Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          ncio1rTJb1iZrAZGdY5pdsL3TElS7+CjwzhPcjRdp8g=
Subject key identifier:   26:45:46:11:D4:D6:A5:09:B9:9E:BB:0B:84:F0:AE:29:3D:E6:96:ED
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       01974931269EDDC0CE497612DAE0F2E3B298
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          6A
Signing time:             Sat 07 Jun 2025 07:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:47 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: XUUx96EZ31uI6jTl7Mfw9JOLm+Z+LU4wAsdBUv8bRGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:26:9e:dd:c0:ce:49:76:12:da:e0:f2:e3:b2:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Jun  7 07:00:47 2025 GMT
            Not After : Jun  8 07:00:47 2025 GMT
        Subject: CN=26454611d4d6a509b99ebb0b84f0ae293de696ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b8:33:f9:d7:be:60:64:2e:3a:9c:a9:37:2e:
                    85:f3:96:52:1a:c2:f9:a9:9c:a3:7b:8f:ed:78:cd:
                    29:a0:55:fd:33:61:95:34:eb:87:b6:75:ff:a3:00:
                    23:3b:f3:7b:7a:6c:02:66:6b:c8:65:0b:01:31:35:
                    21:98:4b:cb:92:b3:99:84:a0:a2:37:b8:db:a4:39:
                    55:4c:71:be:a8:c3:51:43:a8:4a:0e:23:40:04:b7:
                    4d:cd:20:8c:d9:6d:87:15:6a:47:d2:1a:73:5f:45:
                    8c:c5:7a:44:93:5e:6a:7b:ab:8a:19:0b:fd:ca:ea:
                    b0:1f:2c:5b:ab:87:bd:bf:5b:95:3c:ab:3f:77:28:
                    f1:65:21:63:32:bc:ee:5d:b6:83:e9:7b:57:fb:52:
                    1b:c9:ed:47:ef:ee:a7:46:04:ed:6e:a3:b8:db:1d:
                    95:85:48:a2:c8:c5:bf:a7:6e:be:1a:9a:1f:df:22:
                    41:07:84:ed:01:78:aa:37:63:73:c1:1f:4c:d7:54:
                    8c:44:c2:34:be:89:fa:c7:63:5d:17:9f:2b:e2:1d:
                    20:23:4b:84:8f:f7:e1:be:dd:af:fb:68:6d:4a:2d:
                    bd:ed:59:a0:15:85:55:24:f6:fd:55:a1:2d:fb:50:
                    dd:8c:0f:ca:10:4e:07:f7:19:02:75:05:08:02:44:
                    f4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:45:46:11:D4:D6:A5:09:B9:9E:BB:0B:84:F0:AE:29:3D:E6:96:ED
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:ab:3e:d1:fb:21:be:52:12:a8:31:d4:38:cd:77:c4:10:70:
         e5:ba:03:01:20:80:f5:5b:50:3f:0d:56:8d:d5:ed:17:7c:dd:
         6c:a8:b2:01:ba:00:54:f2:21:d1:a0:9d:db:a2:7c:0b:6d:70:
         03:8a:b6:47:56:53:e1:7a:de:61:0d:bd:26:be:59:db:4f:ea:
         5d:14:cb:fb:f7:b2:06:e8:6f:3d:65:ff:6e:42:ea:f2:12:4a:
         b2:48:34:c6:cc:3f:44:51:b0:dc:1f:5b:be:4e:26:33:61:90:
         d4:a3:5f:b5:dc:88:b7:b9:49:82:9b:b3:54:68:85:19:b2:ba:
         7c:d5:18:82:4e:20:35:12:15:3e:54:c9:c8:a3:43:b2:83:9d:
         23:dd:e7:b0:4e:f7:1f:7c:3d:98:ec:77:44:9c:8d:03:4a:6d:
         37:cc:da:81:fd:08:f3:e5:96:79:bc:21:0b:ac:2b:08:e0:b8:
         71:62:e1:0e:09:9b:0b:94:53:dc:3e:46:f7:e5:0b:a9:ab:8b:
         31:83:b9:ae:66:08:65:f3:a8:f8:97:6d:a8:e4:23:ff:3f:cf:
         a4:b6:4c:75:13:63:42:50:e6:f0:91:74:56:37:fe:78:62:7d:
         82:7b:10:9f:45:15:d2:e1:9a:1d:26:0d:1e:e1:c1:25:05:85:
         29:f6:43:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMSae3cDOSXYS2uDy47KYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjUwNjA3MDcwMDQ3WhcNMjUwNjA4MDcwMDQ3WjAzMTEwLwYDVQQD
EygyNjQ1NDYxMWQ0ZDZhNTA5Yjk5ZWJiMGI4NGYwYWUyOTNkZTY5NmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrgz+de+YGQuOpypNy6F85ZSGsL5
qZyje4/teM0poFX9M2GVNOuHtnX/owAjO/N7emwCZmvIZQsBMTUhmEvLkrOZhKCi
N7jbpDlVTHG+qMNRQ6hKDiNABLdNzSCM2W2HFWpH0hpzX0WMxXpEk15qe6uKGQv9
yuqwHyxbq4e9v1uVPKs/dyjxZSFjMrzuXbaD6XtX+1Ibye1H7+6nRgTtbqO42x2V
hUiiyMW/p26+Gpof3yJBB4TtAXiqN2NzwR9M11SMRMI0von6x2NdF58r4h0gI0uE
j/fhvt2v+2htSi297VmgFYVVJPb9VaEt+1DdjA/KEE4H9xkCdQUIAkT07QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZFRhHU1qUJuZ67C4Twrik95pbtMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWas+0fsh
vlISqDHUOM13xBBw5boDASCA9VtQPw1WjdXtF3zdbKiyAboAVPIh0aCd26J8C21w
A4q2R1ZT4XreYQ29Jr5Z20/qXRTL+/eyBuhvPWX/bkLq8hJKskg0xsw/RFGw3B9b
vk4mM2GQ1KNftdyIt7lJgpuzVGiFGbK6fNUYgk4gNRIVPlTJyKNDsoOdI93nsE73
H3w9mOx3RJyNA0ptN8zagf0I8+WWebwhC6wrCOC4cWLhDgmbC5RT3D5G9+ULqauL
MYO5rmYIZfOo+JdtqOQj/z/PpLZMdRNjQlDm8JF0Vjf+eGJ9gnsQn0UV0uGaHSYN
HuHBJQWFKfZD5Q==
-----END CERTIFICATE-----