Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          ubOnnk6GNjBZ42LmBnc23ClJtOJ4kchZf867O8EeNuo=
Subject key identifier:   BB:CD:81:1F:FD:14:E6:28:2E:C9:5A:D6:33:D2:30:9B:B8:8B:DD:54
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       0197B5FBD7F4DD9EF089BFE6B8CD55B094F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0EE6
Signing time:             Sat 28 Jun 2025 10:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:10 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: wEo+C9Cs7dD08WgL2Uuj9XmsPzmIbo8RXmHayBiqStA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fb:d7:f4:dd:9e:f0:89:bf:e6:b8:cd:55:b0:94:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Jun 28 10:01:10 2025 GMT
            Not After : Jun 29 10:01:10 2025 GMT
        Subject: CN=bbcd811ffd14e6282ec95ad633d2309bb88bdd54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:81:31:0a:d0:de:7e:61:57:14:53:6c:0f:62:
                    c3:0d:9b:06:b3:2d:54:6a:ed:13:82:49:9b:28:c5:
                    97:9f:e3:57:fe:b5:4e:4b:f0:9e:e7:8d:7c:eb:c3:
                    69:43:a3:fb:86:cb:ec:1c:c0:85:8c:be:e3:d7:76:
                    9d:9e:c3:d2:92:b6:a6:59:7b:c2:f1:59:6c:02:2d:
                    23:14:68:20:a5:42:b2:63:82:c4:6e:33:08:7c:8c:
                    99:53:5f:0f:28:ea:c6:42:cc:d5:07:4c:9b:94:7d:
                    33:06:56:c8:4c:41:1a:72:45:fc:25:1e:90:08:85:
                    e5:49:2d:cf:df:05:6d:4e:c3:4d:b2:41:6c:91:36:
                    fd:f2:9c:47:59:1c:6b:2f:f6:bc:54:0f:ab:6a:d2:
                    d0:93:e2:2d:02:59:3f:33:02:3e:2b:cb:32:7b:34:
                    7e:64:a9:83:09:6b:c4:a7:ce:e2:d4:5e:d4:ef:ea:
                    f0:b0:20:0c:25:6e:0c:0a:81:60:ca:50:6a:82:6d:
                    6a:8d:18:34:f5:cb:38:09:ab:45:d3:bf:b1:da:73:
                    fb:ed:28:da:dc:76:7c:01:4e:da:47:b9:7b:74:94:
                    87:95:42:2d:04:22:23:2a:e5:9e:1f:fa:e8:9e:c8:
                    7b:b4:0b:f8:18:21:32:9d:10:b5:56:73:69:53:da:
                    77:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:CD:81:1F:FD:14:E6:28:2E:C9:5A:D6:33:D2:30:9B:B8:8B:DD:54
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ee:b9:27:72:49:ed:f5:50:0b:c9:6a:03:61:b1:e1:b2:1d:
         3e:04:41:ae:01:cb:2f:8e:0a:f4:87:57:53:b7:ab:32:ae:34:
         09:be:26:de:34:8f:b4:1a:11:55:8a:11:a7:f9:53:02:91:58:
         d8:d0:9d:bb:28:0c:55:36:e6:b0:83:5f:a9:71:36:c1:39:bd:
         96:34:a6:34:9f:54:27:ee:ce:b2:0e:b7:90:07:78:57:08:a9:
         55:bd:b5:7e:22:76:8b:f2:8d:f1:3f:07:59:13:01:7f:22:2e:
         1f:f4:aa:11:df:35:c3:87:f2:87:89:4e:74:b5:63:c5:bd:e1:
         bb:08:a0:84:11:fc:4b:78:3f:c5:70:4a:8b:37:3d:e2:15:37:
         44:e5:cc:38:2f:45:ae:94:8f:12:1c:0b:6c:e8:a4:ab:e6:58:
         d3:22:af:90:b3:0d:4e:99:11:7f:a1:44:18:62:34:45:bb:40:
         b4:8a:e5:7f:81:92:e2:fc:21:ca:ea:3b:c1:e3:e2:a1:c0:b9:
         d2:ab:73:67:9a:ce:de:e3:ae:ce:e5:ac:07:d0:49:6e:52:4e:
         2d:05:85:4d:9b:24:15:fa:9a:1e:ba:12:66:0f:16:33:30:1e:
         23:47:de:22:b2:55:54:e6:eb:fd:55:a6:44:0d:ce:10:83:03:
         eb:ce:cd:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1+9f03Z7wib/muM1VsJTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwNjI4MTAwMTEwWhcNMjUwNjI5MTAwMTEwWjAzMTEwLwYDVQQD
EyhiYmNkODExZmZkMTRlNjI4MmVjOTVhZDYzM2QyMzA5YmI4OGJkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYExCtDefmFXFFNsD2LDDZsGsy1U
au0TgkmbKMWXn+NX/rVOS/Ce541868NpQ6P7hsvsHMCFjL7j13adnsPSkramWXvC
8VlsAi0jFGggpUKyY4LEbjMIfIyZU18PKOrGQszVB0yblH0zBlbITEEackX8JR6Q
CIXlSS3P3wVtTsNNskFskTb98pxHWRxrL/a8VA+ratLQk+ItAlk/MwI+K8syezR+
ZKmDCWvEp87i1F7U7+rwsCAMJW4MCoFgylBqgm1qjRg09cs4CatF07+x2nP77Sja
3HZ8AU7aR7l7dJSHlUItBCIjKuWeH/ronsh7tAv4GCEynRC1VnNpU9p3BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvNgR/9FOYoLsla1jPSMJu4i91UMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQu65J3JJ
7fVQC8lqA2Gx4bIdPgRBrgHLL44K9IdXU7erMq40Cb4m3jSPtBoRVYoRp/lTApFY
2NCduygMVTbmsINfqXE2wTm9ljSmNJ9UJ+7Osg63kAd4VwipVb21fiJ2i/KN8T8H
WRMBfyIuH/SqEd81w4fyh4lOdLVjxb3huwighBH8S3g/xXBKizc94hU3ROXMOC9F
rpSPEhwLbOikq+ZY0yKvkLMNTpkRf6FEGGI0RbtAtIrlf4GS4vwhyuo7wePiocC5
0qtzZ5rO3uOuzuWsB9BJblJOLQWFTZskFfqaHroSZg8WMzAeI0feIrJVVObr/VWm
RA3OEIMD687N+g==
-----END CERTIFICATE-----