Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          kSPPGyfDucQuLf4jWZcmaRq92+qcBmwZMSc7qZC8eww=
Subject key identifier:   CC:DA:EC:74:66:C6:D8:C5:91:20:28:98:03:03:D1:1D:B3:5D:B5:2D
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       0197C9F035E08A8D6098F92D974BED5FC3F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          020E
Signing time:             Wed 02 Jul 2025 07:00:52 +0000
Manifest this update:     Wed 02 Jul 2025 07:00:52 +0000
Manifest next update:     Thu 03 Jul 2025 07:00:52 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: lCy4DfgurqW5xIUIR02Umu9WhCWBO2nmDDtg3u6eVXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 07:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:35:e0:8a:8d:60:98:f9:2d:97:4b:ed:5f:c3:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Jul  2 07:00:52 2025 GMT
            Not After : Jul  3 07:00:52 2025 GMT
        Subject: CN=ccdaec7466c6d8c5912028980303d11db35db52d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:25:62:d8:03:a0:9e:ef:49:05:94:27:ea:27:
                    87:a5:bb:9d:14:78:cd:a5:e9:96:6d:28:ec:ef:0b:
                    1f:68:85:9b:78:1a:e5:94:77:b1:8a:bb:31:97:38:
                    97:98:d2:c3:ea:22:ca:1f:4b:89:af:0a:ae:35:c7:
                    41:78:a3:c7:c2:ed:98:d2:05:1d:4e:bb:00:67:97:
                    c5:72:91:39:91:6a:0d:4d:71:fc:93:3c:19:98:14:
                    ff:9b:27:41:e4:9a:05:ee:f3:4f:ef:4c:f7:63:46:
                    f0:4c:32:66:5e:71:28:5a:0e:2e:08:d4:f0:9b:b3:
                    12:06:af:89:52:79:03:52:87:48:d7:af:17:d0:71:
                    7a:c5:82:f7:00:00:b5:ac:50:d9:ac:60:cd:11:54:
                    e0:9f:91:cf:bf:ee:7e:fb:4e:43:86:91:e1:eb:79:
                    f0:7d:27:54:3a:41:3b:34:ef:ce:c3:8d:92:50:ce:
                    93:00:0d:dc:ba:c4:52:b8:0e:12:6e:46:76:2f:f6:
                    cc:06:b8:e3:95:0b:31:91:4c:7e:8a:c0:6d:b4:c2:
                    88:34:60:cf:bc:d1:85:c9:52:28:35:fe:a4:f0:aa:
                    bf:13:42:dd:89:15:10:7a:b3:a9:9c:cd:8d:ba:d7:
                    aa:2e:d8:8c:83:33:5c:8a:56:cb:bd:2d:8b:b0:23:
                    46:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:DA:EC:74:66:C6:D8:C5:91:20:28:98:03:03:D1:1D:B3:5D:B5:2D
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:74:8c:29:08:65:9a:e9:a9:3d:88:f6:18:12:12:f4:48:fd:
         19:b8:ab:c6:f4:97:9e:41:8e:aa:88:cd:ed:47:30:d0:fc:a7:
         0a:b1:a2:ed:aa:1c:6f:f2:80:de:7e:2e:9e:ad:83:99:a4:1d:
         39:fa:15:8b:4d:e5:4c:25:66:7a:0f:6e:52:2e:bb:82:67:20:
         85:52:75:90:60:46:e8:aa:e6:6d:28:e0:cb:ab:8e:c6:18:65:
         d1:e5:a0:bc:ae:76:f8:1d:52:3d:ad:98:73:18:71:d3:49:66:
         b1:18:20:e0:c0:a7:b4:07:ce:8d:e5:d6:2d:c5:0e:97:7d:83:
         ee:96:9c:cd:b4:51:0e:e8:a0:46:6c:84:65:b9:d9:60:de:9f:
         db:2c:a3:11:04:ce:85:5f:8a:e9:96:70:94:7b:7d:80:80:39:
         0f:9e:da:74:cc:43:9d:d8:6f:70:b5:dc:4b:35:12:c0:a4:7c:
         01:94:fa:f9:02:b1:77:21:f2:ca:d2:58:25:4e:cc:c3:16:66:
         7d:3e:43:36:cd:d0:1c:c9:08:bb:c5:d0:9b:6a:81:36:8c:6e:
         d6:bf:c3:b2:9e:c3:e9:7d:16:37:29:8a:be:a4:30:27:b9:ac:
         9d:03:32:d7:97:98:76:3c:7c:25:88:80:9d:dd:03:d1:cf:26:
         13:17:9a:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8DXgio1gmPktl0vtX8PwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjUwNzAyMDcwMDUyWhcNMjUwNzAzMDcwMDUyWjAzMTEwLwYDVQQD
EyhjY2RhZWM3NDY2YzZkOGM1OTEyMDI4OTgwMzAzZDExZGIzNWRiNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCVi2AOgnu9JBZQn6ieHpbudFHjN
pemWbSjs7wsfaIWbeBrllHexirsxlziXmNLD6iLKH0uJrwquNcdBeKPHwu2Y0gUd
TrsAZ5fFcpE5kWoNTXH8kzwZmBT/mydB5JoF7vNP70z3Y0bwTDJmXnEoWg4uCNTw
m7MSBq+JUnkDUodI168X0HF6xYL3AAC1rFDZrGDNEVTgn5HPv+5++05DhpHh63nw
fSdUOkE7NO/Ow42SUM6TAA3cusRSuA4SbkZ2L/bMBrjjlQsxkUx+isBttMKINGDP
vNGFyVIoNf6k8Kq/E0LdiRUQerOpnM2NuteqLtiMgzNcilbLvS2LsCNGIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMza7HRmxtjFkSAomAMD0R2zXbUtMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknSMKQhl
mumpPYj2GBIS9Ej9GbirxvSXnkGOqojN7Ucw0PynCrGi7aocb/KA3n4unq2DmaQd
OfoVi03lTCVmeg9uUi67gmcghVJ1kGBG6KrmbSjgy6uOxhhl0eWgvK52+B1SPa2Y
cxhx00lmsRgg4MCntAfOjeXWLcUOl32D7paczbRRDuigRmyEZbnZYN6f2yyjEQTO
hV+K6ZZwlHt9gIA5D57adMxDndhvcLXcSzUSwKR8AZT6+QKxdyHyytJYJU7MwxZm
fT5DNs3QHMkIu8XQm2qBNoxu1r/Dsp7D6X0WNymKvqQwJ7msnQMy15eYdjx8JYiA
nd0D0c8mExeaVQ==
-----END CERTIFICATE-----