Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          Xal/O1Ru52pBpknFLDPoxQG+pRQRjZ2gXFsT2tjp418=
Subject key identifier:   1E:78:DA:41:18:A9:82:AA:67:08:61:C7:A1:36:56:B5:61:96:53:B9
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       0197B77CBC96B5C98BE358AD6AD068579447
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 17:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:34 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: V99uJnH5GV8KDcpsmqjZcIwlAiphdCEJmmh6iS0g9nk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:bc:96:b5:c9:8b:e3:58:ad:6a:d0:68:57:94:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: Jun 28 17:01:34 2025 GMT
            Not After : Jun 29 17:01:34 2025 GMT
        Subject: CN=1e78da4118a982aa670861c7a13656b5619653b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:24:1a:11:20:db:b6:f5:e5:27:bc:2c:b4:94:
                    94:13:70:51:1b:f5:2a:57:f6:3d:62:1c:bd:e3:43:
                    25:1d:2c:85:e6:ef:89:1b:77:ec:ea:4c:f6:33:16:
                    d1:45:27:7f:9e:64:1a:ae:48:89:c7:34:17:3a:90:
                    fc:99:b3:3e:3b:c8:67:32:59:df:a8:be:c4:de:5e:
                    ff:cd:ae:9d:bb:ea:b9:0b:e5:29:2c:04:66:1c:2e:
                    67:26:eb:7c:62:fa:da:c2:32:e6:b0:c6:eb:9f:65:
                    98:44:3a:a3:34:0a:63:68:8b:24:e8:87:00:ed:a1:
                    c8:ee:02:6a:e7:5c:fc:41:b5:5d:78:b7:73:37:8e:
                    21:ae:b2:e7:b4:0d:31:3a:3d:81:d6:49:0d:56:fe:
                    23:02:07:bd:d4:70:49:33:20:b1:9a:c6:bf:e3:74:
                    80:3b:3f:84:3b:dd:64:81:57:c7:7c:a8:c0:55:bc:
                    fa:9f:6b:f5:da:06:1b:8a:14:6f:ea:1d:18:35:2b:
                    f6:9e:71:6d:e4:8b:ea:43:c0:98:97:0c:db:8a:f4:
                    97:64:30:81:d0:69:28:4b:57:7d:61:8a:a6:a0:f6:
                    24:8b:97:92:8e:61:a7:6c:e8:39:72:a9:06:2f:f5:
                    30:36:41:45:74:92:13:a1:a5:3f:04:a2:20:de:45:
                    3c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:78:DA:41:18:A9:82:AA:67:08:61:C7:A1:36:56:B5:61:96:53:B9
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:db:93:f1:80:fb:11:bb:2b:e2:db:11:fb:f9:b3:5a:6e:6a:
         49:e1:7f:7c:04:98:34:a8:25:5f:f8:76:36:0d:2f:c2:b6:36:
         04:99:87:3a:f0:53:bc:45:77:fc:7a:ec:5a:3b:16:52:20:77:
         e4:e8:59:52:65:4c:ac:a8:ad:9b:30:e5:f8:3c:93:3c:fe:a9:
         5f:aa:71:f5:5d:de:3a:7a:21:b3:44:0b:d2:36:06:ed:51:9e:
         bc:a8:6b:bf:18:51:ad:11:f7:4e:32:aa:fe:0c:84:b4:30:0a:
         72:ff:c1:10:25:af:3d:b4:27:72:87:5a:c2:27:a0:6b:de:97:
         62:cd:c1:0e:b0:e9:a6:0f:65:31:fb:88:f3:92:be:86:0e:24:
         4b:35:85:18:95:da:64:36:bc:77:70:9e:99:4e:12:b3:40:4c:
         e5:b9:a7:5e:5a:8d:62:9d:b7:3b:ac:cb:ff:3f:30:fe:a2:64:
         fc:c1:ae:bf:56:45:a8:39:15:07:48:d5:ba:46:24:7b:e1:65:
         8a:4c:d8:df:26:e6:c8:dd:1f:e6:bc:b3:c2:6c:cd:2d:72:d8:
         8c:1a:8b:ef:2c:a6:00:1f:f6:b0:a4:a1:9e:9e:32:46:5d:06:
         3b:24:b6:ef:d1:12:8c:81:60:1a:88:d8:af:3b:ef:80:4b:f9:
         69:64:d2:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fLyWtcmL41itatBoV5RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjUwNjI4MTcwMTM0WhcNMjUwNjI5MTcwMTM0WjAzMTEwLwYDVQQD
EygxZTc4ZGE0MTE4YTk4MmFhNjcwODYxYzdhMTM2NTZiNTYxOTY1M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSQaESDbtvXlJ7wstJSUE3BRG/Uq
V/Y9Yhy940MlHSyF5u+JG3fs6kz2MxbRRSd/nmQarkiJxzQXOpD8mbM+O8hnMlnf
qL7E3l7/za6du+q5C+UpLARmHC5nJut8YvrawjLmsMbrn2WYRDqjNApjaIsk6IcA
7aHI7gJq51z8QbVdeLdzN44hrrLntA0xOj2B1kkNVv4jAge91HBJMyCxmsa/43SA
Oz+EO91kgVfHfKjAVbz6n2v12gYbihRv6h0YNSv2nnFt5IvqQ8CYlwzbivSXZDCB
0GkoS1d9YYqmoPYki5eSjmGnbOg5cqkGL/UwNkFFdJIToaU/BKIg3kU8EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB542kEYqYKqZwhhx6E2VrVhllO5MB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9uT8YD7
Ebsr4tsR+/mzWm5qSeF/fASYNKglX/h2Ng0vwrY2BJmHOvBTvEV3/HrsWjsWUiB3
5OhZUmVMrKitmzDl+DyTPP6pX6px9V3eOnohs0QL0jYG7VGevKhrvxhRrRH3TjKq
/gyEtDAKcv/BECWvPbQncodawiega96XYs3BDrDppg9lMfuI85K+hg4kSzWFGJXa
ZDa8d3CemU4Ss0BM5bmnXlqNYp23O6zL/z8w/qJk/MGuv1ZFqDkVB0jVukYke+Fl
ikzY3ybmyN0f5ryzwmzNLXLYjBqL7yymAB/2sKShnp4yRl0GOyS279ESjIFgGojY
rzvvgEv5aWTSsQ==
-----END CERTIFICATE-----