Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          RQSGCpe/yBlIyf9rTypnVlKH1g4xqO/xyT8Qm4vecqY=
Subject key identifier:   22:DD:E2:B0:FA:98:39:1F:C7:EF:D0:7E:D9:11:28:C5:A0:9D:B2:BE
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       0197B7EACCDE1677207E8B6D14E4A49BCC89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 19:01:47 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:47 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:47 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: glMMWC/5BnJsemSJTPQ35w/sF6tUg4UHv3ZTF/J5Z/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:cc:de:16:77:20:7e:8b:6d:14:e4:a4:9b:cc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Jun 28 19:01:47 2025 GMT
            Not After : Jun 29 19:01:47 2025 GMT
        Subject: CN=22dde2b0fa98391fc7efd07ed91128c5a09db2be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2a:f4:9b:42:9e:ad:47:1c:44:ad:20:4c:70:
                    a6:28:f8:12:ea:69:d2:43:d2:27:5c:4d:ee:58:bf:
                    2c:9c:36:fc:ff:95:6c:cb:f4:97:4d:ec:dc:e1:ad:
                    e4:8f:43:53:e4:27:6d:5a:c8:f6:28:09:24:25:8a:
                    8a:4e:0e:d3:4d:9b:36:52:8d:12:0f:1f:de:b5:bc:
                    b1:48:ac:23:7d:eb:b7:ea:89:2f:b9:93:12:e8:78:
                    a5:be:ca:62:72:ef:74:fa:e0:96:90:23:4d:7f:8f:
                    25:ba:18:9c:0a:7f:58:be:b7:83:f2:c8:b7:8d:13:
                    10:eb:77:f5:73:87:ee:d1:1f:e5:5c:55:a8:36:2d:
                    52:3f:15:64:74:86:33:43:58:b1:e0:af:bb:26:a3:
                    15:3e:aa:71:20:f8:75:e5:f1:87:9d:8d:96:59:87:
                    00:bc:8d:74:4b:30:39:43:80:d1:05:b2:34:a8:60:
                    14:b6:01:b6:8d:70:70:f6:72:47:95:19:43:93:1d:
                    0a:5d:f2:2d:cd:2e:49:d7:06:85:20:72:91:80:e4:
                    2a:f7:9e:d1:23:80:21:d9:75:45:5f:e0:0f:bd:f2:
                    e2:f4:cc:92:14:93:ee:0d:92:2f:90:a9:f9:7b:7f:
                    f6:27:65:e3:c9:22:27:63:58:ce:e1:f4:a1:63:b2:
                    a5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:DD:E2:B0:FA:98:39:1F:C7:EF:D0:7E:D9:11:28:C5:A0:9D:B2:BE
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:42:c8:9a:5a:9c:f9:20:82:8c:72:5c:0d:2e:d6:59:b9:05:
         e2:7c:00:4c:46:cb:43:91:e8:7e:60:f3:5a:19:31:ec:ef:66:
         e0:85:e4:88:4a:34:85:93:f5:9b:d3:ae:d8:6f:99:da:3e:a4:
         37:04:24:49:d8:0f:2e:1f:85:7c:69:d7:6e:5c:53:5f:8c:f4:
         4d:3a:80:7a:cf:d4:28:6a:9b:2f:8c:83:85:64:8d:2f:0b:71:
         0f:e0:bb:01:31:4e:29:08:0f:62:3b:4d:b9:d7:ab:5b:7c:85:
         e8:c0:3a:83:78:86:15:69:ed:64:7e:0f:0d:83:0e:68:50:67:
         a0:14:35:b5:e5:cb:df:88:2c:2e:0f:55:6f:db:c5:9c:30:0e:
         57:a1:d3:a0:e2:4e:1b:39:85:c6:f3:16:f4:66:51:d6:c8:72:
         9f:73:99:8a:89:f4:5b:06:94:d9:a5:f1:9c:50:94:49:68:3d:
         59:ac:2d:71:53:46:9e:78:ad:31:8e:2e:1b:5c:9b:54:39:e3:
         30:cb:6e:31:eb:2a:0d:e0:95:c1:d5:58:74:29:50:dc:4c:12:
         d3:12:99:b8:2c:6a:fd:07:6b:aa:4c:85:e3:26:c7:37:87:7b:
         09:2b:bc:3e:37:03:ba:4f:c4:8b:50:d9:4d:5c:e3:c9:2e:c2:
         16:9f:27:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36szeFncgfottFOSkm8yJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjUwNjI4MTkwMTQ3WhcNMjUwNjI5MTkwMTQ3WjAzMTEwLwYDVQQD
EygyMmRkZTJiMGZhOTgzOTFmYzdlZmQwN2VkOTExMjhjNWEwOWRiMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ir0m0KerUccRK0gTHCmKPgS6mnS
Q9InXE3uWL8snDb8/5Vsy/SXTezc4a3kj0NT5CdtWsj2KAkkJYqKTg7TTZs2Uo0S
Dx/etbyxSKwjfeu36okvuZMS6Hilvspicu90+uCWkCNNf48luhicCn9YvreD8si3
jRMQ63f1c4fu0R/lXFWoNi1SPxVkdIYzQ1ix4K+7JqMVPqpxIPh15fGHnY2WWYcA
vI10SzA5Q4DRBbI0qGAUtgG2jXBw9nJHlRlDkx0KXfItzS5J1waFIHKRgOQq957R
I4Ah2XVFX+APvfLi9MySFJPuDZIvkKn5e3/2J2XjySInY1jO4fShY7KlJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLd4rD6mDkfx+/QftkRKMWgnbK+MB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOULImlqc
+SCCjHJcDS7WWbkF4nwATEbLQ5HofmDzWhkx7O9m4IXkiEo0hZP1m9Ou2G+Z2j6k
NwQkSdgPLh+FfGnXblxTX4z0TTqAes/UKGqbL4yDhWSNLwtxD+C7ATFOKQgPYjtN
uderW3yF6MA6g3iGFWntZH4PDYMOaFBnoBQ1teXL34gsLg9Vb9vFnDAOV6HToOJO
GzmFxvMW9GZR1shyn3OZion0WwaU2aXxnFCUSWg9WawtcVNGnnitMY4uG1ybVDnj
MMtuMesqDeCVwdVYdClQ3EwS0xKZuCxq/QdrqkyF4ybHN4d7CSu8PjcDuk/Ei1DZ
TVzjyS7CFp8ndQ==
-----END CERTIFICATE-----