Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          aArJxwKgHfaBAciiFsZzSWVPaj+pOmGkxryJgo7aIMs=
Subject key identifier:   BE:B8:53:AA:9E:AA:C6:6C:93:41:D0:DA:1D:37:59:4A:EE:F8:2F:EE
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0197470C15E1BBF4DF98DE7C0064966655A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          150B
Signing time:             Fri 06 Jun 2025 21:01:03 +0000
Manifest this update:     Fri 06 Jun 2025 21:01:03 +0000
Manifest next update:     Sat 07 Jun 2025 21:01:03 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: 1HKT/XTpW7nAATi6aWpSuSjQGZsVQakUQL4YNKmHvLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:0c:15:e1:bb:f4:df:98:de:7c:00:64:96:66:55:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Jun  6 21:01:03 2025 GMT
            Not After : Jun  7 21:01:03 2025 GMT
        Subject: CN=beb853aa9eaac66c9341d0da1d37594aeef82fee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e5:5d:dc:7e:53:ff:f0:e5:34:1c:2b:08:2f:
                    15:09:90:8e:d2:62:bb:40:8b:cb:fd:4f:85:28:2f:
                    e3:cb:b6:f7:a3:b1:99:e2:0b:d8:45:4c:b1:99:dc:
                    7c:6f:b3:e2:c3:b3:1d:9c:89:59:b9:70:73:01:f8:
                    6f:d8:f7:ef:59:c6:61:18:ef:b9:91:ce:ed:f5:dd:
                    03:7b:12:9a:75:ce:d2:ca:0f:f6:ab:19:be:b8:65:
                    c8:15:79:6c:ca:3f:ea:29:8e:ab:39:65:41:ff:35:
                    c0:ed:5a:e1:3c:a2:35:cd:c4:52:8f:e2:ed:ee:9e:
                    8a:d8:18:35:fe:69:2a:b0:5b:77:bd:14:45:fe:eb:
                    20:a7:a3:10:24:1d:4c:a9:6f:cf:52:f5:71:e0:cd:
                    46:90:fc:c4:77:03:53:d9:99:0a:cb:c5:1b:53:36:
                    34:7d:29:f2:9f:cb:a4:6e:dc:19:5e:af:d6:06:79:
                    9f:ee:57:f2:ee:f7:0f:f4:8f:ea:1c:02:e5:63:80:
                    a0:58:ea:2d:58:80:58:80:72:b6:62:1d:6d:d0:f3:
                    21:c1:6a:d0:1b:04:4d:8e:81:40:bd:07:27:31:13:
                    f6:5c:f2:91:8e:2f:b0:84:dd:2e:b0:22:58:92:d8:
                    63:20:e2:b8:eb:7e:cf:f7:4b:39:1f:92:82:59:72:
                    43:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B8:53:AA:9E:AA:C6:6C:93:41:D0:DA:1D:37:59:4A:EE:F8:2F:EE
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:df:30:f5:10:50:77:5b:ae:2e:06:38:d0:72:59:71:38:c5:
         f5:99:04:8a:72:ce:3f:32:fa:9b:4f:87:c4:8d:e4:61:fa:a0:
         9c:d2:ad:68:03:37:b8:c8:44:6c:7e:dc:2d:35:32:67:d9:91:
         b0:5e:26:d6:56:1f:82:cb:69:c5:e9:7b:6b:dc:9b:ae:38:9a:
         e7:bb:1e:8d:d9:41:4a:fe:49:f9:a0:24:0f:15:48:0c:dd:0a:
         20:e1:63:b3:03:a8:34:38:4c:80:c9:03:95:40:78:c7:15:54:
         4e:cc:8f:fd:9e:c9:ce:ac:3b:c0:0b:22:f5:c8:0f:9e:55:07:
         ec:ca:1c:4a:6e:b7:99:d2:d8:35:9e:ef:ee:2b:22:ac:fb:10:
         23:eb:87:57:ef:d4:b9:c9:b1:98:d4:63:8d:34:ae:dc:ae:b7:
         90:db:10:3d:a5:af:85:a4:09:b0:4c:f4:a4:40:2c:84:cb:bc:
         86:37:b2:1d:cc:39:1d:ae:12:34:13:c3:98:20:03:ef:ff:5c:
         40:b1:1e:22:d0:e7:08:15:d4:c0:86:eb:68:19:42:1a:46:aa:
         d7:7f:7c:8a:00:58:c7:0d:f4:6f:57:70:fe:98:fb:2d:f9:d6:
         f3:79:a4:9b:48:07:a8:47:b1:aa:3a:26:df:1a:08:19:cc:46:
         3b:99:4d:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHDBXhu/TfmN58AGSWZlWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwNjA2MjEwMTAzWhcNMjUwNjA3MjEwMTAzWjAzMTEwLwYDVQQD
EyhiZWI4NTNhYTllYWFjNjZjOTM0MWQwZGExZDM3NTk0YWVlZjgyZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOVd3H5T//DlNBwrCC8VCZCO0mK7
QIvL/U+FKC/jy7b3o7GZ4gvYRUyxmdx8b7Piw7MdnIlZuXBzAfhv2PfvWcZhGO+5
kc7t9d0DexKadc7Syg/2qxm+uGXIFXlsyj/qKY6rOWVB/zXA7VrhPKI1zcRSj+Lt
7p6K2Bg1/mkqsFt3vRRF/usgp6MQJB1MqW/PUvVx4M1GkPzEdwNT2ZkKy8UbUzY0
fSnyn8ukbtwZXq/WBnmf7lfy7vcP9I/qHALlY4CgWOotWIBYgHK2Yh1t0PMhwWrQ
GwRNjoFAvQcnMRP2XPKRji+whN0usCJYkthjIOK4637P90s5H5KCWXJDaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL64U6qeqsZsk0HQ2h03WUru+C/uMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAst8w9RBQ
d1uuLgY40HJZcTjF9ZkEinLOPzL6m0+HxI3kYfqgnNKtaAM3uMhEbH7cLTUyZ9mR
sF4m1lYfgstpxel7a9ybrjia57sejdlBSv5J+aAkDxVIDN0KIOFjswOoNDhMgMkD
lUB4xxVUTsyP/Z7Jzqw7wAsi9cgPnlUH7MocSm63mdLYNZ7v7isirPsQI+uHV+/U
ucmxmNRjjTSu3K63kNsQPaWvhaQJsEz0pEAshMu8hjeyHcw5Ha4SNBPDmCAD7/9c
QLEeItDnCBXUwIbraBlCGkaq1398igBYxw30b1dw/pj7LfnW83mkm0gHqEexqjom
3xoIGcxGO5lNsw==
-----END CERTIFICATE-----