Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          R/AkXO8goFwNZYvfdJ8oB19Xa+L4CfqKCsZ4uUmR9lE=
Subject key identifier:   2A:AA:F9:B0:91:59:3F:E9:A6:99:F1:CB:9D:F4:A1:E1:76:0B:ED:9A
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       01974CD7996A924E3A46B5A67687702D3970
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          12EF
Signing time:             Sun 08 Jun 2025 00:01:27 +0000
Manifest this update:     Sun 08 Jun 2025 00:01:27 +0000
Manifest next update:     Mon 09 Jun 2025 00:01:27 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: zoUx5yHgfRaVMQMIbuLDyaPg2NUChPSBGdZPEJxUafY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:99:6a:92:4e:3a:46:b5:a6:76:87:70:2d:39:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Jun  8 00:01:27 2025 GMT
            Not After : Jun  9 00:01:27 2025 GMT
        Subject: CN=2aaaf9b091593fe9a699f1cb9df4a1e1760bed9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3b:c1:35:82:93:09:75:e8:d9:ed:41:58:af:
                    a2:87:fb:c2:48:6d:3a:88:02:44:a0:bf:d3:3f:24:
                    ed:36:43:fe:d6:e1:49:d1:e1:2d:7c:34:f1:71:bf:
                    10:59:a6:29:35:79:83:a3:88:4a:47:bb:86:ba:36:
                    fe:fc:8e:a3:c0:d6:44:ed:77:99:03:2f:2f:c2:7b:
                    45:35:d2:80:c1:d1:40:20:a1:ad:ca:7b:09:21:fd:
                    9d:c6:fb:d1:37:ca:1c:66:77:85:56:8c:09:3a:12:
                    7d:54:a5:20:44:76:77:64:05:41:01:8a:ca:4e:48:
                    3e:92:18:23:78:d5:d9:6f:77:8a:61:b9:6e:ea:dc:
                    21:c8:31:0d:bd:73:ae:1f:58:26:d7:b3:49:48:7c:
                    3d:ff:53:ec:6f:d1:ce:91:6e:ac:40:e0:93:de:1b:
                    df:47:9f:cb:15:1e:b9:84:5c:68:ca:d4:e8:87:23:
                    39:a8:c8:62:f0:81:89:04:41:63:d8:28:4e:af:b6:
                    d7:e7:92:cb:15:28:42:1e:f0:bd:7c:47:a8:60:ba:
                    60:6e:12:2d:03:78:5e:96:0e:8f:3f:99:51:1e:fe:
                    74:08:7b:00:30:d1:cb:60:e5:c0:85:e3:49:83:ab:
                    ec:0f:40:67:80:80:db:5b:3e:47:e8:55:65:a7:6f:
                    3a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:AA:F9:B0:91:59:3F:E9:A6:99:F1:CB:9D:F4:A1:E1:76:0B:ED:9A
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:7d:37:ae:06:41:4c:10:ae:4c:8c:e5:10:33:a6:96:2c:06:
         92:3f:ea:e3:7a:ee:f5:a9:cf:a2:38:84:3c:88:2b:a0:25:d9:
         8e:58:6d:27:a8:de:66:3a:15:21:c8:70:c4:40:ab:a0:eb:8d:
         b4:6b:13:ac:a0:a4:28:9f:dd:b3:b5:fa:cb:6f:c4:63:46:21:
         b0:e2:0d:8b:6d:e7:f7:f1:8d:20:a9:e6:8e:2b:0e:ce:eb:67:
         a5:72:e7:cc:e7:b4:3d:55:9e:7c:aa:ba:53:63:1a:79:07:fe:
         05:4b:06:af:6b:eb:f4:93:5d:8e:d6:49:86:58:7d:7d:c0:f5:
         4e:79:e9:d8:c8:27:0b:98:d0:e8:35:3b:f7:6d:b4:62:17:a9:
         3c:c6:c1:5a:27:d0:f1:95:5f:eb:37:1e:77:da:57:1c:1e:a5:
         50:7f:3b:d7:d1:d6:d4:ec:01:e7:03:79:d2:0a:1c:d6:a5:a4:
         5f:64:4c:ff:89:dd:4c:ae:33:90:b2:ac:91:28:1a:59:bc:6b:
         89:da:d0:fd:e6:93:48:c4:d3:6b:f2:87:c6:8c:66:37:fe:76:
         4c:0b:2f:2d:2f:d9:a7:2d:77:d2:72:2b:a6:d4:0b:fe:4b:e9:
         5e:18:3f:fa:b3:2f:80:91:5a:3e:7e:2d:f9:7d:77:de:fd:99:
         ef:9e:15:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM15lqkk46RrWmdodwLTlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjUwNjA4MDAwMTI3WhcNMjUwNjA5MDAwMTI3WjAzMTEwLwYDVQQD
EygyYWFhZjliMDkxNTkzZmU5YTY5OWYxY2I5ZGY0YTFlMTc2MGJlZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzvBNYKTCXXo2e1BWK+ih/vCSG06
iAJEoL/TPyTtNkP+1uFJ0eEtfDTxcb8QWaYpNXmDo4hKR7uGujb+/I6jwNZE7XeZ
Ay8vwntFNdKAwdFAIKGtynsJIf2dxvvRN8ocZneFVowJOhJ9VKUgRHZ3ZAVBAYrK
Tkg+khgjeNXZb3eKYblu6twhyDENvXOuH1gm17NJSHw9/1Psb9HOkW6sQOCT3hvf
R5/LFR65hFxoytTohyM5qMhi8IGJBEFj2ChOr7bX55LLFShCHvC9fEeoYLpgbhIt
A3helg6PP5lRHv50CHsAMNHLYOXAheNJg6vsD0BngIDbWz5H6FVlp286uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqq+bCRWT/pppnxy530oeF2C+2aMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYn03rgZB
TBCuTIzlEDOmliwGkj/q43ru9anPojiEPIgroCXZjlhtJ6jeZjoVIchwxECroOuN
tGsTrKCkKJ/ds7X6y2/EY0YhsOINi23n9/GNIKnmjisOzutnpXLnzOe0PVWefKq6
U2MaeQf+BUsGr2vr9JNdjtZJhlh9fcD1Tnnp2MgnC5jQ6DU79220YhepPMbBWifQ
8ZVf6zced9pXHB6lUH8719HW1OwB5wN50goc1qWkX2RM/4ndTK4zkLKskSgaWbxr
idrQ/eaTSMTTa/KHxoxmN/52TAsvLS/Zpy130nIrptQL/kvpXhg/+rMvgJFaPn4t
+X133v2Z754V0w==
-----END CERTIFICATE-----