Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          5H3rPGeNORAEczYhCchWRTT74PtJv1yvYbL33ocURWE=
Subject key identifier:   17:49:FE:C0:7C:8D:B8:32:40:B2:0B:7B:72:99:14:FC:DF:27:8E:7D
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       0197B6A1AB9260BD5431586F99244689C884
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          A7
Signing time:             Sat 28 Jun 2025 13:02:17 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:17 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:17 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: Ga4TbpFCMW/vesOrTv7jDqlIkDFLBolspI4U2EKYnSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:ab:92:60:bd:54:31:58:6f:99:24:46:89:c8:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Jun 28 13:02:17 2025 GMT
            Not After : Jun 29 13:02:17 2025 GMT
        Subject: CN=1749fec07c8db83240b20b7b729914fcdf278e7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d2:58:b4:ae:1b:63:ed:2a:a7:e3:84:99:d6:
                    ac:d4:f2:da:6f:57:40:18:59:fd:b0:f2:ac:1e:1a:
                    ff:98:e0:14:8e:00:fb:6b:66:db:09:0f:03:5c:20:
                    8c:5b:e8:3e:5f:0c:a7:8a:3c:6e:0b:3e:ce:0b:a8:
                    bc:33:8e:bf:41:85:be:17:12:d5:d7:06:20:b3:7b:
                    e2:dd:4a:6d:0f:c7:eb:da:58:fb:f5:0a:fd:58:72:
                    ea:07:f3:f4:33:02:2b:0a:23:d9:cc:54:79:5c:c1:
                    33:14:a8:0e:38:e7:41:31:2e:72:6f:dd:4b:41:13:
                    8e:cc:6d:22:95:59:33:a2:38:f7:5f:63:93:12:e6:
                    0a:26:20:ad:ba:0a:62:32:22:3a:c0:e3:b1:bd:9f:
                    95:b3:0c:4f:07:a8:ab:94:b9:df:84:69:19:43:9a:
                    8b:03:f2:9b:4d:30:2b:74:a9:af:ba:a1:c5:7a:08:
                    a5:21:86:aa:7c:e0:b6:4c:04:4f:d1:61:3f:1b:1e:
                    13:f8:74:d7:2b:44:dd:a7:df:29:6e:b6:e9:42:33:
                    b4:15:99:44:f8:72:af:de:07:ea:bb:66:05:86:23:
                    d6:ea:5b:e5:c0:32:25:16:27:45:a8:29:b0:6e:5d:
                    6e:a8:f1:2b:e3:69:4e:8f:db:58:58:9a:89:c3:12:
                    3e:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:49:FE:C0:7C:8D:B8:32:40:B2:0B:7B:72:99:14:FC:DF:27:8E:7D
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:c7:7e:d9:9a:2c:84:a2:87:49:2c:d2:6e:a4:b8:cb:5c:8e:
         a8:a9:39:8f:af:2f:78:e5:8d:86:a3:92:83:b2:97:8e:42:11:
         65:7e:11:68:3c:60:4d:f7:ec:49:51:75:f9:3f:64:6c:c1:20:
         b0:08:d3:68:0a:f6:fc:c0:bd:2c:58:7b:7d:d9:6a:91:d9:6d:
         42:c6:26:fa:3c:e3:85:43:a4:05:1c:67:08:d6:e2:86:1e:eb:
         f2:56:b1:c7:78:fd:21:1b:20:03:00:a3:7b:26:2a:40:98:95:
         f5:b0:75:6c:db:25:9c:25:e7:f2:a2:47:c7:cf:eb:8f:ff:d4:
         77:d5:81:87:36:6c:f8:02:da:ce:9d:c3:b8:56:d1:08:77:b9:
         84:4a:27:22:b0:7b:ab:fc:1a:fe:75:38:10:f9:1c:94:f8:30:
         36:40:db:8c:46:c0:64:f5:c5:fa:17:39:ae:cb:6c:a3:9b:99:
         42:31:6d:b4:86:62:12:71:7f:2b:df:bf:cd:4f:e9:7e:64:66:
         ff:00:60:af:96:0a:74:88:af:8a:18:27:ea:bb:7a:22:e9:4a:
         28:c4:13:a6:ba:de:dd:6e:ea:b3:65:fb:4b:d6:f7:f9:25:fe:
         ab:3b:ab:e8:f6:86:b2:69:be:13:8b:5f:b5:b2:a0:b1:60:dc:
         8e:d4:15:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oauSYL1UMVhvmSRGiciEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwNjI4MTMwMjE3WhcNMjUwNjI5MTMwMjE3WjAzMTEwLwYDVQQD
EygxNzQ5ZmVjMDdjOGRiODMyNDBiMjBiN2I3Mjk5MTRmY2RmMjc4ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtJYtK4bY+0qp+OEmdas1PLab1dA
GFn9sPKsHhr/mOAUjgD7a2bbCQ8DXCCMW+g+XwynijxuCz7OC6i8M46/QYW+FxLV
1wYgs3vi3UptD8fr2lj79Qr9WHLqB/P0MwIrCiPZzFR5XMEzFKgOOOdBMS5yb91L
QROOzG0ilVkzojj3X2OTEuYKJiCtugpiMiI6wOOxvZ+VswxPB6irlLnfhGkZQ5qL
A/KbTTArdKmvuqHFegilIYaqfOC2TARP0WE/Gx4T+HTXK0Tdp98pbrbpQjO0FZlE
+HKv3gfqu2YFhiPW6lvlwDIlFidFqCmwbl1uqPEr42lOj9tYWJqJwxI+kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdJ/sB8jbgyQLILe3KZFPzfJ459MB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMd+2Zos
hKKHSSzSbqS4y1yOqKk5j68veOWNhqOSg7KXjkIRZX4RaDxgTffsSVF1+T9kbMEg
sAjTaAr2/MC9LFh7fdlqkdltQsYm+jzjhUOkBRxnCNbihh7r8laxx3j9IRsgAwCj
eyYqQJiV9bB1bNslnCXn8qJHx8/rj//Ud9WBhzZs+ALazp3DuFbRCHe5hEonIrB7
q/wa/nU4EPkclPgwNkDbjEbAZPXF+hc5rstso5uZQjFttIZiEnF/K9+/zU/pfmRm
/wBgr5YKdIivihgn6rt6IulKKMQTprre3W7qs2X7S9b3+SX+qzur6PaGsmm+E4tf
tbKgsWDcjtQVXg==
-----END CERTIFICATE-----