Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
File:                     fXrxi3mJleFLOBNhoGu2aEm36Fo.mft (raw, json)
Hash identifier:          piiOH27PFeAYgIGLGakQTsTgjkTuYPVtWjfPLvSOf5M=
Subject key identifier:   B0:97:7F:CE:B0:C9:8E:AF:D3:72:7A:BF:33:F9:BC:BA:49:07:B9:62
Authority key identifier: 7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A
Certificate issuer:       /CN=7d7af18b798995e14b381361a06bb66849b7e85a
Certificate serial:       01974B1F95DFE443A4B98742979C2CB423BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
Manifest number:          06A8
Signing time:             Sat 07 Jun 2025 16:00:50 +0000
Manifest this update:     Sat 07 Jun 2025 16:00:50 +0000
Manifest next update:     Sun 08 Jun 2025 16:00:50 +0000
Files and hashes:         1: fXrxi3mJleFLOBNhoGu2aEm36Fo.crl (hash: /MQxkocyFoDKgAJSrkd1B6TaNF6IzQQFiz8lQ87Y4NU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 16:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:1f:95:df:e4:43:a4:b9:87:42:97:9c:2c:b4:23:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7af18b798995e14b381361a06bb66849b7e85a
        Validity
            Not Before: Jun  7 16:00:50 2025 GMT
            Not After : Jun  8 16:00:50 2025 GMT
        Subject: CN=b0977fceb0c98eafd3727abf33f9bcba4907b962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:26:5f:45:09:9b:52:61:d1:4a:78:73:94:35:
                    82:ea:ad:4d:86:a6:56:cd:47:47:92:75:0a:a9:5d:
                    04:34:cd:c2:b3:d4:bf:84:86:ab:93:2a:40:79:b9:
                    ef:5b:de:50:ba:33:11:ec:f4:71:d8:4c:47:44:1b:
                    86:e7:a0:cd:27:80:a1:8b:43:dd:1a:c6:99:64:8f:
                    df:59:0b:44:e4:0e:52:b2:4b:8a:13:06:f9:d6:6e:
                    de:7d:09:2e:2f:d6:50:48:80:aa:d3:ea:bf:c7:8a:
                    2e:dc:1d:af:af:6d:03:e5:5a:3b:67:69:e0:8b:5e:
                    35:3c:35:38:87:27:e7:ea:84:7e:3c:88:e3:38:4c:
                    f2:80:08:56:68:ed:23:30:94:41:1e:81:fd:4d:fb:
                    ba:bf:7f:9d:ac:26:b3:8e:c2:cf:6c:cc:f4:f6:01:
                    65:20:fd:5f:23:86:95:ed:06:c2:bb:f2:28:fd:c9:
                    92:f9:44:2e:cd:72:77:61:14:99:01:7c:2c:9c:7d:
                    f4:79:4b:5e:d4:86:71:da:58:9e:22:8e:93:3a:34:
                    ec:fb:ae:c3:35:86:12:ac:89:8f:21:75:8b:c1:46:
                    87:7b:23:1f:4c:c1:f0:68:18:d4:4a:a4:7b:b9:9e:
                    9c:5a:df:ac:a7:8d:2b:be:90:52:d0:d1:31:71:46:
                    43:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:97:7F:CE:B0:C9:8E:AF:D3:72:7A:BF:33:F9:BC:BA:49:07:B9:62
            X509v3 Authority Key Identifier:
                keyid:7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:e9:c8:71:25:82:e7:14:55:05:e3:50:67:4d:5f:e7:57:3b:
         9b:6f:79:8c:8b:2e:b1:a9:85:14:a8:3d:4d:d8:ab:78:52:c4:
         aa:27:32:3b:f1:aa:2e:a4:c5:64:98:76:ab:49:fc:52:e8:6a:
         1b:95:f1:ec:9b:28:7d:b3:70:80:14:7a:85:3d:51:c1:e9:95:
         a5:14:8e:9f:b3:b9:ae:23:76:9d:f3:53:f3:32:f8:dd:16:a9:
         ca:ad:0e:7d:98:c4:1f:50:af:16:f4:be:f5:89:3e:18:2f:5b:
         5c:c1:94:38:6a:b2:e6:83:68:35:42:a1:7f:d5:04:ad:dc:6d:
         5f:77:cb:bd:c5:98:17:8d:bc:06:4a:37:6c:18:a6:87:b1:2d:
         10:c9:b1:7a:c5:be:f8:bd:21:52:f7:1a:1d:0c:55:0d:d7:88:
         c5:bb:bb:c6:45:02:f7:77:8b:b4:48:df:d6:ec:6e:b3:fa:3c:
         9f:4c:e8:00:0e:e1:ef:69:a4:b7:a4:3d:6e:b6:7e:c5:6b:d0:
         e7:af:c2:79:ee:7f:b5:b9:4a:b6:d5:97:fc:1d:de:8f:6f:8f:
         c9:5b:94:e1:ef:a0:45:17:d0:36:01:4d:2f:a1:d6:19:1a:5b:
         12:c9:41:bf:41:92:ac:c7:0d:44:1d:8e:fe:8a:68:76:43:62:
         3f:fe:e2:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLH5Xf5EOkuYdCl5wstCO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2FmMThiNzk4OTk1ZTE0YjM4MTM2MWEwNmJiNjY4NDli
N2U4NWEwHhcNMjUwNjA3MTYwMDUwWhcNMjUwNjA4MTYwMDUwWjAzMTEwLwYDVQQD
EyhiMDk3N2ZjZWIwYzk4ZWFmZDM3MjdhYmYzM2Y5YmNiYTQ5MDdiOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCZfRQmbUmHRSnhzlDWC6q1NhqZW
zUdHknUKqV0ENM3Cs9S/hIarkypAebnvW95QujMR7PRx2ExHRBuG56DNJ4Chi0Pd
GsaZZI/fWQtE5A5SskuKEwb51m7efQkuL9ZQSICq0+q/x4ou3B2vr20D5Vo7Z2ng
i141PDU4hyfn6oR+PIjjOEzygAhWaO0jMJRBHoH9Tfu6v3+drCazjsLPbMz09gFl
IP1fI4aV7QbCu/Io/cmS+UQuzXJ3YRSZAXwsnH30eUte1IZx2lieIo6TOjTs+67D
NYYSrImPIXWLwUaHeyMfTMHwaBjUSqR7uZ6cWt+sp40rvpBS0NExcUZDcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCXf86wyY6v03J6vzP5vLpJB7liMB8GA1UdIwQY
MBaAFH168Yt5iZXhSzgTYaBrtmhJt+haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAt
N2M2MjUyYzVmNDVkLzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAtN2M2MjUyYzVmNDVk
LzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeenIcSWC
5xRVBeNQZ01f51c7m295jIsusamFFKg9TdireFLEqicyO/GqLqTFZJh2q0n8Uuhq
G5Xx7JsofbNwgBR6hT1RwemVpRSOn7O5riN2nfNT8zL43Rapyq0OfZjEH1CvFvS+
9Yk+GC9bXMGUOGqy5oNoNUKhf9UErdxtX3fLvcWYF428Bko3bBimh7EtEMmxesW+
+L0hUvcaHQxVDdeIxbu7xkUC93eLtEjf1uxus/o8n0zoAA7h72mkt6Q9brZ+xWvQ
56/Cee5/tblKttWX/B3ej2+PyVuU4e+gRRfQNgFNL6HWGRpbEslBv0GSrMcNRB2O
/opodkNiP/7iwA==
-----END CERTIFICATE-----