Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
File:                     5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json)
Hash identifier:          afU7KVqthYcyzFs95+Mlvrp9NihwU+9jwHjFwHzvRYU=
Subject key identifier:   C1:1D:D1:2D:E1:EE:41:7E:5A:89:03:7E:E1:51:D4:12:9A:C9:5C:5F
Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D
Certificate issuer:       /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
Certificate serial:       0197B70EB92FA1E6B1836264FA361BF1598B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
Manifest number:          0C1C
Signing time:             Sat 28 Jun 2025 15:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:24 +0000
Files and hashes:         1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: 4VRQbGueaDj21LRrNUKxsiy5zvk9hD3bEn5UBJgCUGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:b9:2f:a1:e6:b1:83:62:64:fa:36:1b:f1:59:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d
        Validity
            Not Before: Jun 28 15:01:24 2025 GMT
            Not After : Jun 29 15:01:24 2025 GMT
        Subject: CN=c11dd12de1ee417e5a89037ee151d4129ac95c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:bf:89:47:5e:87:a2:d6:ca:74:01:09:d9:00:
                    51:82:b0:ce:66:6c:af:fa:18:e8:16:55:a3:ef:c7:
                    4a:87:9d:f0:85:00:2b:08:f0:25:d1:72:f5:58:0c:
                    ec:b1:0b:58:5f:da:4d:ad:73:87:a8:70:18:55:60:
                    fc:bd:f2:0b:8d:6d:6e:02:33:74:1f:11:79:99:5f:
                    41:56:c9:9f:0f:ab:4c:5b:07:a6:e8:c4:cd:ae:1f:
                    85:c3:be:65:96:db:00:c6:f0:72:7a:08:77:c0:b2:
                    b1:f5:19:7e:9b:0e:aa:eb:9a:46:f5:e0:97:82:f8:
                    47:e2:df:88:33:43:fe:20:b8:45:2c:a5:1b:78:7e:
                    ed:c5:a8:a6:66:5c:7d:c4:ec:39:75:c1:78:d5:22:
                    35:b7:b1:9d:57:63:47:4a:99:2d:88:1a:69:d8:80:
                    d1:c1:58:af:ee:6b:64:18:c9:ce:25:f7:24:37:c4:
                    d7:ed:f3:a2:89:48:a8:af:28:be:76:7e:b5:89:e0:
                    17:20:e9:d3:99:9a:c2:c1:c5:90:d2:d3:7a:31:a0:
                    0c:9d:4b:a5:d2:2a:76:1e:fd:48:63:52:c9:00:3b:
                    66:bb:a8:5c:69:51:84:f7:88:9a:6d:a9:99:85:a4:
                    8d:8f:58:5f:0e:49:f5:fe:d2:8b:0e:44:39:16:c4:
                    e9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:1D:D1:2D:E1:EE:41:7E:5A:89:03:7E:E1:51:D4:12:9A:C9:5C:5F
            X509v3 Authority Key Identifier:
                keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:e8:94:62:83:55:19:80:4a:3f:72:91:1f:6c:3c:17:6a:47:
         9d:e9:3a:c1:f8:90:18:17:1e:76:30:18:58:b8:ae:7c:87:34:
         d0:0b:d5:fa:49:b8:c4:73:c5:0c:a9:f7:31:32:61:fc:df:72:
         d3:7b:d1:9c:86:34:3f:16:6f:c9:cc:4c:ed:07:8d:dd:4d:23:
         a3:a8:c0:bd:76:d9:93:4a:76:4f:5f:82:e7:13:d6:a5:3b:6f:
         1b:a3:25:65:1b:f4:91:f6:2e:a0:ed:91:59:69:30:64:7f:84:
         c3:09:83:b7:bc:a1:57:d5:a3:ff:30:a7:cd:c7:95:f3:3d:53:
         67:5a:8c:94:77:67:a1:dc:0c:65:26:6f:6e:a1:0d:9c:bf:02:
         1d:e4:bc:6a:21:8c:52:db:93:c9:1e:77:ce:a3:fd:83:4b:d2:
         aa:c2:ee:10:89:e6:4e:5c:88:01:e1:e1:ec:8a:da:8a:f8:f2:
         30:fb:6b:6b:2c:58:eb:6f:26:ab:9f:1b:f9:2a:7a:92:c5:15:
         55:7a:e6:a1:ac:f9:9e:54:23:06:c2:ae:bf:83:11:3b:db:08:
         62:4f:2d:f9:eb:7c:cf:8a:6c:bb:82:36:68:0d:45:6b:e5:4d:
         fe:be:05:62:b1:94:95:01:b6:ef:5a:60:2b:f6:78:d3:cf:73:
         ad:d3:55:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Drkvoeaxg2Jk+jYb8VmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2
MmMwMWQwHhcNMjUwNjI4MTUwMTI0WhcNMjUwNjI5MTUwMTI0WjAzMTEwLwYDVQQD
EyhjMTFkZDEyZGUxZWU0MTdlNWE4OTAzN2VlMTUxZDQxMjlhYzk1YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL+JR16HotbKdAEJ2QBRgrDOZmyv
+hjoFlWj78dKh53whQArCPAl0XL1WAzssQtYX9pNrXOHqHAYVWD8vfILjW1uAjN0
HxF5mV9BVsmfD6tMWwem6MTNrh+Fw75lltsAxvByegh3wLKx9Rl+mw6q65pG9eCX
gvhH4t+IM0P+ILhFLKUbeH7txaimZlx9xOw5dcF41SI1t7GdV2NHSpktiBpp2IDR
wViv7mtkGMnOJfckN8TX7fOiiUioryi+dn61ieAXIOnTmZrCwcWQ0tN6MaAMnUul
0ip2Hv1IY1LJADtmu6hcaVGE94iabamZhaSNj1hfDkn1/tKLDkQ5FsTpUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEd0S3h7kF+WokDfuFR1BKayVxfMB8GA1UdIwQY
MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt
OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw
LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+iUYoNV
GYBKP3KRH2w8F2pHnek6wfiQGBcedjAYWLiufIc00AvV+km4xHPFDKn3MTJh/N9y
03vRnIY0PxZvycxM7QeN3U0jo6jAvXbZk0p2T1+C5xPWpTtvG6MlZRv0kfYuoO2R
WWkwZH+EwwmDt7yhV9Wj/zCnzceV8z1TZ1qMlHdnodwMZSZvbqENnL8CHeS8aiGM
UtuTyR53zqP9g0vSqsLuEInmTlyIAeHh7IraivjyMPtrayxY628mq58b+Sp6ksUV
VXrmoaz5nlQjBsKuv4MRO9sIYk8t+et8z4psu4I2aA1Fa+VN/r4FYrGUlQG271pg
K/Z4089zrdNVdw==
-----END CERTIFICATE-----