Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          eVEGYbiPchw5wefb68o2R5xOvKDxAjylGdk9WEFRiz4=
Subject key identifier:   51:E6:33:B2:08:CE:14:37:E2:B3:BA:AA:4D:AE:E5:FD:A5:C8:AA:76
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       0197B88F3E82527B18F1E2EF6B17A25BC0CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          6A
Signing time:             Sat 28 Jun 2025 22:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:24 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: O5tHuq3ysKPnfeOxNmtQnX2iwB17pFHWyn5FjosBLko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:3e:82:52:7b:18:f1:e2:ef:6b:17:a2:5b:c0:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Jun 28 22:01:24 2025 GMT
            Not After : Jun 29 22:01:24 2025 GMT
        Subject: CN=51e633b208ce1437e2b3baaa4daee5fda5c8aa76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:31:04:ad:4c:9f:20:77:fa:56:cf:95:32:9c:
                    87:6e:ae:d3:7c:64:4f:47:b0:4d:21:a6:31:47:e4:
                    20:4e:e1:10:a2:07:51:15:58:fe:8d:48:f5:81:e1:
                    a2:b5:1a:4a:37:f0:77:8a:8f:1d:ba:b2:10:a8:be:
                    0c:8f:c0:a9:73:bd:cd:dc:73:4c:19:4b:db:25:eb:
                    69:46:d2:b1:39:50:95:ef:da:b8:ba:ef:c8:18:e0:
                    99:d9:21:3c:19:cf:e3:31:0d:e5:a0:85:e8:06:b9:
                    18:20:3f:d4:fc:a7:62:41:7b:8c:c5:b4:ed:a0:f1:
                    2a:0d:47:21:61:88:80:f1:9c:d9:61:21:cf:6a:78:
                    3f:a2:8c:35:3b:eb:6c:22:5a:ce:b8:b5:f1:35:b3:
                    ef:f7:1e:e5:d7:67:b9:1d:f3:7c:a0:ae:a5:38:72:
                    47:26:b6:4b:dd:49:6b:7d:07:fc:51:2a:d9:7a:b0:
                    c4:5e:78:e2:16:e1:82:d6:7b:4a:96:db:e9:68:1d:
                    63:06:c3:d6:06:4f:2a:e9:fa:72:61:d0:83:79:0a:
                    e0:9d:de:41:bd:15:c4:7e:71:ab:5f:93:0f:2b:33:
                    38:6b:44:0d:ee:a6:03:82:03:99:09:27:79:15:89:
                    82:3f:85:0d:97:7f:ae:36:28:c0:d8:28:37:4b:1d:
                    6d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E6:33:B2:08:CE:14:37:E2:B3:BA:AA:4D:AE:E5:FD:A5:C8:AA:76
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:41:51:e8:39:f9:02:20:c1:75:7f:56:83:18:60:7f:cb:9a:
         ac:0c:6f:12:f4:b1:74:a6:33:44:76:43:45:5b:b3:e3:ac:77:
         23:2a:26:e2:e3:13:58:f8:68:4f:ce:02:9b:e6:55:53:f7:1b:
         74:ec:2e:5c:7a:04:ee:f3:c0:c8:b0:a8:72:1b:6d:f6:ed:11:
         47:3a:62:2d:73:94:68:98:b8:0f:31:f3:4b:15:96:56:1f:7e:
         57:47:a0:85:28:45:9c:5f:b1:9a:0d:11:ca:ef:3f:6b:e1:3e:
         71:d9:15:69:c9:95:8a:71:fd:50:88:0c:a6:b8:25:fe:f2:65:
         bb:65:ff:74:33:39:17:e7:9d:7f:a4:d5:18:36:99:65:67:36:
         ea:4d:de:f4:2f:e2:03:cb:36:7f:a5:ef:8b:74:d5:43:a4:3a:
         44:c1:81:14:a5:0b:38:19:00:ba:06:e7:97:4d:89:64:f0:e8:
         44:12:95:bb:f6:50:27:9c:4f:0c:e5:f4:b1:6f:99:9a:1e:6d:
         bf:05:0b:20:16:3d:4c:5c:77:a8:5c:22:40:f3:ab:97:45:09:
         b8:cd:72:72:6c:ff:53:e0:39:70:ad:6d:45:82:8b:53:81:10:
         d9:18:22:17:7f:85:12:97:fd:17:66:8c:c2:ac:91:a7:52:68:
         0b:eb:a7:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jz6CUnsY8eLvaxeiW8DPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjUwNjI4MjIwMTI0WhcNMjUwNjI5MjIwMTI0WjAzMTEwLwYDVQQD
Eyg1MWU2MzNiMjA4Y2UxNDM3ZTJiM2JhYWE0ZGFlZTVmZGE1YzhhYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljEErUyfIHf6Vs+VMpyHbq7TfGRP
R7BNIaYxR+QgTuEQogdRFVj+jUj1geGitRpKN/B3io8durIQqL4Mj8Cpc73N3HNM
GUvbJetpRtKxOVCV79q4uu/IGOCZ2SE8Gc/jMQ3loIXoBrkYID/U/KdiQXuMxbTt
oPEqDUchYYiA8ZzZYSHPang/oow1O+tsIlrOuLXxNbPv9x7l12e5HfN8oK6lOHJH
JrZL3UlrfQf8USrZerDEXnjiFuGC1ntKltvpaB1jBsPWBk8q6fpyYdCDeQrgnd5B
vRXEfnGrX5MPKzM4a0QN7qYDggOZCSd5FYmCP4UNl3+uNijA2Cg3Sx1tWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHmM7IIzhQ34rO6qk2u5f2lyKp2MB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEFR6Dn5
AiDBdX9Wgxhgf8uarAxvEvSxdKYzRHZDRVuz46x3Iyom4uMTWPhoT84Cm+ZVU/cb
dOwuXHoE7vPAyLCochtt9u0RRzpiLXOUaJi4DzHzSxWWVh9+V0eghShFnF+xmg0R
yu8/a+E+cdkVacmVinH9UIgMprgl/vJlu2X/dDM5F+edf6TVGDaZZWc26k3e9C/i
A8s2f6Xvi3TVQ6Q6RMGBFKULOBkAugbnl02JZPDoRBKVu/ZQJ5xPDOX0sW+Zmh5t
vwULIBY9TFx3qFwiQPOrl0UJuM1ycmz/U+A5cK1tRYKLU4EQ2RgiF3+FEpf9F2aM
wqyRp1JoC+unwA==
-----END CERTIFICATE-----