Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
File:                     _Nq63VYraOxeFY4easdvfalucyM.mft (raw, json)
Hash identifier:          WOd5/Zkm9ZrFMhDJzr4dlct4SCI6sRyhxHpQeGekX8U=
Subject key identifier:   54:C7:D2:20:46:F7:1F:BA:34:C9:3A:14:7A:42:22:36:3A:58:BB:80
Authority key identifier: FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23
Certificate issuer:       /CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
Certificate serial:       0197B70F4E21B6E8C0F153717F08771C22C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 15:02:02 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:02 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:02 +0000
Files and hashes:         1: _Nq63VYraOxeFY4easdvfalucyM.crl (hash: Nz1oakSbOYtCpzpmjycT48FiYOhK66IkUrPU7yYZRt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:4e:21:b6:e8:c0:f1:53:71:7f:08:77:1c:22:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
        Validity
            Not Before: Jun 28 15:02:02 2025 GMT
            Not After : Jun 29 15:02:02 2025 GMT
        Subject: CN=54c7d22046f71fba34c93a147a4222363a58bb80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:c1:5a:42:e4:73:43:df:42:ec:35:05:e3:0c:
                    02:38:ab:95:62:6c:d1:5e:f6:d0:97:89:2f:4c:f9:
                    e8:bc:89:90:2b:e8:65:9b:80:2a:0f:ec:c8:4c:0c:
                    d4:c0:08:64:4c:4b:a1:ba:16:23:32:f6:6b:9b:c6:
                    bf:23:b1:ce:91:36:38:d6:c7:b5:21:f5:3d:fc:4e:
                    c6:46:21:50:7e:8c:86:71:bc:f9:42:3e:b9:6f:8e:
                    c3:3f:c5:35:a3:5e:05:a1:b3:13:71:0f:cd:bc:59:
                    2e:8d:7e:13:16:b0:53:18:f1:7d:2e:6b:f5:64:3b:
                    0a:06:3d:9e:18:ae:b9:a3:92:1e:dd:96:d0:cb:84:
                    af:cc:be:5e:78:c3:e5:ca:6d:af:ae:74:5f:32:35:
                    b2:78:23:bf:e7:10:ff:04:e7:af:aa:98:8e:ee:a9:
                    f3:6f:4d:77:90:19:1f:15:c0:77:e7:53:80:55:cc:
                    c2:cd:3a:0f:cc:e5:91:17:a5:9e:60:77:95:df:de:
                    f8:39:c5:9e:bb:17:f9:c1:ed:15:bf:2f:21:bf:7d:
                    01:55:14:45:a7:d5:c5:1b:95:3d:7c:46:c8:96:11:
                    12:b1:f6:fe:00:01:a0:ff:41:33:8a:be:6d:88:53:
                    59:e5:be:f3:87:d3:da:c8:0a:50:da:54:0c:01:42:
                    d9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C7:D2:20:46:F7:1F:BA:34:C9:3A:14:7A:42:22:36:3A:58:BB:80
            X509v3 Authority Key Identifier:
                keyid:FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:8c:fc:c4:9d:b7:fe:99:7d:98:a1:90:77:b9:7e:0f:a4:6d:
         39:14:a3:2c:a3:b5:f7:a1:3a:4f:8b:bd:43:a8:46:30:d5:c2:
         3a:11:9e:a8:bc:13:aa:13:9d:cb:ee:43:af:e6:51:b4:a9:35:
         67:9f:b4:2b:c5:b8:95:fa:64:60:95:70:5c:95:3d:1f:3e:ba:
         8b:c4:af:2b:4b:69:b8:32:5f:9e:4e:e3:f7:a7:24:5c:af:44:
         f1:ea:e6:24:2c:61:ca:b3:3d:dd:7b:e0:53:69:0f:f1:9f:01:
         a9:cf:0f:19:a8:c5:e7:2f:13:c6:0e:b6:c5:70:0a:69:93:35:
         1d:15:18:1b:19:92:f6:d3:85:2b:ae:89:3d:a0:54:db:f2:1a:
         c0:73:8a:7f:d1:ef:fe:0f:2f:b6:43:78:70:40:34:4f:b9:dd:
         78:53:bf:94:10:bb:9d:0f:9e:26:4d:17:65:9a:b0:9a:fb:32:
         be:2d:c3:4d:0b:a5:cc:57:c5:4e:de:3e:c6:c5:b7:79:72:66:
         bb:74:51:ca:65:8c:3b:93:a5:f6:68:02:60:1f:7d:9f:5e:22:
         1d:af:a8:d9:6c:f3:8d:7e:ad:b9:f0:15:2d:4a:b2:8a:24:81:
         e1:20:eb:be:32:03:e8:9b:7d:49:bc:74:94:f3:9f:0a:73:79:
         97:f5:03:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D04htujA8VNxfwh3HCLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZGFiYWRkNTYyYjY4ZWM1ZTE1OGUxZTZhYzc2ZjdkYTk2
ZTczMjMwHhcNMjUwNjI4MTUwMjAyWhcNMjUwNjI5MTUwMjAyWjAzMTEwLwYDVQQD
Eyg1NGM3ZDIyMDQ2ZjcxZmJhMzRjOTNhMTQ3YTQyMjIzNjNhNThiYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMFaQuRzQ99C7DUF4wwCOKuVYmzR
XvbQl4kvTPnovImQK+hlm4AqD+zITAzUwAhkTEuhuhYjMvZrm8a/I7HOkTY41se1
IfU9/E7GRiFQfoyGcbz5Qj65b47DP8U1o14FobMTcQ/NvFkujX4TFrBTGPF9Lmv1
ZDsKBj2eGK65o5Ie3ZbQy4SvzL5eeMPlym2vrnRfMjWyeCO/5xD/BOevqpiO7qnz
b013kBkfFcB351OAVczCzToPzOWRF6WeYHeV3974OcWeuxf5we0Vvy8hv30BVRRF
p9XFG5U9fEbIlhESsfb+AAGg/0Ezir5tiFNZ5b7zh9PayApQ2lQMAULZDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTH0iBG9x+6NMk6FHpCIjY6WLuAMB8GA1UdIwQY
MBaAFPzaut1WK2jsXhWOHmrHb32pbnMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmIt
YTM5NGU4NjZiMzdjLzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmItYTM5NGU4NjZiMzdj
LzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEoz8xJ23
/pl9mKGQd7l+D6RtORSjLKO196E6T4u9Q6hGMNXCOhGeqLwTqhOdy+5Dr+ZRtKk1
Z5+0K8W4lfpkYJVwXJU9Hz66i8SvK0tpuDJfnk7j96ckXK9E8ermJCxhyrM93Xvg
U2kP8Z8Bqc8PGajF5y8Txg62xXAKaZM1HRUYGxmS9tOFK66JPaBU2/IawHOKf9Hv
/g8vtkN4cEA0T7ndeFO/lBC7nQ+eJk0XZZqwmvsyvi3DTQulzFfFTt4+xsW3eXJm
u3RRymWMO5Ol9mgCYB99n14iHa+o2WzzjX6tufAVLUqyiiSB4SDrvjID6Jt9Sbx0
lPOfCnN5l/UDyw==
-----END CERTIFICATE-----