Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
File:                     rxFguAPrImHBP4yK3JU9O1r7V8w.mft (raw, json)
Hash identifier:          lmX/wa95Fd/6kv1R5VfVS+fubbPisRiognXtnsre3Y8=
Subject key identifier:   3F:64:35:43:C1:88:D0:7F:62:CD:8C:DD:D1:B1:E4:25:4B:AD:DD:7E
Authority key identifier: AF:11:60:B8:03:EB:22:61:C1:3F:8C:8A:DC:95:3D:3B:5A:FB:57:CC
Certificate issuer:       /CN=af1160b803eb2261c13f8c8adc953d3b5afb57cc
Certificate serial:       0197B7B354B3C154EA4F7FDF46EE1D23FBA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
Manifest number:          D4
Signing time:             Sat 28 Jun 2025 18:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:12 +0000
Files and hashes:         1: rxFguAPrImHBP4yK3JU9O1r7V8w.crl (hash: rjO58FwmQzRao0QPOQAYJgmEcwVmqXY3R4oFSCCV+rQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:54:b3:c1:54:ea:4f:7f:df:46:ee:1d:23:fb:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af1160b803eb2261c13f8c8adc953d3b5afb57cc
        Validity
            Not Before: Jun 28 18:01:12 2025 GMT
            Not After : Jun 29 18:01:12 2025 GMT
        Subject: CN=3f643543c188d07f62cd8cddd1b1e4254baddd7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:42:3c:c7:e7:73:76:20:00:83:76:2c:a3:db:
                    97:fa:17:15:36:82:b6:cc:ab:da:07:51:b6:e5:1e:
                    b4:33:ed:0b:87:40:60:59:e1:19:80:f0:77:23:db:
                    50:28:ee:63:1d:c7:a7:71:f8:46:ed:fb:db:70:bc:
                    de:06:51:8d:c3:85:67:c1:e9:3b:e1:20:bb:c9:ec:
                    1c:34:8f:bd:0e:54:68:27:8c:96:ce:a5:70:1c:7f:
                    33:50:9d:04:4f:e7:68:f0:b6:7c:17:5e:21:11:51:
                    b9:ed:54:7f:ce:4d:70:80:f3:1c:5e:2e:6b:6e:e4:
                    79:7b:bd:74:e6:12:b6:67:81:40:5a:fa:8f:24:18:
                    f0:e0:e5:da:ac:6c:62:42:79:97:a1:17:ea:95:16:
                    d5:bb:b9:68:8b:c3:b2:3e:26:77:19:25:25:1c:7b:
                    b2:6b:0f:af:ee:74:6e:c9:00:36:af:1c:57:d2:5f:
                    ee:85:b8:64:7c:29:01:db:f4:8f:13:6d:90:3b:8b:
                    16:e7:5a:c0:f5:fb:a1:1b:22:f9:8a:9f:01:b9:df:
                    aa:11:75:3a:5b:1d:db:ae:de:66:05:60:23:de:93:
                    47:35:a0:65:45:86:b3:8a:be:b4:70:61:6f:c6:83:
                    72:e1:50:9d:e2:34:66:66:e7:a4:54:04:43:57:6d:
                    89:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:64:35:43:C1:88:D0:7F:62:CD:8C:DD:D1:B1:E4:25:4B:AD:DD:7E
            X509v3 Authority Key Identifier:
                keyid:AF:11:60:B8:03:EB:22:61:C1:3F:8C:8A:DC:95:3D:3B:5A:FB:57:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxFguAPrImHBP4yK3JU9O1r7V8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f7f214-1db2-436a-95c6-643f0da849fa/1/rxFguAPrImHBP4yK3JU9O1r7V8w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:5b:4b:b7:f6:fd:b5:65:aa:2c:96:82:9b:79:91:ef:6e:21:
         d9:e0:4e:7d:ee:e4:26:71:2d:bd:33:d4:af:68:f5:23:3d:1d:
         03:15:5f:49:3d:c4:61:f7:8d:f2:08:6d:4d:37:e7:03:f1:92:
         dc:69:6a:f6:07:e5:b0:88:96:03:b5:b0:d4:4f:1e:0e:2e:4a:
         f5:ff:70:b2:b1:ec:8c:d9:14:82:a9:38:f1:0b:90:f1:4b:6b:
         f1:39:8d:64:11:a2:aa:5f:56:63:e6:c4:8f:98:4e:4d:39:bb:
         b6:e1:52:62:2a:35:ee:1b:90:1a:4f:ab:1f:b0:62:92:4a:6c:
         80:35:e5:ab:ab:5e:3d:21:68:cd:3f:11:a3:af:9d:2e:66:37:
         14:ed:b0:c5:af:03:17:35:23:85:39:5f:c7:f6:9e:0b:f9:85:
         53:da:38:7b:d0:97:5f:78:e2:8b:03:35:08:3a:12:12:bd:6e:
         42:dc:15:24:73:6e:90:3c:af:fc:1e:01:97:88:79:1a:0e:6d:
         fb:9e:61:64:ee:ff:f3:fc:a8:6d:2d:79:74:e5:49:a4:5c:c9:
         99:91:dd:b3:c2:f9:e2:20:b7:88:ce:d7:68:c9:b3:fc:8d:00:
         ea:b1:79:b9:1c:5b:6b:14:0b:30:0d:73:ca:1a:de:98:a0:57:
         2e:32:cb:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s1SzwVTqT3/fRu4dI/upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTE2MGI4MDNlYjIyNjFjMTNmOGM4YWRjOTUzZDNiNWFm
YjU3Y2MwHhcNMjUwNjI4MTgwMTEyWhcNMjUwNjI5MTgwMTEyWjAzMTEwLwYDVQQD
EygzZjY0MzU0M2MxODhkMDdmNjJjZDhjZGRkMWIxZTQyNTRiYWRkZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEI8x+dzdiAAg3Yso9uX+hcVNoK2
zKvaB1G25R60M+0Lh0BgWeEZgPB3I9tQKO5jHcencfhG7fvbcLzeBlGNw4Vnwek7
4SC7yewcNI+9DlRoJ4yWzqVwHH8zUJ0ET+do8LZ8F14hEVG57VR/zk1wgPMcXi5r
buR5e7105hK2Z4FAWvqPJBjw4OXarGxiQnmXoRfqlRbVu7loi8OyPiZ3GSUlHHuy
aw+v7nRuyQA2rxxX0l/uhbhkfCkB2/SPE22QO4sW51rA9fuhGyL5ip8Bud+qEXU6
Wx3brt5mBWAj3pNHNaBlRYazir60cGFvxoNy4VCd4jRmZuekVARDV22J4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9kNUPBiNB/Ys2M3dGx5CVLrd1+MB8GA1UdIwQY
MBaAFK8RYLgD6yJhwT+MityVPTta+1fMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mN2YyMTQtMWRiMi00MzZhLTk1YzYt
NjQzZjBkYTg0OWZhLzEvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mN2YyMTQtMWRiMi00MzZhLTk1YzYtNjQzZjBkYTg0OWZh
LzEvcnhGZ3VBUHJJbUhCUDR5SzNKVTlPMXI3Vjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy1tLt/b9
tWWqLJaCm3mR724h2eBOfe7kJnEtvTPUr2j1Iz0dAxVfST3EYfeN8ghtTTfnA/GS
3Glq9gflsIiWA7Ww1E8eDi5K9f9wsrHsjNkUgqk48QuQ8Utr8TmNZBGiql9WY+bE
j5hOTTm7tuFSYio17huQGk+rH7BikkpsgDXlq6tePSFozT8Ro6+dLmY3FO2wxa8D
FzUjhTlfx/aeC/mFU9o4e9CXX3jiiwM1CDoSEr1uQtwVJHNukDyv/B4Bl4h5Gg5t
+55hZO7/8/yobS15dOVJpFzJmZHds8L54iC3iM7XaMmz/I0A6rF5uRxbaxQLMA1z
yhremKBXLjLLSQ==
-----END CERTIFICATE-----