Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          Qx37Jc20Nrn9YvOxsSD/IFwDHBGnYLg987QYSlzg4QA=
Subject key identifier:   91:90:F9:E1:02:57:03:12:F6:73:63:E7:67:ED:92:93:D1:CA:63:AC
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       01974D7C107DC5B51C04FEF4345D353F1600
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          157A
Signing time:             Sun 08 Jun 2025 03:01:05 +0000
Manifest this update:     Sun 08 Jun 2025 03:01:05 +0000
Manifest next update:     Mon 09 Jun 2025 03:01:05 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: kxIi7rwAHnnCTu/UOZMYGX+egwGPEgm825QPWHTjRCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:7c:10:7d:c5:b5:1c:04:fe:f4:34:5d:35:3f:16:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Jun  8 03:01:05 2025 GMT
            Not After : Jun  9 03:01:05 2025 GMT
        Subject: CN=9190f9e102570312f67363e767ed9293d1ca63ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:0a:b2:c1:dc:2c:9f:c8:df:be:95:a0:89:0a:
                    97:86:d4:d1:3e:11:1c:99:fd:64:c7:1c:6b:66:34:
                    ee:b6:fe:1c:96:80:e8:a0:52:3a:32:af:62:90:97:
                    1e:5b:de:f1:3f:55:89:f8:17:b4:b6:72:9a:74:2e:
                    d3:7a:14:0c:8d:20:97:4f:a1:8b:ed:ec:2c:65:ca:
                    f7:32:8e:1f:23:78:d7:37:1a:eb:32:8e:f7:cd:59:
                    93:96:81:25:3f:01:8f:92:53:57:92:61:27:9d:fd:
                    6e:e6:28:59:a5:d2:1b:64:76:b5:9e:68:3c:e9:00:
                    87:29:8e:2f:f5:7e:11:4f:77:37:07:bf:df:d7:05:
                    a7:59:23:98:2c:3e:96:a7:68:03:2f:da:ad:76:24:
                    0d:20:8d:12:1b:4d:9d:d7:9f:b0:86:ff:d3:51:cf:
                    ef:ac:89:f4:2f:9b:9e:21:39:21:0f:92:46:93:29:
                    4b:08:03:3d:52:af:e8:75:06:77:72:d1:e5:94:6d:
                    74:47:cd:c3:42:b1:49:08:a5:b4:db:c4:59:5c:8d:
                    b6:75:5b:d5:d2:82:cc:ab:f4:a1:38:68:f8:dd:39:
                    ca:96:c1:e5:8a:00:33:89:0e:39:2f:c3:85:e1:9c:
                    92:b8:37:f4:ba:71:7e:99:45:05:eb:32:1b:f2:c9:
                    d6:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:90:F9:E1:02:57:03:12:F6:73:63:E7:67:ED:92:93:D1:CA:63:AC
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:42:08:63:b2:00:40:39:69:77:44:8b:ff:85:82:92:f2:63:
         b0:27:9f:0d:fd:21:8f:cf:69:d5:30:cd:23:b2:85:a8:41:f2:
         95:5c:3e:81:fd:28:ec:72:a9:40:57:2a:ea:b4:30:71:1c:c8:
         25:ce:b5:4e:c5:32:b7:db:d0:6e:3b:23:a8:da:fc:e9:36:08:
         82:a2:9b:c0:51:fc:98:da:07:01:29:ea:a5:bb:5d:a3:c9:0b:
         cc:57:c8:4c:5b:4e:32:68:41:28:b6:ca:ee:c0:68:9f:d9:98:
         ba:37:f1:5e:e2:9e:e8:c2:9f:2b:94:e5:bf:b8:3b:47:56:05:
         f0:35:85:65:37:2f:a3:1a:b0:b7:8f:98:40:e1:fe:78:78:e5:
         07:4c:f8:80:59:c9:13:97:49:9d:08:3b:a8:25:23:4b:0b:db:
         43:ed:10:5d:7f:3d:db:4e:b6:b1:31:d7:34:86:8c:0b:59:77:
         3e:8a:a6:1c:b3:4f:53:84:33:34:06:1b:a0:d0:2e:05:ec:7e:
         d4:2a:52:7d:40:96:7e:60:da:99:ba:01:f3:c1:22:a9:43:b4:
         14:3f:ce:7d:e0:9d:bd:21:5c:90:2d:69:e5:30:2d:52:3e:b6:
         32:c3:7f:b5:06:d0:ad:c8:21:44:57:a4:6d:c2:ce:03:98:4c:
         00:4b:af:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNfBB9xbUcBP70NF01PxYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUwNjA4MDMwMTA1WhcNMjUwNjA5MDMwMTA1WjAzMTEwLwYDVQQD
Eyg5MTkwZjllMTAyNTcwMzEyZjY3MzYzZTc2N2VkOTI5M2QxY2E2M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgqywdwsn8jfvpWgiQqXhtTRPhEc
mf1kxxxrZjTutv4cloDooFI6Mq9ikJceW97xP1WJ+Be0tnKadC7TehQMjSCXT6GL
7ewsZcr3Mo4fI3jXNxrrMo73zVmTloElPwGPklNXkmEnnf1u5ihZpdIbZHa1nmg8
6QCHKY4v9X4RT3c3B7/f1wWnWSOYLD6Wp2gDL9qtdiQNII0SG02d15+whv/TUc/v
rIn0L5ueITkhD5JGkylLCAM9Uq/odQZ3ctHllG10R83DQrFJCKW028RZXI22dVvV
0oLMq/ShOGj43TnKlsHligAziQ45L8OF4ZySuDf0unF+mUUF6zIb8snWfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGQ+eECVwMS9nNj52ftkpPRymOsMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk0IIY7IA
QDlpd0SL/4WCkvJjsCefDf0hj89p1TDNI7KFqEHylVw+gf0o7HKpQFcq6rQwcRzI
Jc61TsUyt9vQbjsjqNr86TYIgqKbwFH8mNoHASnqpbtdo8kLzFfITFtOMmhBKLbK
7sBon9mYujfxXuKe6MKfK5Tlv7g7R1YF8DWFZTcvoxqwt4+YQOH+eHjlB0z4gFnJ
E5dJnQg7qCUjSwvbQ+0QXX892062sTHXNIaMC1l3PoqmHLNPU4QzNAYboNAuBex+
1CpSfUCWfmDamboB88EiqUO0FD/OfeCdvSFckC1p5TAtUj62MsN/tQbQrcghRFek
bcLOA5hMAEuvkw==
-----END CERTIFICATE-----