Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          OuQaje9QyegBXrygzF15lp+QbyxiIu9hdgufbMJ8D+E=
Subject key identifier:   9B:BA:E1:C8:FD:FE:FB:84:24:26:9E:3D:82:52:DE:E8:CA:30:D3:11
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       0198D4732AD6E9021EB5A6F0FA57A94E1455
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          10FE
Signing time:             Sat 23 Aug 2025 01:02:53 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:53 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:53 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: FW+x+Yj+8Uro36utLzN61QctmxT8GiePlVh2TEYbGt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:2a:d6:e9:02:1e:b5:a6:f0:fa:57:a9:4e:14:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Aug 23 01:02:53 2025 GMT
            Not After : Aug 24 01:02:53 2025 GMT
        Subject: CN=9bbae1c8fdfefb8424269e3d8252dee8ca30d311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1b:f7:1a:d5:75:1a:c9:20:b7:d0:f2:1d:55:
                    16:15:9c:75:a6:26:6f:fd:96:1b:08:54:26:60:97:
                    f7:28:59:b3:36:9f:64:8e:af:c4:f6:2a:db:32:c9:
                    a2:89:e2:4c:9f:1d:e7:a9:24:5c:ff:e0:b4:de:a8:
                    71:31:87:3b:a2:90:a8:77:a4:56:ea:57:e1:95:55:
                    d8:6a:e3:37:2f:cb:b5:81:12:a7:7e:29:5d:dc:9f:
                    6b:6a:ce:ac:6d:b5:ab:84:e6:c8:de:1a:a1:6f:6e:
                    4f:c4:f3:f3:c4:d5:37:ed:d0:3f:87:ec:57:c8:30:
                    60:d5:79:b3:1a:22:81:81:91:cc:ae:8e:fb:3a:45:
                    3c:6a:2c:7a:b8:29:c5:b3:15:4f:05:af:ff:40:79:
                    24:7c:7b:64:1d:08:0e:16:9e:56:99:43:27:b3:3f:
                    d2:2e:53:90:9d:ee:07:8b:ea:cb:9b:d6:69:68:fb:
                    be:e1:05:b6:d2:b0:c5:f5:da:2e:8a:07:67:50:79:
                    bc:3b:72:2b:5c:d0:ca:0c:75:02:07:1a:6e:8c:71:
                    45:e0:8b:96:77:03:a9:44:fa:a8:c8:d0:90:20:b0:
                    9f:23:ff:3a:7b:26:28:3a:23:1a:3a:14:dc:6b:a4:
                    c5:2c:7f:f0:17:f5:57:a3:b9:2a:1d:b6:dd:9a:84:
                    11:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BA:E1:C8:FD:FE:FB:84:24:26:9E:3D:82:52:DE:E8:CA:30:D3:11
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:63:9f:c4:01:10:96:8d:af:f1:b5:7e:29:0d:6e:22:70:1c:
         8e:6a:93:d3:cb:fb:9a:64:be:ab:38:c5:45:dc:6f:b5:8b:1b:
         57:b4:80:b0:ec:38:c9:07:a9:ec:9d:e9:a4:0f:cb:8e:9e:43:
         d6:5f:cc:4d:ce:75:75:c5:5f:d0:45:64:cf:7c:b2:a4:a7:54:
         b1:0a:8a:06:5d:bd:db:b5:72:33:63:8c:e2:7c:eb:85:e6:82:
         2f:b1:fb:97:18:be:98:c7:20:88:be:c0:12:1f:bb:53:a4:11:
         69:04:60:f1:07:34:e3:16:d1:af:bb:04:04:1b:ee:9a:49:8b:
         2d:80:db:ee:7e:f5:d3:e2:67:e1:54:a0:88:5a:90:6a:84:3b:
         38:e4:20:62:94:99:59:84:5a:72:ca:e4:b9:c5:67:7f:23:05:
         e6:9d:6c:53:85:2a:14:95:27:8a:fb:f0:34:a2:26:53:87:08:
         2a:67:bf:81:9f:e0:69:f2:87:66:0f:c4:f4:cb:80:cc:29:05:
         c1:8e:e7:ec:d5:63:e4:89:2b:59:3e:b1:60:b9:1a:27:9d:17:
         d1:4a:69:bd:81:8d:65:60:78:9f:d7:66:d2:7f:e9:78:39:f3:
         59:93:9d:af:1b:33:4c:e8:eb:86:1a:90:74:02:d7:43:16:10:
         42:b6:54:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcyrW6QIetabw+lepThRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjUwODIzMDEwMjUzWhcNMjUwODI0MDEwMjUzWjAzMTEwLwYDVQQD
Eyg5YmJhZTFjOGZkZmVmYjg0MjQyNjllM2Q4MjUyZGVlOGNhMzBkMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRv3GtV1Gskgt9DyHVUWFZx1piZv
/ZYbCFQmYJf3KFmzNp9kjq/E9irbMsmiieJMnx3nqSRc/+C03qhxMYc7opCod6RW
6lfhlVXYauM3L8u1gRKnfild3J9ras6sbbWrhObI3hqhb25PxPPzxNU37dA/h+xX
yDBg1XmzGiKBgZHMro77OkU8aix6uCnFsxVPBa//QHkkfHtkHQgOFp5WmUMnsz/S
LlOQne4Hi+rLm9ZpaPu+4QW20rDF9douigdnUHm8O3IrXNDKDHUCBxpujHFF4IuW
dwOpRPqoyNCQILCfI/86eyYoOiMaOhTca6TFLH/wF/VXo7kqHbbdmoQREwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJu64cj9/vuEJCaePYJS3ujKMNMRMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsGOfxAEQ
lo2v8bV+KQ1uInAcjmqT08v7mmS+qzjFRdxvtYsbV7SAsOw4yQep7J3ppA/Ljp5D
1l/MTc51dcVf0EVkz3yypKdUsQqKBl2927VyM2OM4nzrheaCL7H7lxi+mMcgiL7A
Eh+7U6QRaQRg8Qc04xbRr7sEBBvumkmLLYDb7n710+Jn4VSgiFqQaoQ7OOQgYpSZ
WYRacsrkucVnfyMF5p1sU4UqFJUnivvwNKImU4cIKme/gZ/gafKHZg/E9MuAzCkF
wY7n7NVj5IkrWT6xYLkaJ50X0UppvYGNZWB4n9dm0n/peDnzWZOdrxszTOjrhhqQ
dALXQxYQQrZUdQ==
-----END CERTIFICATE-----