Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          X9oYA/PWy78gtitRMXlIwoJEHDCb+sJARyS+IXTnemM=
Subject key identifier:   E2:82:5C:6A:36:85:C3:CA:54:07:4D:88:FD:EC:31:53:38:53:B7:8F
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       0197B7458A8E68F114BB561598F9425C5203
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          0955
Signing time:             Sat 28 Jun 2025 16:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:17 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: NvzzszI0bWRFaLzNMoa5VBaiC7sixBH6uGIc1E91EEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:8a:8e:68:f1:14:bb:56:15:98:f9:42:5c:52:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Jun 28 16:01:17 2025 GMT
            Not After : Jun 29 16:01:17 2025 GMT
        Subject: CN=e2825c6a3685c3ca54074d88fdec31533853b78f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:41:22:57:96:1f:ef:82:d0:0c:f7:fb:92:a4:
                    ac:5e:f8:45:07:3d:c3:86:cf:d9:38:b7:87:49:2d:
                    5b:0b:a4:79:4e:82:81:77:bc:e5:a3:ea:70:b3:d3:
                    67:c1:3e:72:3a:47:c3:09:25:19:40:2c:03:a4:f3:
                    33:13:d2:08:03:14:d4:f9:0f:e9:0e:98:58:c8:fb:
                    8e:ca:2f:56:5b:ae:c0:d0:9a:db:c8:7a:fb:cd:01:
                    3c:a4:21:64:17:07:72:70:cc:13:30:4d:e6:75:f1:
                    63:78:13:ea:a1:1c:3e:44:77:f9:d5:92:f8:42:75:
                    c3:cb:9c:df:2a:6f:51:91:80:d0:5c:5f:0a:34:00:
                    85:a8:30:9d:f3:7e:2e:96:f2:21:f9:52:58:7f:e5:
                    e9:bb:3b:65:07:0b:dd:29:5e:e9:ff:11:16:cd:70:
                    36:ab:26:bc:56:95:06:ec:2f:1a:4a:00:d2:18:6a:
                    7c:61:8f:79:cd:d7:5f:88:bd:f4:e6:d2:1a:a3:e6:
                    95:db:8c:d7:f2:54:bd:48:34:41:c6:78:4a:02:58:
                    39:84:49:d4:15:86:1c:73:56:cd:ba:a5:59:63:44:
                    e4:dc:a3:d4:46:62:4e:a0:c7:23:98:09:fb:ed:37:
                    c3:4f:ad:e6:bd:46:df:43:51:6e:af:f0:2b:e0:14:
                    a9:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:82:5C:6A:36:85:C3:CA:54:07:4D:88:FD:EC:31:53:38:53:B7:8F
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:52:72:c7:08:90:12:31:af:19:c4:6c:70:b9:35:12:7c:ab:
         75:57:81:19:86:54:0d:17:72:9b:9d:ec:0a:86:35:20:76:16:
         ca:63:0d:51:58:9c:75:fe:ac:03:64:c5:4b:ad:21:ae:5b:77:
         4c:ac:d7:1e:f1:e2:3d:c3:ed:bb:01:f2:ad:19:34:56:f5:75:
         74:f8:3c:88:6b:51:6f:8f:a7:bd:b9:94:3a:52:de:cd:c1:7a:
         61:fd:ba:f2:bf:14:df:23:d1:38:e6:1b:dd:13:8e:bf:11:9e:
         5e:9f:14:62:e0:be:20:39:8f:76:b3:2a:e5:37:2e:f2:9f:dc:
         df:c7:14:89:8f:51:c0:a3:9f:f5:f0:8e:73:a0:90:c3:99:e7:
         04:52:16:d0:75:c9:b6:c1:93:79:fe:da:e8:a9:ed:07:09:47:
         02:0a:93:be:f3:d6:f5:0e:cf:e7:19:e0:e3:b9:e0:e7:58:f6:
         a2:a5:5a:5c:ad:2c:3d:b2:1c:e2:59:54:b1:e5:49:e1:90:5e:
         76:58:8b:3e:57:2e:48:73:52:a4:5a:e5:62:59:65:7a:ab:36:
         e0:31:e7:8f:16:70:9f:90:b1:2b:e4:3e:39:9a:bf:1f:65:84:
         bc:4a:97:4a:df:b2:48:5d:1e:4a:0b:9f:39:3f:6a:36:d2:69:
         fc:41:d4:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RYqOaPEUu1YVmPlCXFIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjUwNjI4MTYwMTE3WhcNMjUwNjI5MTYwMTE3WjAzMTEwLwYDVQQD
EyhlMjgyNWM2YTM2ODVjM2NhNTQwNzRkODhmZGVjMzE1MzM4NTNiNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykEiV5Yf74LQDPf7kqSsXvhFBz3D
hs/ZOLeHSS1bC6R5ToKBd7zlo+pws9NnwT5yOkfDCSUZQCwDpPMzE9IIAxTU+Q/p
DphYyPuOyi9WW67A0JrbyHr7zQE8pCFkFwdycMwTME3mdfFjeBPqoRw+RHf51ZL4
QnXDy5zfKm9RkYDQXF8KNACFqDCd834ulvIh+VJYf+XpuztlBwvdKV7p/xEWzXA2
qya8VpUG7C8aSgDSGGp8YY95zddfiL305tIao+aV24zX8lS9SDRBxnhKAlg5hEnU
FYYcc1bNuqVZY0Tk3KPURmJOoMcjmAn77TfDT63mvUbfQ1Fur/Ar4BSpZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKCXGo2hcPKVAdNiP3sMVM4U7ePMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFJyxwiQ
EjGvGcRscLk1EnyrdVeBGYZUDRdym53sCoY1IHYWymMNUVicdf6sA2TFS60hrlt3
TKzXHvHiPcPtuwHyrRk0VvV1dPg8iGtRb4+nvbmUOlLezcF6Yf268r8U3yPROOYb
3ROOvxGeXp8UYuC+IDmPdrMq5Tcu8p/c38cUiY9RwKOf9fCOc6CQw5nnBFIW0HXJ
tsGTef7a6KntBwlHAgqTvvPW9Q7P5xng47ng51j2oqVaXK0sPbIc4llUseVJ4ZBe
dliLPlcuSHNSpFrlYllleqs24DHnjxZwn5CxK+Q+OZq/H2WEvEqXSt+ySF0eSguf
OT9qNtJp/EHUig==
-----END CERTIFICATE-----