Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
File:                     XTsXLoFhyBzo6VSv01pzsvrQuzo.mft (raw, json)
Hash identifier:          5p2znlV+XfikV3sBj2+NpyqkfyN9Z8GTa6HUAwrhW08=
Subject key identifier:   44:1C:91:34:36:99:AF:E3:6C:16:20:51:34:AD:61:35:45:E5:DB:B2
Authority key identifier: 5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A
Certificate issuer:       /CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
Certificate serial:       0197B6A1992DC6ACF005BC3A5E52E91587A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
Manifest number:          0843
Signing time:             Sat 28 Jun 2025 13:02:13 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:13 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:13 +0000
Files and hashes:         1: XTsXLoFhyBzo6VSv01pzsvrQuzo.crl (hash: qiLM1tJo3QVFQD4wwOF8Y1vlzZ/IjnsWHHd0AZCxv48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:99:2d:c6:ac:f0:05:bc:3a:5e:52:e9:15:87:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d3b172e8161c81ce8e954afd35a73b2fad0bb3a
        Validity
            Not Before: Jun 28 13:02:13 2025 GMT
            Not After : Jun 29 13:02:13 2025 GMT
        Subject: CN=441c91343699afe36c16205134ad613545e5dbb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f4:18:e3:c3:cc:21:87:9b:46:dd:b7:16:bc:
                    a1:26:72:25:6e:de:45:90:1f:5f:fb:ed:f9:f4:40:
                    ba:a5:44:12:52:0c:18:d6:80:1d:d0:ba:55:18:aa:
                    86:f0:0d:9e:75:41:0e:96:77:1b:9e:df:cb:13:c7:
                    69:df:d0:fc:c3:ca:8a:41:f6:7b:bd:02:e3:cb:79:
                    cd:29:47:ae:6e:90:17:0f:18:f8:64:3c:60:29:3d:
                    7d:5b:c8:5e:37:70:f8:ce:d6:52:f3:5b:af:e2:a3:
                    2f:c9:af:dd:b9:4e:04:94:d2:0f:e4:47:b7:1a:01:
                    99:77:bb:53:f0:e9:98:e4:6e:ec:af:2e:e8:76:2f:
                    24:ca:62:28:f1:93:0d:70:ff:ad:2e:70:22:c3:28:
                    66:2f:2d:34:dc:2c:4b:ae:f1:99:28:d3:7e:2b:8c:
                    ee:e8:38:a2:95:cc:06:db:c1:46:df:25:4f:20:15:
                    24:07:18:37:7a:f2:70:79:e5:a6:d3:5d:04:56:0b:
                    b8:80:d1:0d:f1:2e:d8:0b:86:fd:cf:c1:11:da:e9:
                    db:df:00:b7:d7:82:a5:e7:47:5c:f9:85:c4:4e:07:
                    3c:30:f9:c5:8d:e6:82:f7:81:54:be:0c:6e:32:99:
                    8b:59:db:ec:19:9d:1b:b8:08:d0:d5:51:d9:09:76:
                    20:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:1C:91:34:36:99:AF:E3:6C:16:20:51:34:AD:61:35:45:E5:DB:B2
            X509v3 Authority Key Identifier:
                keyid:5D:3B:17:2E:81:61:C8:1C:E8:E9:54:AF:D3:5A:73:B2:FA:D0:BB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTsXLoFhyBzo6VSv01pzsvrQuzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7a4396-d9c3-4fc8-88b1-32c613f73661/1/XTsXLoFhyBzo6VSv01pzsvrQuzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:9b:a2:76:6e:23:c2:89:4b:39:4e:b8:75:71:89:03:3e:ce:
         ed:64:8b:9d:fa:a7:da:23:63:65:15:b8:bf:2b:42:e5:fd:80:
         af:9b:fe:e3:a0:73:b1:c1:9b:af:65:a7:83:6d:a9:16:05:a9:
         0e:62:f9:8a:3f:5b:92:4f:71:7c:00:29:2b:05:4b:65:6f:ff:
         94:07:d2:ed:93:cc:e2:b8:56:53:d6:8e:02:6f:c8:5d:49:f5:
         60:99:4b:07:ec:36:4a:36:c8:4b:66:0f:b6:2c:72:77:d7:49:
         f6:9a:30:47:51:4f:d0:27:76:15:37:05:8b:7a:a3:cc:8e:f1:
         0c:cc:a4:56:7a:17:3a:cd:43:2e:73:fe:dd:24:b5:43:f1:85:
         25:f7:71:9e:09:62:c4:09:02:8d:67:4c:49:1e:de:53:86:7d:
         ff:5b:54:f0:27:4f:a4:c6:33:f9:60:c8:09:5d:fd:34:85:e1:
         4b:a6:4e:09:6a:9d:f1:28:c7:89:cf:82:0f:b8:bc:fe:1d:5c:
         72:d0:88:74:f6:d7:8d:c2:1d:cd:eb:02:2e:76:f7:be:f5:e4:
         83:5b:01:d8:20:88:1d:87:3c:41:41:34:1a:72:0b:8e:be:40:
         e6:3f:7b:2c:ff:e8:5a:82:0a:fd:3b:f3:95:18:4f:fc:a2:7f:
         36:14:db:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZktxqzwBbw6XlLpFYejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2IxNzJlODE2MWM4MWNlOGU5NTRhZmQzNWE3M2IyZmFk
MGJiM2EwHhcNMjUwNjI4MTMwMjEzWhcNMjUwNjI5MTMwMjEzWjAzMTEwLwYDVQQD
Eyg0NDFjOTEzNDM2OTlhZmUzNmMxNjIwNTEzNGFkNjEzNTQ1ZTVkYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/QY48PMIYebRt23FryhJnIlbt5F
kB9f++359EC6pUQSUgwY1oAd0LpVGKqG8A2edUEOlncbnt/LE8dp39D8w8qKQfZ7
vQLjy3nNKUeubpAXDxj4ZDxgKT19W8heN3D4ztZS81uv4qMvya/duU4ElNIP5Ee3
GgGZd7tT8OmY5G7sry7odi8kymIo8ZMNcP+tLnAiwyhmLy003CxLrvGZKNN+K4zu
6DiilcwG28FG3yVPIBUkBxg3evJweeWm010EVgu4gNEN8S7YC4b9z8ER2unb3wC3
14Kl50dc+YXETgc8MPnFjeaC94FUvgxuMpmLWdvsGZ0buAjQ1VHZCXYg/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQckTQ2ma/jbBYgUTStYTVF5duyMB8GA1UdIwQY
MBaAFF07Fy6BYcgc6OlUr9Nac7L60Ls6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEt
MzJjNjEzZjczNjYxLzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83YTQzOTYtZDljMy00ZmM4LTg4YjEtMzJjNjEzZjczNjYx
LzEvWFRzWExvRmh5QnpvNlZTdjAxcHpzdnJRdXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpuidm4j
wolLOU64dXGJAz7O7WSLnfqn2iNjZRW4vytC5f2Ar5v+46BzscGbr2Wng22pFgWp
DmL5ij9bkk9xfAApKwVLZW//lAfS7ZPM4rhWU9aOAm/IXUn1YJlLB+w2SjbIS2YP
tixyd9dJ9powR1FP0Cd2FTcFi3qjzI7xDMykVnoXOs1DLnP+3SS1Q/GFJfdxngli
xAkCjWdMSR7eU4Z9/1tU8CdPpMYz+WDICV39NIXhS6ZOCWqd8SjHic+CD7i8/h1c
ctCIdPbXjcIdzesCLnb3vvXkg1sB2CCIHYc8QUE0GnILjr5A5j97LP/oWoIK/Tvz
lRhP/KJ/NhTbBA==
-----END CERTIFICATE-----