Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          XNu8WNiwkjAy5kJbe7WVakieASlQvYw6UBAzsYdCczA=
Subject key identifier:   ED:A8:57:A7:58:97:05:3B:26:A0:E4:FE:42:4D:5B:08:A5:2C:7B:C0
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       0197B70ED8373AF62CFD58548322324877E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          023B
Signing time:             Sat 28 Jun 2025 15:01:32 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:32 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:32 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: 2JCRxK4NE8VuBas4n5hGqZyXAvr/GTzCrX3nGkgUaxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:d8:37:3a:f6:2c:fd:58:54:83:22:32:48:77:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Jun 28 15:01:32 2025 GMT
            Not After : Jun 29 15:01:32 2025 GMT
        Subject: CN=eda857a75897053b26a0e4fe424d5b08a52c7bc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:65:ea:b1:4a:6f:20:f4:74:82:6c:da:f4:ff:
                    5e:a8:d7:84:96:10:c2:2a:0a:14:70:ea:03:4e:d6:
                    33:94:b4:49:dd:84:8b:b7:1b:7c:bf:d0:51:4e:e6:
                    43:63:7f:6a:ec:d8:3a:54:3b:e6:73:75:78:d8:8c:
                    e3:67:f4:45:4a:47:bb:99:aa:ad:6f:30:36:b6:da:
                    4c:c8:7c:c0:6a:5a:33:9a:c0:49:ad:3d:28:80:4e:
                    00:12:c1:d2:39:06:95:8d:bf:aa:90:40:24:5c:5c:
                    35:97:38:7e:a9:2c:25:24:ef:68:b1:39:57:a4:09:
                    91:95:ee:08:eb:87:7b:7f:aa:0c:0f:79:a1:02:c7:
                    96:2e:3e:dd:69:90:83:3d:f5:35:6f:b9:a1:5c:2c:
                    c0:90:0f:a6:15:c0:65:bb:01:0a:a4:28:94:71:41:
                    f3:3a:02:38:e8:9c:ec:93:0f:31:50:c9:7a:05:08:
                    94:83:f7:a7:db:bf:fa:b3:ce:7a:4c:0a:03:55:a0:
                    db:2d:db:30:5d:e0:ec:c0:e0:a4:25:ec:82:0a:56:
                    cf:d1:ea:8e:50:a8:5d:8e:e1:a7:b6:64:5b:cc:cf:
                    2b:76:38:88:12:cc:8c:ec:57:14:f2:14:b6:92:e7:
                    0e:22:ab:91:fe:78:35:a1:ad:90:0b:b9:bd:0d:3f:
                    8f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A8:57:A7:58:97:05:3B:26:A0:E4:FE:42:4D:5B:08:A5:2C:7B:C0
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:76:69:3f:80:36:2d:2d:55:29:95:2d:3e:51:d2:5b:95:87:
         4c:6f:b0:ce:6a:32:85:26:c8:ba:c5:3d:db:d9:c3:c1:a4:fe:
         ee:1e:f8:94:2f:83:a5:bf:99:14:3b:ca:f3:57:0c:cc:0d:89:
         b2:df:99:16:54:eb:ee:cb:98:39:fa:23:92:5f:12:99:d5:38:
         90:4c:7c:b8:7b:57:07:ec:69:96:3b:eb:9a:66:8e:eb:dd:18:
         b2:3b:dd:f3:2a:e5:82:0b:a0:12:34:a8:a1:15:83:9c:32:f6:
         d0:9f:86:ea:a8:19:7f:7f:95:7a:4b:93:bd:ef:23:37:03:e2:
         8e:be:0c:25:60:ce:65:d0:59:42:8c:65:c5:73:8a:ff:94:94:
         a8:78:1d:e6:99:c5:65:3e:37:55:01:c1:07:72:3d:c1:98:29:
         56:39:a8:b9:96:df:d5:ff:eb:cb:59:62:42:38:ec:68:fa:0f:
         a5:23:a7:3d:e4:ff:9c:d4:ee:1e:94:eb:d0:14:1d:27:c6:9c:
         81:ed:33:38:ac:21:52:f9:93:c5:61:bb:95:85:a1:e0:d9:74:
         99:ec:72:bb:ca:f4:4a:b2:8d:1b:35:01:b9:3d:e5:c5:fb:99:
         5d:31:51:5e:ca:d0:cc:b3:70:34:6b:97:fe:fb:8c:44:4d:9d:
         e4:5a:92:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dtg3OvYs/VhUgyIySHfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUwNjI4MTUwMTMyWhcNMjUwNjI5MTUwMTMyWjAzMTEwLwYDVQQD
EyhlZGE4NTdhNzU4OTcwNTNiMjZhMGU0ZmU0MjRkNWIwOGE1MmM3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGXqsUpvIPR0gmza9P9eqNeElhDC
KgoUcOoDTtYzlLRJ3YSLtxt8v9BRTuZDY39q7Ng6VDvmc3V42IzjZ/RFSke7maqt
bzA2ttpMyHzAalozmsBJrT0ogE4AEsHSOQaVjb+qkEAkXFw1lzh+qSwlJO9osTlX
pAmRle4I64d7f6oMD3mhAseWLj7daZCDPfU1b7mhXCzAkA+mFcBluwEKpCiUcUHz
OgI46Jzskw8xUMl6BQiUg/en27/6s856TAoDVaDbLdswXeDswOCkJeyCClbP0eqO
UKhdjuGntmRbzM8rdjiIEsyM7FcU8hS2kucOIquR/ng1oa2QC7m9DT+PYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2oV6dYlwU7JqDk/kJNWwilLHvAMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAinZpP4A2
LS1VKZUtPlHSW5WHTG+wzmoyhSbIusU929nDwaT+7h74lC+Dpb+ZFDvK81cMzA2J
st+ZFlTr7suYOfojkl8SmdU4kEx8uHtXB+xpljvrmmaO690Ysjvd8yrlggugEjSo
oRWDnDL20J+G6qgZf3+VekuTve8jNwPijr4MJWDOZdBZQoxlxXOK/5SUqHgd5pnF
ZT43VQHBB3I9wZgpVjmouZbf1f/ry1liQjjsaPoPpSOnPeT/nNTuHpTr0BQdJ8ac
ge0zOKwhUvmTxWG7lYWh4Nl0mexyu8r0SrKNGzUBuT3lxfuZXTFRXsrQzLNwNGuX
/vuMRE2d5FqSSQ==
-----END CERTIFICATE-----