Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
File:                     dWXhJLHEG5OxTX7eBda4B3eYmv0.mft (raw, json)
Hash identifier:          5fAZ/I4g5huIpyGW6TS4H67wx6680rkv/F5vChu3ujg=
Subject key identifier:   1C:21:9E:AE:F5:35:6A:D5:07:2A:EF:AA:5D:9F:18:91:A0:5D:73:A5
Authority key identifier: 75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD
Certificate issuer:       /CN=7565e124b1c41b93b14d7ede05d6b80777989afd
Certificate serial:       01974BC48CD797F1520410A496F8BC32E194
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
Manifest number:          1322
Signing time:             Sat 07 Jun 2025 19:01:01 +0000
Manifest this update:     Sat 07 Jun 2025 19:01:01 +0000
Manifest next update:     Sun 08 Jun 2025 19:01:01 +0000
Files and hashes:         1: dWXhJLHEG5OxTX7eBda4B3eYmv0.crl (hash: B1HyIfOY+Fq4oIeCu02T6W6AOyrmjFGHH8cNQVQ6g8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:8c:d7:97:f1:52:04:10:a4:96:f8:bc:32:e1:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7565e124b1c41b93b14d7ede05d6b80777989afd
        Validity
            Not Before: Jun  7 19:01:01 2025 GMT
            Not After : Jun  8 19:01:01 2025 GMT
        Subject: CN=1c219eaef5356ad5072aefaa5d9f1891a05d73a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:86:4e:d0:83:00:c3:0b:c3:8c:8a:b9:f0:84:
                    96:cd:82:dd:a4:43:cb:3b:dd:85:a6:2d:bf:d1:70:
                    23:6f:8e:37:68:56:c4:6c:2e:27:ab:da:65:0d:b3:
                    19:77:d6:e1:77:86:ab:73:4d:5e:dc:4d:6c:5c:08:
                    28:94:a5:7d:e8:79:25:06:8b:9b:46:56:15:15:ca:
                    78:65:1c:a4:d0:ea:7f:ee:c2:2f:99:d1:d6:44:1f:
                    3d:83:8e:ee:a3:18:5b:b3:12:c0:be:b7:11:69:8c:
                    29:5d:c0:47:da:fd:37:d2:64:e5:d9:05:f0:81:c6:
                    5c:c1:03:ef:18:2e:5b:28:17:37:9b:a5:e1:45:7b:
                    2d:ed:74:14:b5:c6:3d:81:3f:91:9a:5a:a1:5d:5b:
                    3f:81:eb:c8:7a:15:5a:7b:5f:be:02:75:c1:be:5d:
                    2f:4c:c6:60:8f:14:9d:a5:42:db:1a:f7:e4:ea:51:
                    23:61:03:c3:96:4c:da:e7:67:a9:6b:5a:85:d5:55:
                    e5:ff:d6:c5:1a:e1:1b:f2:66:4d:65:7d:4b:36:fd:
                    63:c1:0c:ac:a0:f5:06:f4:2f:78:87:be:db:27:53:
                    d7:91:a8:2a:1e:cb:43:68:cd:db:b0:f1:9d:72:a1:
                    45:d3:04:17:07:92:31:18:ee:42:4a:0b:01:d7:42:
                    49:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:21:9E:AE:F5:35:6A:D5:07:2A:EF:AA:5D:9F:18:91:A0:5D:73:A5
            X509v3 Authority Key Identifier:
                keyid:75:65:E1:24:B1:C4:1B:93:B1:4D:7E:DE:05:D6:B8:07:77:98:9A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dWXhJLHEG5OxTX7eBda4B3eYmv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/96952b-79b8-4e04-bc4a-29e445de2459/1/dWXhJLHEG5OxTX7eBda4B3eYmv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:ca:72:d1:53:8e:2a:7d:7b:cd:a6:1d:89:75:a8:0b:ae:65:
         27:4d:7c:b1:f2:5b:60:99:f8:99:8b:bf:b5:5e:1c:6c:31:e4:
         ef:e3:7b:b7:db:e8:7c:64:58:ef:6b:d5:0b:12:93:ce:9f:e2:
         a8:1c:4d:5a:8f:f5:c7:e0:8a:58:c0:d6:2d:17:f6:a7:4c:c5:
         67:40:85:41:26:57:c2:8a:d7:5f:7c:3b:80:d8:22:20:5c:83:
         38:bc:cf:40:3e:bd:da:8c:06:14:18:1f:0e:8c:1d:9a:c4:0e:
         68:74:b3:76:b8:e4:e6:78:f8:40:a7:be:b5:79:25:a6:d4:6a:
         ae:24:3d:f7:07:d8:55:46:08:1f:55:6e:b1:e3:e4:87:ee:65:
         80:12:06:7d:d8:fe:ac:85:fc:9f:05:9a:7e:18:9f:33:06:01:
         73:57:30:8b:d8:54:f2:d4:6f:2b:e3:c9:68:4d:42:98:dc:ad:
         da:2b:9b:9d:c2:2c:0f:18:65:a6:78:2e:6f:12:8b:e0:f6:88:
         42:8d:7e:1c:f6:84:d7:b5:46:14:8c:fb:47:98:f9:e4:09:94:
         28:7c:29:58:f8:35:8b:f8:7b:8a:71:ca:c3:59:b2:ee:de:79:
         43:4c:90:53:fb:0a:7d:b0:1c:90:bb:a6:6e:e7:0f:2a:e9:75:
         9c:c4:e9:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxIzXl/FSBBCklvi8MuGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NjVlMTI0YjFjNDFiOTNiMTRkN2VkZTA1ZDZiODA3Nzc5
ODlhZmQwHhcNMjUwNjA3MTkwMTAxWhcNMjUwNjA4MTkwMTAxWjAzMTEwLwYDVQQD
EygxYzIxOWVhZWY1MzU2YWQ1MDcyYWVmYWE1ZDlmMTg5MWEwNWQ3M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIZO0IMAwwvDjIq58ISWzYLdpEPL
O92Fpi2/0XAjb443aFbEbC4nq9plDbMZd9bhd4arc01e3E1sXAgolKV96HklBoub
RlYVFcp4ZRyk0Op/7sIvmdHWRB89g47uoxhbsxLAvrcRaYwpXcBH2v030mTl2QXw
gcZcwQPvGC5bKBc3m6XhRXst7XQUtcY9gT+RmlqhXVs/gevIehVae1++AnXBvl0v
TMZgjxSdpULbGvfk6lEjYQPDlkza52epa1qF1VXl/9bFGuEb8mZNZX1LNv1jwQys
oPUG9C94h77bJ1PXkagqHstDaM3bsPGdcqFF0wQXB5IxGO5CSgsB10JJnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwhnq71NWrVByrvql2fGJGgXXOlMB8GA1UdIwQY
MBaAFHVl4SSxxBuTsU1+3gXWuAd3mJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEt
MjllNDQ1ZGUyNDU5LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi85Njk1MmItNzliOC00ZTA0LWJjNGEtMjllNDQ1ZGUyNDU5
LzEvZFdYaEpMSEVHNU94VFg3ZUJkYTRCM2VZbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPspy0VOO
Kn17zaYdiXWoC65lJ018sfJbYJn4mYu/tV4cbDHk7+N7t9vofGRY72vVCxKTzp/i
qBxNWo/1x+CKWMDWLRf2p0zFZ0CFQSZXworXX3w7gNgiIFyDOLzPQD692owGFBgf
DowdmsQOaHSzdrjk5nj4QKe+tXklptRqriQ99wfYVUYIH1VusePkh+5lgBIGfdj+
rIX8nwWafhifMwYBc1cwi9hU8tRvK+PJaE1CmNyt2iubncIsDxhlpngubxKL4PaI
Qo1+HPaE17VGFIz7R5j55AmUKHwpWPg1i/h7inHKw1my7t55Q0yQU/sKfbAckLum
bucPKul1nMTpoA==
-----END CERTIFICATE-----