Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          FKU+IYH8hiOqvXJSEV19WK9k/hMJdAPfN5FKehEqnw4=
Subject key identifier:   AD:98:F5:07:56:9B:C7:11:74:38:EB:A7:B2:71:C6:C6:DB:18:CC:55
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       0197C8A6EAE2E1D6C2F34CDA61574BEA8D44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          15BC
Signing time:             Wed 02 Jul 2025 01:01:11 +0000
Manifest this update:     Wed 02 Jul 2025 01:01:11 +0000
Manifest next update:     Thu 03 Jul 2025 01:01:11 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: a5DoamrMCc9Y/CZrLjt0GwbqinhD6fDkCS/Wj+qGrNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c8:a6:ea:e2:e1:d6:c2:f3:4c:da:61:57:4b:ea:8d:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Jul  2 01:01:11 2025 GMT
            Not After : Jul  3 01:01:11 2025 GMT
        Subject: CN=ad98f507569bc7117438eba7b271c6c6db18cc55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e3:2b:c0:06:88:22:4b:ca:dc:2b:e9:c8:4b:
                    8b:5e:59:d8:53:b3:bb:f8:38:e0:8e:6f:4f:ce:33:
                    0f:a0:7e:ab:a3:e1:96:69:d8:0c:88:d3:b8:b6:e8:
                    83:94:ec:5a:8e:13:af:9c:c7:f4:57:1d:47:0b:7c:
                    ed:c3:95:88:2a:44:62:f9:b8:fb:21:2f:b8:0a:53:
                    48:0a:47:86:c8:e6:f6:ed:3a:ea:3b:e0:6e:9f:be:
                    44:c7:5d:f6:20:29:41:4a:39:78:79:a0:4e:44:a8:
                    08:44:65:8f:22:03:9d:aa:6a:71:e9:73:0d:53:15:
                    3a:6f:d5:24:44:45:58:68:48:f2:c5:95:a6:97:33:
                    16:59:a7:69:b6:de:60:82:58:7a:ff:1b:e7:ca:02:
                    88:fc:4c:dc:54:1a:3a:e9:e7:88:a6:90:77:51:c1:
                    69:cd:c6:4b:8f:ff:d9:83:db:9b:8d:27:a3:6b:57:
                    96:3c:f4:6f:1e:c8:dd:6d:7a:7a:81:7c:61:cb:7e:
                    7b:74:91:76:b1:ab:10:19:6d:48:24:29:52:bd:30:
                    c0:77:f1:26:72:b3:ed:cd:b4:3e:a4:9a:7f:6b:6c:
                    e8:fc:c2:a5:4f:0a:b2:28:ed:94:df:c5:5d:80:9b:
                    b6:36:aa:dc:f3:d3:cc:e4:88:75:bf:05:62:82:f9:
                    63:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:98:F5:07:56:9B:C7:11:74:38:EB:A7:B2:71:C6:C6:DB:18:CC:55
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:21:4b:dd:64:c6:c6:57:30:54:66:06:60:c9:97:22:46:ff:
         c6:28:99:82:a8:9c:0c:e3:e5:c6:ef:65:58:c9:63:17:2a:02:
         62:b9:b7:3f:eb:61:92:77:22:9d:5f:53:0b:d8:c4:50:b1:fb:
         50:86:4b:3e:d1:14:d5:41:22:13:70:3c:57:4e:52:55:65:04:
         42:27:ee:e0:ab:71:3a:21:92:1e:fa:87:a0:54:73:83:ac:2e:
         44:ba:90:ba:ce:ca:b4:a1:0e:c6:30:5d:40:5f:6e:ba:9a:22:
         46:bf:fd:e0:57:5c:a7:cd:a0:6b:c2:7a:c4:fb:b9:9f:26:08:
         d8:34:49:d2:0e:44:bb:e1:55:0e:bf:04:79:13:76:28:c7:2d:
         9a:b9:63:86:83:c4:a5:21:81:55:62:73:3a:e2:da:e8:79:f9:
         40:6c:f9:96:25:b5:56:f4:24:6e:cb:95:6c:c9:2a:77:d8:af:
         2d:1a:40:5d:ef:24:fc:e5:c9:44:54:5f:d4:b8:d2:09:8e:e1:
         6f:77:65:cd:97:48:48:51:0c:ba:92:22:70:0f:27:22:44:4e:
         d3:0c:c9:c2:c8:9e:2c:3d:ee:5b:a8:dd:d6:3e:38:ea:e3:a1:
         81:82:9f:95:53:80:74:10:85:49:6b:3b:61:0a:16:d1:83:e7:
         2e:63:21:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfIpuri4dbC80zaYVdL6o1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjUwNzAyMDEwMTExWhcNMjUwNzAzMDEwMTExWjAzMTEwLwYDVQQD
EyhhZDk4ZjUwNzU2OWJjNzExNzQzOGViYTdiMjcxYzZjNmRiMThjYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeMrwAaIIkvK3CvpyEuLXlnYU7O7
+Djgjm9PzjMPoH6ro+GWadgMiNO4tuiDlOxajhOvnMf0Vx1HC3ztw5WIKkRi+bj7
IS+4ClNICkeGyOb27TrqO+Bun75Ex132IClBSjl4eaBORKgIRGWPIgOdqmpx6XMN
UxU6b9UkREVYaEjyxZWmlzMWWadptt5gglh6/xvnygKI/EzcVBo66eeIppB3UcFp
zcZLj//Zg9ubjSeja1eWPPRvHsjdbXp6gXxhy357dJF2sasQGW1IJClSvTDAd/Em
crPtzbQ+pJp/a2zo/MKlTwqyKO2U38VdgJu2Nqrc89PM5Ih1vwVigvljtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2Y9QdWm8cRdDjrp7JxxsbbGMxVMB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyFL3WTG
xlcwVGYGYMmXIkb/xiiZgqicDOPlxu9lWMljFyoCYrm3P+thkncinV9TC9jEULH7
UIZLPtEU1UEiE3A8V05SVWUEQifu4KtxOiGSHvqHoFRzg6wuRLqQus7KtKEOxjBd
QF9uupoiRr/94Fdcp82ga8J6xPu5nyYI2DRJ0g5Eu+FVDr8EeRN2KMctmrljhoPE
pSGBVWJzOuLa6Hn5QGz5liW1VvQkbsuVbMkqd9ivLRpAXe8k/OXJRFRf1LjSCY7h
b3dlzZdISFEMupIicA8nIkRO0wzJwsieLD3uW6jd1j446uOhgYKflVOAdBCFSWs7
YQoW0YPnLmMh1w==
-----END CERTIFICATE-----