Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File:                     sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier:          q2ilTfmR0Fb6liUPRU/1qcK2rgzbud97I+vz/5n7opw=
Subject key identifier:   75:95:A2:38:11:9F:4E:B9:64:EC:85:73:E2:C5:A3:36:15:75:D3:C8
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer:       /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial:       0197B88F4A64ADD59C266F1EF1222A58E01E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number:          030A
Signing time:             Sat 28 Jun 2025 22:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:27 +0000
Files and hashes:         1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: UzW+9zxPFN6XzraPft3k8bleY9VJPDpgVAlNM/HDTMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:4a:64:ad:d5:9c:26:6f:1e:f1:22:2a:58:e0:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
        Validity
            Not Before: Jun 28 22:01:27 2025 GMT
            Not After : Jun 29 22:01:27 2025 GMT
        Subject: CN=7595a238119f4eb964ec8573e2c5a3361575d3c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:90:22:87:23:54:7b:b6:66:a1:cf:54:c7:43:
                    ab:fc:44:98:41:5a:61:cc:81:34:ae:68:bc:fd:c9:
                    7e:d8:00:6e:de:8c:e8:24:44:32:ed:0f:99:64:d0:
                    16:01:d7:2b:a4:3e:24:2b:6d:04:19:e3:17:82:8c:
                    b4:bf:2d:f4:ca:a3:61:81:b6:3b:cb:c9:43:8c:58:
                    64:89:58:bc:c5:55:7c:13:6c:eb:db:31:3e:3b:99:
                    6d:b2:c1:7a:e4:8e:a3:09:91:14:ec:6c:2c:c8:32:
                    57:15:bf:67:b2:eb:e1:99:8d:f3:c5:d0:28:e3:be:
                    e7:3c:a2:dd:46:92:3f:a2:b1:96:87:3d:29:bf:a4:
                    e1:43:1a:97:18:92:12:68:b8:be:08:20:37:cf:8d:
                    f4:71:15:73:73:fe:12:a6:4f:bb:e5:b4:3a:80:69:
                    a7:54:70:ce:b2:0f:81:70:1a:94:c7:25:c7:e5:26:
                    a5:f3:ab:cb:58:5b:39:a2:89:73:40:bc:73:b7:d5:
                    6f:a5:05:74:de:cc:ce:f9:cb:99:c3:89:51:ac:c0:
                    6c:88:a2:a4:26:d2:5e:d8:43:76:99:ea:16:ce:fd:
                    f2:8a:f6:5e:42:61:61:f4:99:5e:7b:e8:5f:7a:de:
                    a9:8a:c6:3a:5b:08:cf:3f:cd:98:c2:e8:c1:81:f7:
                    cb:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:95:A2:38:11:9F:4E:B9:64:EC:85:73:E2:C5:A3:36:15:75:D3:C8
            X509v3 Authority Key Identifier:
                keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:15:34:86:03:47:67:11:31:c1:39:d6:59:e2:ea:90:0c:f4:
         ac:38:05:f2:37:8a:41:45:ca:f8:d5:7e:fc:d5:4c:39:96:40:
         39:a7:56:4b:bd:d3:44:11:14:af:f3:9b:05:0e:01:ac:92:52:
         12:7b:08:3a:3f:53:a2:f9:e8:5d:b6:6b:4b:5c:b0:ac:a9:db:
         5d:63:c4:56:bd:9b:73:7f:bf:f7:21:20:ef:38:4d:b2:9c:10:
         be:20:0c:76:b8:c6:e2:2a:4d:e0:10:b4:0a:57:fa:57:33:18:
         53:c4:06:c9:f8:37:57:7a:0c:5e:6c:8c:87:b2:6d:38:d0:48:
         2e:60:02:14:33:8f:f4:e4:62:b3:d7:84:47:0f:99:80:cd:6a:
         36:76:f8:95:94:57:80:12:a2:87:cb:33:ad:5d:72:a9:40:43:
         f5:b7:7b:14:34:d1:7c:c2:d1:ec:ef:de:8d:58:70:26:eb:85:
         a2:e5:7e:c4:bb:04:8f:65:bb:28:11:a6:ea:d0:4c:9b:04:f7:
         12:05:45:80:8e:73:7c:c8:98:37:11:9c:1a:54:30:13:ec:0b:
         07:d4:92:4d:b7:02:da:5e:e8:7d:94:8c:f1:18:9b:55:49:c5:
         57:8d:8b:04:6a:78:7e:d8:f9:03:c4:13:91:93:30:cb:fb:23:
         6f:20:05:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j0pkrdWcJm8e8SIqWOAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUwNjI4MjIwMTI3WhcNMjUwNjI5MjIwMTI3WjAzMTEwLwYDVQQD
Eyg3NTk1YTIzODExOWY0ZWI5NjRlYzg1NzNlMmM1YTMzNjE1NzVkM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZAihyNUe7Zmoc9Ux0Or/ESYQVph
zIE0rmi8/cl+2ABu3ozoJEQy7Q+ZZNAWAdcrpD4kK20EGeMXgoy0vy30yqNhgbY7
y8lDjFhkiVi8xVV8E2zr2zE+O5ltssF65I6jCZEU7GwsyDJXFb9nsuvhmY3zxdAo
477nPKLdRpI/orGWhz0pv6ThQxqXGJISaLi+CCA3z430cRVzc/4Spk+75bQ6gGmn
VHDOsg+BcBqUxyXH5Sal86vLWFs5oolzQLxzt9VvpQV03szO+cuZw4lRrMBsiKKk
JtJe2EN2meoWzv3yivZeQmFh9Jlee+hfet6pisY6WwjPP82YwujBgffLFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWVojgRn065ZOyFc+LFozYVddPIMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRU0hgNH
ZxExwTnWWeLqkAz0rDgF8jeKQUXK+NV+/NVMOZZAOadWS73TRBEUr/ObBQ4BrJJS
EnsIOj9TovnoXbZrS1ywrKnbXWPEVr2bc3+/9yEg7zhNspwQviAMdrjG4ipN4BC0
Clf6VzMYU8QGyfg3V3oMXmyMh7JtONBILmACFDOP9ORis9eERw+ZgM1qNnb4lZRX
gBKih8szrV1yqUBD9bd7FDTRfMLR7O/ejVhwJuuFouV+xLsEj2W7KBGm6tBMmwT3
EgVFgI5zfMiYNxGcGlQwE+wLB9SSTbcC2l7ofZSM8RibVUnFV42LBGp4ftj5A8QT
kZMwy/sjbyAF/g==
-----END CERTIFICATE-----