Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
File:                     xbqElpIUKuxW19DdyN1N20HPg8E.mft (raw, json)
Hash identifier:          nvxSX6ZkyEF/4kM4vtVUB97o6RVhhw4rHNpYmv8aMZ4=
Subject key identifier:   D6:D1:DA:FE:A2:EC:CC:D3:F8:0F:F3:61:4A:29:8B:58:53:3D:37:02
Authority key identifier: C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1
Certificate issuer:       /CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
Certificate serial:       019748FAA6608C62E6F7EDFBC7DFD713523B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
Manifest number:          0E7C
Signing time:             Sat 07 Jun 2025 06:01:15 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:15 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:15 +0000
Files and hashes:         1: xbqElpIUKuxW19DdyN1N20HPg8E.crl (hash: vbENWiwJiuATgiNDslBs/LfLlFJW1Wh0B50Lv+yg+LQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:a6:60:8c:62:e6:f7:ed:fb:c7:df:d7:13:52:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
        Validity
            Not Before: Jun  7 06:01:15 2025 GMT
            Not After : Jun  8 06:01:15 2025 GMT
        Subject: CN=d6d1dafea2ecccd3f80ff3614a298b58533d3702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:eb:71:44:5b:9b:01:e3:d4:c7:6d:1c:f2:62:
                    a8:39:76:90:ea:69:50:1b:27:d9:b9:c7:93:0b:8f:
                    5d:0c:d3:6b:ec:3b:5c:6a:72:e0:e0:71:85:14:bc:
                    8e:3a:b1:be:52:73:4d:b4:97:87:3e:71:91:e3:9c:
                    92:94:54:1d:4c:7c:e4:99:8a:fb:7f:8f:be:d8:7a:
                    69:df:74:ab:1b:b0:24:99:a3:4d:62:01:1d:15:85:
                    6d:57:63:d5:cb:cf:dd:96:05:ef:43:82:e1:8e:ba:
                    b0:e0:78:c4:0a:c3:a7:03:6b:f8:87:d1:17:b1:89:
                    5a:ec:94:b6:70:77:7f:10:5c:06:7f:a8:35:13:b8:
                    d8:89:eb:fe:64:bc:b8:b1:5a:ab:be:0f:fb:a4:29:
                    c9:7e:e5:31:e5:af:43:e4:3f:e5:35:be:09:4f:6a:
                    28:25:9f:a2:8b:42:44:f9:22:e6:40:b3:7d:5a:7d:
                    f6:f4:6e:8e:00:65:21:b6:00:6d:fb:68:b0:f0:0d:
                    13:3f:13:1b:ba:f2:f1:3b:e1:93:d5:4b:64:f4:03:
                    f4:c2:c7:4b:a5:7a:45:a5:ec:b4:01:2f:d0:c5:7e:
                    57:f8:03:1f:27:af:6b:19:9a:8d:94:a3:9d:69:60:
                    c7:73:64:06:28:c5:96:8c:db:11:e1:0c:08:e5:bb:
                    05:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D1:DA:FE:A2:EC:CC:D3:F8:0F:F3:61:4A:29:8B:58:53:3D:37:02
            X509v3 Authority Key Identifier:
                keyid:C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:03:b2:8f:9c:fe:30:7b:d1:65:ac:c0:bf:ac:a8:57:7d:cb:
         95:f6:26:c9:6f:1a:20:ab:f2:f7:fa:d5:39:93:ca:19:75:4f:
         1e:25:56:7f:72:2c:84:71:3d:22:06:3e:ba:ee:81:64:4a:c7:
         09:52:64:91:c3:d9:4d:91:fa:9a:12:ee:08:2d:4e:8a:e9:a2:
         f7:d3:53:16:69:9b:38:e4:c2:ed:54:e4:80:79:e4:ad:61:1b:
         6a:45:86:d5:83:28:2a:87:29:36:26:46:4e:7c:8b:3c:b7:ce:
         b0:7f:0a:97:8f:58:1a:3e:ec:aa:00:2a:b2:6e:13:5f:ed:e2:
         6f:64:3f:2e:3a:30:31:f3:b6:d2:2a:36:73:08:6b:3a:47:57:
         df:57:54:93:5f:c9:f9:9f:3f:b2:fa:ca:f9:4c:d3:49:7d:19:
         21:40:fe:f8:39:ff:bf:c1:69:6e:95:18:66:bc:a4:8b:75:7d:
         85:ab:47:f0:6c:c0:22:d5:3f:92:b6:33:93:e0:db:e8:2e:35:
         73:c8:9c:7f:e0:94:7b:96:b6:ea:fb:ac:8c:73:ce:6a:44:56:
         e2:cb:4f:fd:2a:8b:db:39:12:0d:c9:75:21:4d:92:64:0a:19:
         ef:e6:53:7c:29:ce:3b:93:53:8f:cd:b3:a1:88:c2:9d:54:16:
         7f:54:20:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+qZgjGLm9+37x9/XE1I7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmE4NDk2OTIxNDJhZWM1NmQ3ZDBkZGM4ZGQ0ZGRiNDFj
ZjgzYzEwHhcNMjUwNjA3MDYwMTE1WhcNMjUwNjA4MDYwMTE1WjAzMTEwLwYDVQQD
EyhkNmQxZGFmZWEyZWNjY2QzZjgwZmYzNjE0YTI5OGI1ODUzM2QzNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0utxRFubAePUx20c8mKoOXaQ6mlQ
GyfZuceTC49dDNNr7DtcanLg4HGFFLyOOrG+UnNNtJeHPnGR45ySlFQdTHzkmYr7
f4++2Hpp33SrG7AkmaNNYgEdFYVtV2PVy8/dlgXvQ4Lhjrqw4HjECsOnA2v4h9EX
sYla7JS2cHd/EFwGf6g1E7jYiev+ZLy4sVqrvg/7pCnJfuUx5a9D5D/lNb4JT2oo
JZ+ii0JE+SLmQLN9Wn329G6OAGUhtgBt+2iw8A0TPxMbuvLxO+GT1Utk9AP0wsdL
pXpFpey0AS/QxX5X+AMfJ69rGZqNlKOdaWDHc2QGKMWWjNsR4QwI5bsFawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbR2v6i7MzT+A/zYUopi1hTPTcCMB8GA1UdIwQY
MBaAFMW6hJaSFCrsVtfQ3cjdTdtBz4PBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgt
MjM3OTdhZWFiYjBmLzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgtMjM3OTdhZWFiYjBm
LzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAOyj5z+
MHvRZazAv6yoV33LlfYmyW8aIKvy9/rVOZPKGXVPHiVWf3IshHE9IgY+uu6BZErH
CVJkkcPZTZH6mhLuCC1Oiumi99NTFmmbOOTC7VTkgHnkrWEbakWG1YMoKocpNiZG
TnyLPLfOsH8Kl49YGj7sqgAqsm4TX+3ib2Q/LjowMfO20io2cwhrOkdX31dUk1/J
+Z8/svrK+UzTSX0ZIUD++Dn/v8FpbpUYZryki3V9hatH8GzAItU/krYzk+Db6C41
c8icf+CUe5a26vusjHPOakRW4stP/SqL2zkSDcl1IU2SZAoZ7+ZTfCnOO5NTj82z
oYjCnVQWf1QgSA==
-----END CERTIFICATE-----