Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          3R5c09WHG7xZeCL7TUz0FY2KSY7993LJLlVIMy6AQr4=
Subject key identifier:   6B:FD:2B:3F:B3:5A:C6:0A:44:18:15:DC:75:EC:E4:38:BF:F7:96:9C
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       0196B9A3F1B6C0DE6DD03DA67A0182BE7BAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          0FE7
Signing time:             Sat 10 May 2025 10:00:51 +0000
Manifest this update:     Sat 10 May 2025 10:00:51 +0000
Manifest next update:     Sun 11 May 2025 10:00:51 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: fs91eD/3Z8AZ3MP8hq84EhFxDnBPF9/6E5hthih6te0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:f1:b6:c0:de:6d:d0:3d:a6:7a:01:82:be:7b:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: May 10 10:00:51 2025 GMT
            Not After : May 11 10:00:51 2025 GMT
        Subject: CN=6bfd2b3fb35ac60a441815dc75ece438bff7969c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e7:d8:05:4a:a4:b3:6a:d7:72:0c:4d:8e:17:
                    a2:e6:be:0c:04:a7:a7:a9:0d:1d:29:c5:e3:9d:57:
                    3f:85:85:27:62:6b:15:d8:c1:5a:27:9a:6e:68:90:
                    a8:d3:34:86:86:b6:cb:e8:b3:c8:d9:98:b4:72:51:
                    3d:00:99:3d:08:ce:34:4a:3c:a0:7e:c7:62:12:bd:
                    8a:2d:74:d3:07:a9:72:27:b1:ba:01:28:ba:98:23:
                    14:bf:d5:f4:a8:63:cf:64:3a:7d:6b:77:0d:2a:73:
                    00:e3:af:c7:a2:20:84:f9:58:ec:d9:cf:62:71:ed:
                    7d:cc:e2:3c:72:17:76:da:c3:b7:7e:52:7d:9e:92:
                    61:03:c0:58:b4:50:b0:c0:1a:9c:ec:eb:f0:bd:94:
                    e4:53:ac:17:15:a2:38:d3:69:d7:ac:8b:c1:71:57:
                    4e:0f:75:d8:b0:59:ff:f0:42:d2:23:b4:e9:4d:40:
                    ac:0e:fa:29:55:f8:42:5d:e7:4b:63:05:a2:b4:95:
                    14:69:a2:e8:c7:a6:9b:e0:26:39:68:0a:3d:1d:bc:
                    4d:2f:d8:a5:48:a5:86:53:f6:be:79:66:17:46:e9:
                    97:c0:12:19:66:ea:82:92:70:51:1b:fb:46:3b:25:
                    96:d3:5e:52:d1:14:b4:b2:95:40:a0:5a:e0:cd:2e:
                    d8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:FD:2B:3F:B3:5A:C6:0A:44:18:15:DC:75:EC:E4:38:BF:F7:96:9C
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:48:78:49:4b:72:18:fc:5f:65:53:c7:22:bd:14:f4:4c:5a:
         cf:69:98:d4:4b:e7:04:40:0d:a1:bc:88:c9:b9:bf:10:a5:3f:
         d2:14:f3:79:38:b5:4d:99:b1:d3:5f:3b:be:6a:68:9f:55:67:
         f6:c7:51:43:1f:fe:f1:d7:41:b1:90:c0:da:03:cf:2c:2d:31:
         63:30:91:aa:70:52:15:78:5c:ad:3a:a2:c3:b4:f0:70:0b:97:
         f6:da:63:b5:f0:9d:08:fc:a6:91:8e:50:4c:c1:24:a7:af:fd:
         70:b5:3d:d1:2b:e3:3f:b0:1a:ef:c5:7e:24:f1:98:1a:51:00:
         99:9e:e4:95:d5:e5:88:42:32:4f:b4:76:69:89:72:a8:3b:9d:
         76:18:8b:17:11:fa:08:c6:c1:93:5a:81:9f:40:72:9b:2b:78:
         d7:29:bd:e7:1f:b2:14:c5:26:c7:df:49:22:1d:99:36:bd:12:
         a0:6c:17:d4:57:76:79:0a:ec:3f:21:65:ae:4c:f2:5f:5d:2a:
         3d:04:4a:09:97:04:3d:5f:76:f6:b0:ac:29:45:7e:3e:da:75:
         72:2e:6f:cd:32:57:7f:c3:13:d7:ab:fc:42:44:ce:e9:82:ac:
         50:6e:69:92:07:2c:4d:53:f7:9d:0c:eb:52:79:66:c6:6c:ca:
         af:8d:02:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o/G2wN5t0D2megGCvnusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjUwNTEwMTAwMDUxWhcNMjUwNTExMTAwMDUxWjAzMTEwLwYDVQQD
Eyg2YmZkMmIzZmIzNWFjNjBhNDQxODE1ZGM3NWVjZTQzOGJmZjc5NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmefYBUqks2rXcgxNjhei5r4MBKen
qQ0dKcXjnVc/hYUnYmsV2MFaJ5puaJCo0zSGhrbL6LPI2Zi0clE9AJk9CM40Sjyg
fsdiEr2KLXTTB6lyJ7G6ASi6mCMUv9X0qGPPZDp9a3cNKnMA46/HoiCE+Vjs2c9i
ce19zOI8chd22sO3flJ9npJhA8BYtFCwwBqc7OvwvZTkU6wXFaI402nXrIvBcVdO
D3XYsFn/8ELSI7TpTUCsDvopVfhCXedLYwWitJUUaaLox6ab4CY5aAo9HbxNL9il
SKWGU/a+eWYXRumXwBIZZuqCknBRG/tGOyWW015S0RS0spVAoFrgzS7YdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGv9Kz+zWsYKRBgV3HXs5Di/95acMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEh4SUty
GPxfZVPHIr0U9Exaz2mY1EvnBEANobyIybm/EKU/0hTzeTi1TZmx0187vmpon1Vn
9sdRQx/+8ddBsZDA2gPPLC0xYzCRqnBSFXhcrTqiw7TwcAuX9tpjtfCdCPymkY5Q
TMEkp6/9cLU90SvjP7Aa78V+JPGYGlEAmZ7kldXliEIyT7R2aYlyqDuddhiLFxH6
CMbBk1qBn0Bymyt41ym95x+yFMUmx99JIh2ZNr0SoGwX1Fd2eQrsPyFlrkzyX10q
PQRKCZcEPV929rCsKUV+Ptp1ci5vzTJXf8MT16v8QkTO6YKsUG5pkgcsTVP3nQzr
UnlmxmzKr40CwQ==
-----END CERTIFICATE-----