Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          FRewk4Wch7UJ1lzzeYaTieHG6cqIEUJ/Z/J1r6+fOcE=
Subject key identifier:   29:BA:57:86:C8:DF:C1:E2:C8:7B:86:F0:DA:96:42:D6:11:69:E7:7A
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       0197B6A20031E7E4FC226D9E11B128D2B1F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          106A
Signing time:             Sat 28 Jun 2025 13:02:39 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:39 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:39 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: olyFq/aAjnWBZixGHVJjDuzl/New9fZyGg8omhHsxik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:00:31:e7:e4:fc:22:6d:9e:11:b1:28:d2:b1:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Jun 28 13:02:39 2025 GMT
            Not After : Jun 29 13:02:39 2025 GMT
        Subject: CN=29ba5786c8dfc1e2c87b86f0da9642d61169e77a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:fa:11:ac:50:91:a3:79:01:54:44:51:cc:e5:
                    01:94:b1:f5:8e:39:ee:8c:cb:e8:03:13:7c:2a:6c:
                    2c:8b:c2:fd:06:0e:4e:ba:f7:02:d9:2a:98:c0:8c:
                    d7:8d:09:d2:38:18:9b:3e:2d:08:70:d2:0c:38:d2:
                    03:2c:75:65:7b:d7:38:eb:29:ac:82:8c:5f:bb:2d:
                    39:3b:43:ca:dd:af:db:8b:78:13:c4:f6:58:1c:15:
                    91:28:88:5d:0d:ae:7b:af:a7:43:63:bc:f2:d2:fd:
                    b4:fd:70:a5:05:03:92:e2:71:af:9e:0c:cc:1b:d6:
                    27:d3:e6:2c:71:6a:15:9b:be:07:3c:50:a9:d6:7f:
                    66:5f:68:94:db:30:82:87:c6:2c:09:d8:9b:bc:c4:
                    bc:53:a2:17:ab:57:98:e0:70:0c:ec:f7:8d:b3:dc:
                    ca:83:59:58:9b:28:ce:20:a2:75:0c:bc:9e:2e:95:
                    7f:cc:13:50:a2:5e:2a:7f:6e:39:05:6f:ba:c3:f2:
                    74:c1:02:a8:64:3e:14:90:64:36:28:2c:66:89:bd:
                    ec:97:7e:82:ef:0b:80:2d:5d:cd:4c:54:c5:17:6d:
                    ad:72:16:f7:08:4d:47:53:13:66:bb:41:68:b5:37:
                    e9:78:1d:c7:29:3c:7d:6c:fd:8f:02:e5:57:60:6c:
                    42:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BA:57:86:C8:DF:C1:E2:C8:7B:86:F0:DA:96:42:D6:11:69:E7:7A
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:3d:47:f0:27:b5:d7:46:37:b2:e1:e1:31:da:fb:b3:30:44:
         80:8d:d9:65:8e:d7:75:ec:01:8f:23:7f:bc:a9:e6:da:db:40:
         78:16:db:f4:65:b8:35:3b:d0:99:aa:1a:26:45:c3:2e:48:25:
         7a:d3:f4:50:60:b6:89:a8:39:11:c3:80:27:96:1c:ca:59:f5:
         64:b7:27:b2:61:af:6d:2d:ab:a3:57:cd:b3:c9:25:1f:82:9d:
         1f:48:4a:9a:e9:48:e3:ca:f7:3e:be:ef:e9:89:cd:c3:7e:d1:
         b0:1c:85:dc:ca:44:73:50:ac:17:0d:3d:d3:9c:25:d9:80:08:
         28:63:82:40:8a:b6:ef:75:27:1d:67:0c:54:db:de:94:41:c3:
         bf:31:d6:59:ed:55:02:c5:22:f6:89:2f:c5:65:7d:d8:01:10:
         26:b1:64:42:a6:9f:08:fb:1c:f8:4a:96:ae:47:52:d2:f8:19:
         67:05:c8:19:f5:b7:53:34:84:3d:da:c7:c3:ff:b5:73:0b:6b:
         e9:63:c9:27:82:ad:1a:37:00:e6:40:37:be:7e:e7:a4:0b:78:
         ef:d7:66:54:df:5a:67:2d:b9:b3:a2:78:c9:56:4e:fc:4e:15:
         ad:9c:98:c7:ec:c2:bf:ff:87:7f:a2:cd:a9:ae:55:55:50:78:
         94:a4:bf:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ogAx5+T8Im2eEbEo0rHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjUwNjI4MTMwMjM5WhcNMjUwNjI5MTMwMjM5WjAzMTEwLwYDVQQD
EygyOWJhNTc4NmM4ZGZjMWUyYzg3Yjg2ZjBkYTk2NDJkNjExNjllNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PoRrFCRo3kBVERRzOUBlLH1jjnu
jMvoAxN8Kmwsi8L9Bg5OuvcC2SqYwIzXjQnSOBibPi0IcNIMONIDLHVle9c46yms
goxfuy05O0PK3a/bi3gTxPZYHBWRKIhdDa57r6dDY7zy0v20/XClBQOS4nGvngzM
G9Yn0+YscWoVm74HPFCp1n9mX2iU2zCCh8YsCdibvMS8U6IXq1eY4HAM7PeNs9zK
g1lYmyjOIKJ1DLyeLpV/zBNQol4qf245BW+6w/J0wQKoZD4UkGQ2KCxmib3sl36C
7wuALV3NTFTFF22tchb3CE1HUxNmu0FotTfpeB3HKTx9bP2PAuVXYGxCKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm6V4bI38HiyHuG8NqWQtYRaed6MB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmT1H8Ce1
10Y3suHhMdr7szBEgI3ZZY7XdewBjyN/vKnm2ttAeBbb9GW4NTvQmaoaJkXDLkgl
etP0UGC2iag5EcOAJ5Ycyln1ZLcnsmGvbS2ro1fNs8klH4KdH0hKmulI48r3Pr7v
6YnNw37RsByF3MpEc1CsFw0905wl2YAIKGOCQIq273UnHWcMVNvelEHDvzHWWe1V
AsUi9okvxWV92AEQJrFkQqafCPsc+EqWrkdS0vgZZwXIGfW3UzSEPdrHw/+1cwtr
6WPJJ4KtGjcA5kA3vn7npAt479dmVN9aZy25s6J4yVZO/E4VrZyYx+zCv/+Hf6LN
qa5VVVB4lKS/kg==
-----END CERTIFICATE-----