Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          9Zh7d8bfKHgNi9u2QIUPl8agFQ3lJV/LLMN334TD5yg=
Subject key identifier:   D3:1D:FA:0C:00:D5:10:58:AC:7C:41:CF:B2:58:99:EF:67:41:2C:D4
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       0197493151BBB29609CF88FC17C18E196B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          0326
Signing time:             Sat 07 Jun 2025 07:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:58 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: df0+RBVoAHBfN5TAJfohQ6fTBwVI0Vx3hEhj5UF+ER0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:51:bb:b2:96:09:cf:88:fc:17:c1:8e:19:6b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Jun  7 07:00:58 2025 GMT
            Not After : Jun  8 07:00:58 2025 GMT
        Subject: CN=d31dfa0c00d51058ac7c41cfb25899ef67412cd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:9c:13:71:e8:14:db:d2:f8:61:77:bd:7e:
                    ef:55:2c:84:93:d1:75:91:dc:74:0a:84:64:e6:02:
                    1c:18:ca:45:ac:b4:86:d5:53:e4:b4:a2:8f:82:da:
                    02:a7:2b:a9:a4:41:66:26:5b:43:bc:06:50:c3:ca:
                    df:27:5b:b4:e8:d3:c0:cb:c0:4f:b1:4a:b2:28:81:
                    8c:b3:09:00:90:05:af:a4:e0:76:88:b5:c5:5e:4e:
                    82:e1:a7:11:bd:89:7a:fb:40:5c:32:0b:dc:c3:3c:
                    c5:06:8c:b2:a5:83:f6:1c:56:4b:a9:77:37:7c:1e:
                    4e:f2:af:2b:37:ef:9b:ac:20:31:08:12:01:64:46:
                    d9:45:b5:d8:86:f5:16:d3:55:7b:15:97:eb:ef:f7:
                    ca:d8:82:67:1a:43:55:af:cf:2d:fc:83:2f:a0:f7:
                    d9:40:fe:31:6d:3c:73:68:a0:01:3d:5e:d3:9f:92:
                    46:81:06:54:b9:0a:22:7d:66:3f:0a:df:ba:80:89:
                    17:51:eb:9c:e9:b0:23:ca:c4:fa:22:9b:0d:d7:15:
                    eb:a3:38:6f:79:14:34:e9:00:04:df:b3:fd:31:01:
                    8b:eb:1b:b2:64:11:51:2a:36:31:52:80:88:fe:0f:
                    e2:01:65:ee:fa:eb:ee:9a:72:ef:cd:96:e7:29:8b:
                    e0:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:1D:FA:0C:00:D5:10:58:AC:7C:41:CF:B2:58:99:EF:67:41:2C:D4
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:99:78:fe:54:4e:d1:14:97:e0:e7:0e:5a:19:b6:fe:17:5b:
         e2:61:3d:79:47:57:a5:05:c3:20:bd:58:28:5b:e9:27:51:f8:
         a6:47:0c:ad:7d:57:d4:39:14:05:6d:9b:33:44:9a:de:af:6b:
         de:0a:74:8d:a4:6a:84:25:9f:bf:52:d8:8d:8a:13:fc:2b:e6:
         f9:43:2a:58:ad:37:7d:c3:fe:87:bb:41:0e:73:2b:fe:5d:c0:
         9d:13:1a:93:84:13:77:59:bc:34:a2:9a:71:40:8a:b4:74:0f:
         89:25:fd:aa:e8:df:93:ca:62:85:89:51:e4:5c:46:8a:da:7b:
         82:2e:68:01:70:0b:6c:8b:cf:d4:32:27:c3:d1:e5:78:b9:76:
         28:cb:7d:63:12:5a:0c:85:35:b3:6b:b5:ea:61:2c:e6:c4:de:
         b8:b9:4c:6e:f0:24:0f:14:00:2d:e6:f0:b6:2e:f3:7f:e2:d4:
         0e:e0:9e:4f:b8:f3:2f:00:83:c5:1c:cb:f4:71:16:15:ef:d2:
         d5:95:19:3f:0e:3a:9d:7d:63:2b:3e:ea:0f:e5:d3:cf:da:2c:
         4e:03:4c:38:cd:40:4d:a7:df:8d:ea:04:14:83:a6:93:d0:17:
         8b:6a:d9:4d:6c:39:21:0f:37:94:b1:b1:cb:5a:cd:0c:e2:9a:
         c4:d7:17:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMVG7spYJz4j8F8GOGWs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwNjA3MDcwMDU4WhcNMjUwNjA4MDcwMDU4WjAzMTEwLwYDVQQD
EyhkMzFkZmEwYzAwZDUxMDU4YWM3YzQxY2ZiMjU4OTllZjY3NDEyY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiCcE3HoFNvS+GF3vX7vVSyEk9F1
kdx0CoRk5gIcGMpFrLSG1VPktKKPgtoCpyuppEFmJltDvAZQw8rfJ1u06NPAy8BP
sUqyKIGMswkAkAWvpOB2iLXFXk6C4acRvYl6+0BcMgvcwzzFBoyypYP2HFZLqXc3
fB5O8q8rN++brCAxCBIBZEbZRbXYhvUW01V7FZfr7/fK2IJnGkNVr88t/IMvoPfZ
QP4xbTxzaKABPV7Tn5JGgQZUuQoifWY/Ct+6gIkXUeuc6bAjysT6IpsN1xXrozhv
eRQ06QAE37P9MQGL6xuyZBFRKjYxUoCI/g/iAWXu+uvumnLvzZbnKYvgQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMd+gwA1RBYrHxBz7JYme9nQSzUMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupl4/lRO
0RSX4OcOWhm2/hdb4mE9eUdXpQXDIL1YKFvpJ1H4pkcMrX1X1DkUBW2bM0Sa3q9r
3gp0jaRqhCWfv1LYjYoT/Cvm+UMqWK03fcP+h7tBDnMr/l3AnRMak4QTd1m8NKKa
cUCKtHQPiSX9qujfk8pihYlR5FxGitp7gi5oAXALbIvP1DInw9HleLl2KMt9YxJa
DIU1s2u16mEs5sTeuLlMbvAkDxQALebwti7zf+LUDuCeT7jzLwCDxRzL9HEWFe/S
1ZUZPw46nX1jKz7qD+XTz9osTgNMOM1ATaffjeoEFIOmk9AXi2rZTWw5IQ83lLGx
y1rNDOKaxNcXAA==
-----END CERTIFICATE-----