Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          3u1d1Kk+ScmsECCSHlt2EUYXDFcuEfGnj6bLkKhIR68=
Subject key identifier:   73:1B:53:8D:27:C5:6C:E5:98:D1:40:4C:92:A6:BF:5A:89:C3:0D:0B
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019753B495667BDF29DDD60B6D0905E4242B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          01A6
Signing time:             Mon 09 Jun 2025 08:00:32 +0000
Manifest this update:     Mon 09 Jun 2025 08:00:32 +0000
Manifest next update:     Tue 10 Jun 2025 08:00:32 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: KBLqg8zMYjyZj7dHnzqk9tTsLGz7ms9k9nhpugI/3Qw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 08:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:b4:95:66:7b:df:29:dd:d6:0b:6d:09:05:e4:24:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Jun  9 08:00:32 2025 GMT
            Not After : Jun 10 08:00:32 2025 GMT
        Subject: CN=731b538d27c56ce598d1404c92a6bf5a89c30d0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e7:66:90:bc:8a:2d:2f:fd:04:cd:57:3c:8b:
                    fa:ec:06:6c:68:12:13:35:fa:bf:32:29:96:18:53:
                    16:ff:1b:49:48:c9:a9:79:65:75:ff:bb:57:d3:f0:
                    c5:11:4a:1e:e2:67:ab:2a:b1:4b:f3:4f:b2:12:88:
                    a0:39:c1:9f:e9:32:7b:bf:eb:be:26:fd:84:6f:53:
                    32:1d:44:77:87:90:cd:78:b8:17:c9:e1:8d:ff:37:
                    cf:62:47:58:3d:e3:f4:4c:3c:82:7c:25:21:cf:02:
                    33:4e:65:b3:5f:80:a1:19:c0:e0:3d:15:aa:68:ba:
                    de:5a:b7:f4:0b:6e:2f:bd:14:7e:cf:3d:12:6d:1d:
                    d8:62:d8:40:88:64:9f:08:b3:18:73:4b:aa:ad:0e:
                    20:fc:c2:52:c0:cc:53:c8:b4:72:26:b1:86:16:43:
                    cf:0e:10:9f:e8:39:a2:d0:fc:e2:02:37:ec:24:6c:
                    b4:bd:a4:28:9e:e1:be:04:cd:c6:8c:60:cd:a8:c3:
                    6d:a4:9c:e0:34:f3:00:17:ab:97:1b:fa:52:b5:b7:
                    84:62:30:fd:75:96:b9:5a:cb:8a:4d:59:13:02:57:
                    7c:8c:34:06:73:3f:0d:04:e4:fc:dd:f3:f3:a4:b5:
                    34:66:15:93:b2:a9:96:41:89:c4:f7:ed:0c:c6:1b:
                    31:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:1B:53:8D:27:C5:6C:E5:98:D1:40:4C:92:A6:BF:5A:89:C3:0D:0B
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:11:27:af:05:5a:8d:a4:29:a7:80:9b:c0:bb:00:e7:b0:5a:
         2f:2a:4f:bf:7a:70:69:82:82:02:22:01:51:a3:fa:71:d6:97:
         0b:c2:e2:39:de:29:ef:0b:c5:b1:a3:5b:b7:28:c3:45:29:ef:
         e3:8d:f6:0f:bb:b1:d2:29:88:16:1c:ed:1c:2f:e5:7c:66:ac:
         fb:74:a2:59:a3:5d:7e:8e:c7:21:49:5a:f0:c7:2b:a1:8b:54:
         72:f4:d2:eb:b8:67:b0:89:08:b4:72:c2:39:81:49:e4:4d:bd:
         48:00:c3:5e:3d:c6:bd:f5:56:59:1c:81:6b:9b:f9:32:1f:27:
         b2:3a:ab:c9:62:32:4b:8b:e2:4e:14:07:9d:d3:2d:69:1a:9d:
         bf:1d:80:44:3c:df:7b:74:0d:25:26:d2:1d:f7:4b:cc:f0:c5:
         9d:8a:91:49:de:52:70:d1:d7:d0:48:54:98:db:be:bd:43:25:
         32:e3:ed:f5:4a:80:c2:d7:21:72:b0:c0:68:d1:60:b2:54:40:
         16:57:36:1a:b6:61:d3:f1:3a:31:d5:ca:8c:7c:e4:eb:61:f0:
         6d:d0:bd:c7:d5:77:70:d6:53:e4:13:51:b3:9b:cf:ba:5e:6d:
         01:65:a3:f3:74:61:28:aa:b0:c9:5f:f4:a9:01:83:18:3d:8d:
         23:02:24:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtJVme98p3dYLbQkF5CQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwNjA5MDgwMDMyWhcNMjUwNjEwMDgwMDMyWjAzMTEwLwYDVQQD
Eyg3MzFiNTM4ZDI3YzU2Y2U1OThkMTQwNGM5MmE2YmY1YTg5YzMwZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuedmkLyKLS/9BM1XPIv67AZsaBIT
Nfq/MimWGFMW/xtJSMmpeWV1/7tX0/DFEUoe4merKrFL80+yEoigOcGf6TJ7v+u+
Jv2Eb1MyHUR3h5DNeLgXyeGN/zfPYkdYPeP0TDyCfCUhzwIzTmWzX4ChGcDgPRWq
aLreWrf0C24vvRR+zz0SbR3YYthAiGSfCLMYc0uqrQ4g/MJSwMxTyLRyJrGGFkPP
DhCf6Dmi0PziAjfsJGy0vaQonuG+BM3GjGDNqMNtpJzgNPMAF6uXG/pStbeEYjD9
dZa5WsuKTVkTAld8jDQGcz8NBOT83fPzpLU0ZhWTsqmWQYnE9+0MxhsxRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMbU40nxWzlmNFATJKmv1qJww0LMB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxEnrwVa
jaQpp4CbwLsA57BaLypPv3pwaYKCAiIBUaP6cdaXC8LiOd4p7wvFsaNbtyjDRSnv
4432D7ux0imIFhztHC/lfGas+3SiWaNdfo7HIUla8McroYtUcvTS67hnsIkItHLC
OYFJ5E29SADDXj3GvfVWWRyBa5v5Mh8nsjqryWIyS4viThQHndMtaRqdvx2ARDzf
e3QNJSbSHfdLzPDFnYqRSd5ScNHX0EhUmNu+vUMlMuPt9UqAwtchcrDAaNFgslRA
Flc2GrZh0/E6MdXKjHzk62HwbdC9x9V3cNZT5BNRs5vPul5tAWWj83RhKKqwyV/0
qQGDGD2NIwIkJQ==
-----END CERTIFICATE-----