ce:b1:de:
         b1:be:63:a4:52:d3:79:1e:f1:3a:cc:04:4d:08:8d:3f:2b:35:
         fa:a9:fe:28:38:c3:64:ac:bc:a4:05:0e:c8:63:0e:d5:15:f3:
         c3:00:e7:be:d3:0a:1f:ab:07:23:6d:c7:2c:a8:6d:c3:57:c2:
         68:35:fd:c9:79:5f:09:da:18:b6:0f:8f:f0:83:dd:cc:08:97:
         4d:0f:54:19:4c:0e:ff:5d:75:01:ee:0f:dd:8b:df:bd:da:b8:
         c0:07:99:8f:e8:a0:85:1e:dd:5f:dd:13:e1:e7:a1:4a:42:c6:
         76:10:bf:97:4e:2e:9d:5c:ee:4f:57:f7:23:b3:49:d2:c9:bd:
         e2:69:32:44:50:14:8f:76:a1:b2:9b:ea:97:fa:55:80:07:24:
         27:dd:5e:88:a5:0e:59:8c:6b:b1:a5:b8:bc:79:ce:1e:48:18:
         5e:6f:4f:6f:bc:39:0e:59:73:27:fa:d9:8b:60:d1:29:e3:bf:
         29:ae:f8:63:4a:1a:0f:07:55:9d:96:e6:ba:15:9e:75:b8:80:
         01:58:7f:06:2a:84:ad:b5:a2:5b:19:87:25:b8:07:63:ea:15:
         1a:c1:5a:39:17:a8:b1:32:40:48:7a:a3:9c:fe:f4:f2:25:04:
         5b:a2:48:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPM5k9FceRb7rh/tb89/klMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwNjA4MTEwMTEwWhcNMjUwNjA5MTEwMTEwWjAzMTEwLwYDVQQD
EyhhMjU3Yjg3ZDEyZDhkMGVlMTc4MGVkYzEwNmNhODUwMzE1M2YwNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1CQEud1E+RqdQSXhEGcq3F8yqG3
p93Lfkjkf8P9a+C/fFpQUJhcR2/rxjhKBfjM1ilR/WZJvh4piYsXMQvK9fSafuQw
GHFbd59UCdPC0fTSIhnhFwkeGJ8uujFtte8rQuuFiNcg5hdi7ay6Wu4PseaUsBbu
WBhcE51eReISL9rMekvyEqQs5IUMJa94hYikANILv9TepMjH66gCksjber4JxA7C
GKaomaTW7rq/Te4wfYerEP5LvtYZ+BTwX8AY8SltwM1mDcwgyUYaIG95f8OmFIQX
lzOPRUuuidKwCFXwzPQreNARfVowYm+UDSFBgnL9JXOpl7xROyd0Erbh8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJXuH0S2NDuF4DtwQbKhQMVPwXsMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOqf6waF
V8fsnScHonlBzrHesb5jpFLTeR7xOswETQiNPys1+qn+KDjDZKy8pAUOyGMO1RXz
wwDnvtMKH6sHI23HLKhtw1fCaDX9yXlfCdoYtg+P8IPdzAiXTQ9UGUwO/111Ae4P
3Yvfvdq4wAeZj+ighR7dX90T4eehSkLGdhC/l04unVzuT1f3I7NJ0sm94mkyRFAU
j3ahspvql/pVgAckJ91eiKUOWYxrsaW4vHnOHkgYXm9Pb7w5DllzJ/rZi2DRKeO/
Ka74Y0oaDwdVnZbmuhWedbiAAVh/BiqErbWiWxmHJbgHY+oVGsFaOReosTJASHqj
nP708iUEW6JIvQ==
-----END CERTIFICATE-----