Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
File:                     _hEX6Xaz4zlTuTYbtLseui9Ane0.mft (raw, json)
Hash identifier:          wCmimXv2x1OJx2QZBq6DJ8TZxxULxbKnGZa/F619PIA=
Subject key identifier:   C5:7F:DA:FD:9C:CD:B8:3F:46:28:5F:96:7C:37:62:1C:E1:71:1C:03
Authority key identifier: FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED
Certificate issuer:       /CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
Certificate serial:       0197B77C2EAD274A9375DE36399682F8EAC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
Manifest number:          06D2
Signing time:             Sat 28 Jun 2025 17:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:58 +0000
Files and hashes:         1: _hEX6Xaz4zlTuTYbtLseui9Ane0.crl (hash: +p8HK1ilkTBe5GOcQcHK8SLPVO8DJuVUjbbOnb+SqcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:2e:ad:27:4a:93:75:de:36:39:96:82:f8:ea:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
        Validity
            Not Before: Jun 28 17:00:58 2025 GMT
            Not After : Jun 29 17:00:58 2025 GMT
        Subject: CN=c57fdafd9ccdb83f46285f967c37621ce1711c03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0e:ef:5f:de:bb:8b:79:66:46:3c:26:44:3a:
                    fe:a7:de:36:f2:80:23:1a:14:29:94:8e:ad:9c:c7:
                    70:5c:86:61:d9:69:50:8f:79:69:dc:22:4e:fe:47:
                    a2:5d:4c:b0:0a:50:d3:5b:5e:9b:37:e8:b9:c1:44:
                    33:a3:8c:db:ea:90:e9:c2:26:23:61:ea:e6:84:b4:
                    6f:59:f3:98:f2:30:51:72:79:02:95:72:59:c2:47:
                    09:6d:c3:82:e8:b7:21:b7:61:a2:9f:ec:4d:62:1c:
                    49:a2:43:94:0f:89:69:be:b1:ba:48:c6:90:82:7f:
                    b0:59:bc:f7:c7:b6:39:b1:d5:07:81:85:2f:36:55:
                    99:2d:05:8b:31:9a:11:22:8f:79:07:0f:c6:e9:b8:
                    e5:96:64:53:e1:af:aa:2d:67:c2:f3:1c:aa:c5:11:
                    1b:f9:fa:30:e4:94:81:9e:1d:98:6b:8f:8f:fb:5b:
                    da:d6:eb:af:97:85:4b:3c:af:6f:f6:ca:20:e2:0a:
                    03:6d:4f:85:44:4e:07:b1:57:06:0c:78:bb:5b:16:
                    e4:b3:88:ef:71:75:27:5e:f5:d3:76:e2:6e:53:40:
                    cf:10:32:c4:41:ca:38:79:34:3f:bf:09:b6:4f:ec:
                    49:11:6a:99:c0:ee:f2:7d:43:f4:ec:12:d0:9c:79:
                    25:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:7F:DA:FD:9C:CD:B8:3F:46:28:5F:96:7C:37:62:1C:E1:71:1C:03
            X509v3 Authority Key Identifier:
                keyid:FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:e5:b9:74:8d:50:81:e9:39:2e:ba:fb:30:f6:c0:21:fc:6e:
         e6:b4:91:17:f2:31:b9:03:c4:9c:77:08:18:50:11:ec:71:5f:
         8a:f3:a1:88:72:43:1d:c3:c1:9a:f3:65:d7:b9:25:29:f6:a1:
         1f:8c:b2:c2:c9:2d:43:b1:5d:8a:0a:68:e2:9c:31:21:e9:82:
         2c:48:fa:cf:81:52:1e:4e:fe:94:41:9e:75:a4:4d:3e:ec:b8:
         80:18:64:d3:6e:1b:4c:d5:d1:09:64:cf:3a:a2:4b:90:7c:ac:
         06:10:fb:a1:67:66:9c:19:27:10:a7:25:52:d4:8b:32:55:28:
         f0:87:16:db:f6:8d:60:30:b3:f7:47:4b:97:97:b0:a0:80:17:
         0b:40:f5:14:3c:77:bc:9d:d2:42:e7:68:e9:cf:75:14:b7:82:
         78:a9:85:5e:a7:8a:e6:dc:39:20:e5:c0:3a:34:e0:4d:a9:65:
         35:e6:93:52:52:88:7d:f8:79:2e:eb:df:1c:f2:d3:d7:d4:9e:
         18:b0:cc:17:5a:c7:80:66:f0:9e:45:31:6e:e6:b6:00:42:bc:
         08:00:63:16:f7:03:43:d5:b6:e6:db:91:04:63:ee:70:97:ef:
         ca:b9:ed:06:49:f5:cf:85:0b:89:92:db:b7:f8:b0:ed:a7:37:
         da:12:4e:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fC6tJ0qTdd42OZaC+OrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMTExN2U5NzZiM2UzMzk1M2I5MzYxYmI0YmIxZWJhMmY0
MDlkZWQwHhcNMjUwNjI4MTcwMDU4WhcNMjUwNjI5MTcwMDU4WjAzMTEwLwYDVQQD
EyhjNTdmZGFmZDljY2RiODNmNDYyODVmOTY3YzM3NjIxY2UxNzExYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog7vX967i3lmRjwmRDr+p9428oAj
GhQplI6tnMdwXIZh2WlQj3lp3CJO/keiXUywClDTW16bN+i5wUQzo4zb6pDpwiYj
YermhLRvWfOY8jBRcnkClXJZwkcJbcOC6Lcht2Gin+xNYhxJokOUD4lpvrG6SMaQ
gn+wWbz3x7Y5sdUHgYUvNlWZLQWLMZoRIo95Bw/G6bjllmRT4a+qLWfC8xyqxREb
+fow5JSBnh2Ya4+P+1va1uuvl4VLPK9v9sog4goDbU+FRE4HsVcGDHi7Wxbks4jv
cXUnXvXTduJuU0DPEDLEQco4eTQ/vwm2T+xJEWqZwO7yfUP07BLQnHklIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMV/2v2czbg/Rihflnw3YhzhcRwDMB8GA1UdIwQY
MBaAFP4RF+l2s+M5U7k2G7S7HrovQJ3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2Ut
ODQ2ZTFmNDFmYzYyLzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2UtODQ2ZTFmNDFmYzYy
LzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuW5dI1Q
gek5Lrr7MPbAIfxu5rSRF/IxuQPEnHcIGFAR7HFfivOhiHJDHcPBmvNl17klKfah
H4yywsktQ7Fdigpo4pwxIemCLEj6z4FSHk7+lEGedaRNPuy4gBhk024bTNXRCWTP
OqJLkHysBhD7oWdmnBknEKclUtSLMlUo8IcW2/aNYDCz90dLl5ewoIAXC0D1FDx3
vJ3SQudo6c91FLeCeKmFXqeK5tw5IOXAOjTgTallNeaTUlKIffh5LuvfHPLT19Se
GLDMF1rHgGbwnkUxbua2AEK8CABjFvcDQ9W25tuRBGPucJfvyrntBkn1z4ULiZLb
t/iw7ac32hJOMw==
-----END CERTIFICATE-----