Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          EPVBJLIheIuP87ujLHIYq1cDVP6f8OsSpKQLbmSB+yY=
Subject key identifier:   AC:5D:B7:27:5F:A5:21:D7:B2:CA:19:12:4C:61:6C:C1:68:54:B6:D7
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       0197B88F1FEE2F6930ADA46C3BB05866B0AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          6A
Signing time:             Sat 28 Jun 2025 22:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:16 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: 3RXgUc+IuwBomiHfE8fG38oZ7vDlEYeYo2Xb3Y73w5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:1f:ee:2f:69:30:ad:a4:6c:3b:b0:58:66:b0:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: Jun 28 22:01:16 2025 GMT
            Not After : Jun 29 22:01:16 2025 GMT
        Subject: CN=ac5db7275fa521d7b2ca19124c616cc16854b6d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:78:fe:67:9e:07:f3:fa:0c:93:5e:c3:a7:65:
                    2f:4e:80:52:7c:b7:2e:cc:9d:d3:d9:e4:b3:09:5b:
                    c1:4d:05:20:ea:82:c6:4e:38:48:bb:38:83:b7:f3:
                    45:4f:90:67:6a:ec:28:1a:4b:31:b0:77:67:c3:5b:
                    a1:b1:df:cc:39:1c:71:5a:5c:a4:7f:49:12:8a:81:
                    65:aa:b3:40:e2:92:af:f8:b0:41:30:ab:80:3c:8e:
                    68:53:3f:93:52:47:9f:cd:78:18:4c:26:3d:3d:7f:
                    1f:29:d6:4a:05:b9:97:bf:d9:d8:cf:58:8c:e0:10:
                    69:db:e8:38:a0:5d:7c:09:b6:4a:2f:88:b8:26:52:
                    cd:9d:60:72:54:88:bf:42:bc:71:db:a6:f0:c2:73:
                    d3:ce:6d:56:44:24:70:6e:dd:2b:59:7d:74:07:72:
                    6b:c7:c9:17:d5:27:7f:f5:c6:2f:73:89:6e:37:40:
                    23:d4:4c:58:dd:39:6f:2b:e6:3c:cd:62:f8:d4:3c:
                    7c:ef:c3:e3:ff:82:00:3b:fd:58:56:44:56:e7:02:
                    44:00:75:53:04:5d:19:37:6b:03:b1:a9:31:9f:51:
                    ab:4b:8f:73:d5:cd:fd:dd:83:e1:98:d2:f7:69:73:
                    02:a1:81:1a:cd:cb:71:48:3c:5d:a1:2d:a0:bb:50:
                    76:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:5D:B7:27:5F:A5:21:D7:B2:CA:19:12:4C:61:6C:C1:68:54:B6:D7
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:6d:22:d7:c1:04:05:a2:26:57:45:27:4d:cb:90:b4:ba:ed:
         45:1d:70:94:3a:ee:36:97:e8:2c:bb:65:80:61:79:34:b0:45:
         cb:76:41:e9:bb:37:3c:e8:94:00:35:dc:e8:97:94:fb:a3:0a:
         e5:e4:98:a2:35:f0:3f:06:62:98:19:53:a1:22:75:9e:f0:aa:
         6e:17:31:b6:ea:ad:4d:c9:b9:8a:aa:6d:ec:df:3f:86:3d:7e:
         ef:5f:9e:43:01:41:97:f4:c8:65:48:2e:ce:fc:30:36:9c:10:
         c6:28:c5:31:fa:ee:67:de:90:f6:e0:71:e0:72:4c:e1:57:d0:
         32:b6:b9:e9:5f:fc:d0:ac:af:c7:d3:9b:08:11:c5:79:e7:2f:
         49:79:a6:45:ed:c3:a4:6a:76:5c:3f:c6:9b:e5:02:bc:27:46:
         fe:e6:52:c5:af:de:81:d0:e7:d1:43:a1:63:bc:cd:38:b9:00:
         36:01:41:d6:fb:d2:e7:b9:01:d0:12:1d:ac:34:df:d1:41:ad:
         64:1b:68:8f:5b:17:10:bc:46:f4:c5:3b:a5:d0:be:b5:5e:72:
         19:2b:18:fd:62:54:3d:9b:4f:a5:cc:e8:f9:19:5c:8c:b7:a1:
         8b:d5:b6:95:fb:d4:fc:63:f2:fb:5f:a9:0a:ad:85:5d:23:f0:
         4e:48:e5:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jx/uL2kwraRsO7BYZrCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjUwNjI4MjIwMTE2WhcNMjUwNjI5MjIwMTE2WjAzMTEwLwYDVQQD
EyhhYzVkYjcyNzVmYTUyMWQ3YjJjYTE5MTI0YzYxNmNjMTY4NTRiNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Xj+Z54H8/oMk17Dp2UvToBSfLcu
zJ3T2eSzCVvBTQUg6oLGTjhIuziDt/NFT5BnauwoGksxsHdnw1uhsd/MORxxWlyk
f0kSioFlqrNA4pKv+LBBMKuAPI5oUz+TUkefzXgYTCY9PX8fKdZKBbmXv9nYz1iM
4BBp2+g4oF18CbZKL4i4JlLNnWByVIi/Qrxx26bwwnPTzm1WRCRwbt0rWX10B3Jr
x8kX1Sd/9cYvc4luN0Aj1ExY3TlvK+Y8zWL41Dx878Pj/4IAO/1YVkRW5wJEAHVT
BF0ZN2sDsakxn1GrS49z1c393YPhmNL3aXMCoYEazctxSDxdoS2gu1B2DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxdtydfpSHXssoZEkxhbMFoVLbXMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG20i18EE
BaImV0UnTcuQtLrtRR1wlDruNpfoLLtlgGF5NLBFy3ZB6bs3POiUADXc6JeU+6MK
5eSYojXwPwZimBlToSJ1nvCqbhcxtuqtTcm5iqpt7N8/hj1+71+eQwFBl/TIZUgu
zvwwNpwQxijFMfruZ96Q9uBx4HJM4VfQMra56V/80Kyvx9ObCBHFeecvSXmmRe3D
pGp2XD/Gm+UCvCdG/uZSxa/egdDn0UOhY7zNOLkANgFB1vvS57kB0BIdrDTf0UGt
ZBtoj1sXELxG9MU7pdC+tV5yGSsY/WJUPZtPpczo+RlcjLehi9W2lfvU/GPy+1+p
Cq2FXSPwTkjluw==
-----END CERTIFICATE-----