Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          PK6TtasbgTNks5f/ZTwsYs2ZCfgfma2aAmwaPb3fDWQ=
Subject key identifier:   78:F8:77:58:1B:FF:3C:47:C1:81:F4:EE:5C:1F:A5:0F:86:38:47:D5
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       0197B9D8CEE833D1A26F99D5A9AD4E2A5D81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0AFB
Signing time:             Sun 29 Jun 2025 04:01:23 +0000
Manifest this update:     Sun 29 Jun 2025 04:01:23 +0000
Manifest next update:     Mon 30 Jun 2025 04:01:23 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: O6fuiTSAp3zhESEqxmKmshuZ1S6E2Fq07BLLQz13lJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:d8:ce:e8:33:d1:a2:6f:99:d5:a9:ad:4e:2a:5d:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Jun 29 04:01:23 2025 GMT
            Not After : Jun 30 04:01:23 2025 GMT
        Subject: CN=78f877581bff3c47c181f4ee5c1fa50f863847d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fe:78:cb:28:54:08:44:ce:b2:65:62:d6:da:
                    29:26:77:03:06:0f:3b:72:e7:3c:fa:da:79:3a:fa:
                    8b:5e:85:a2:5c:5f:35:24:30:58:9d:10:fb:3e:ca:
                    b1:2b:88:ac:dc:06:1c:ca:e6:da:a3:27:39:1c:16:
                    1b:4c:34:3e:0d:4b:2e:9a:f8:d6:1c:46:e2:50:6a:
                    ce:17:4d:62:e6:3a:53:49:7c:48:f5:0c:f5:57:61:
                    3b:99:d3:1f:a6:00:ca:94:3d:14:d9:6c:3f:a2:b1:
                    a2:43:2b:17:67:96:a7:f7:80:0b:88:25:c9:a1:86:
                    2b:fb:0d:d4:a1:58:4c:74:0c:d8:60:6e:11:86:17:
                    f5:56:fd:10:5c:dd:1c:9d:d7:52:1c:eb:07:ac:c1:
                    2e:77:2c:8d:df:6a:81:72:2c:ff:7d:52:44:5e:a2:
                    cd:8e:d0:8f:a5:dc:f4:bf:68:56:d2:44:1a:ce:0c:
                    a2:45:de:36:c0:e0:9a:f6:b3:06:68:66:d3:eb:48:
                    7b:6c:f2:65:99:d3:9e:a3:41:4e:ea:85:d9:9d:0f:
                    8c:b1:76:7e:f9:9c:d3:f1:c2:a9:0f:dd:c9:7f:30:
                    88:7b:b5:9e:8d:6a:ba:3c:21:e1:94:1d:25:4c:9a:
                    00:bb:ae:34:c2:7c:35:47:2a:da:a6:6c:1c:3a:6f:
                    ff:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:F8:77:58:1B:FF:3C:47:C1:81:F4:EE:5C:1F:A5:0F:86:38:47:D5
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:1c:14:44:71:09:4e:fa:1e:6a:ea:25:2f:b6:7e:84:55:29:
         a8:02:a7:e6:4b:c7:cd:25:19:48:f7:e8:b7:3a:ac:3b:86:cc:
         79:64:18:98:65:b7:9b:3f:92:ae:e5:f1:ec:22:f5:ac:0b:70:
         0e:a9:14:e6:ed:f9:fb:9a:f7:12:e3:5c:c9:4e:90:3d:52:b2:
         e7:06:05:4a:80:56:78:8b:87:40:74:57:3d:57:14:3e:a8:84:
         56:b2:ca:1a:93:21:6f:ce:9d:b4:04:71:b6:22:c6:a1:7a:c6:
         89:36:28:23:fc:2b:12:ef:0c:2f:44:f7:d6:4f:92:9d:e3:b2:
         80:5f:45:a6:93:b0:84:f5:b9:e3:9d:f8:46:21:95:b5:8b:20:
         d2:91:18:75:73:c4:08:10:ee:8d:50:dc:08:11:0b:e5:bd:34:
         66:01:a8:cf:fc:40:fb:26:5e:ff:a0:2e:83:0e:55:d3:65:ec:
         ad:b4:63:64:55:d2:b0:ef:a7:8d:f2:c4:75:17:38:87:5e:16:
         0c:17:58:23:49:e6:45:33:29:49:10:57:6a:33:44:d4:53:12:
         76:cb:c8:cb:76:48:9a:e1:3d:b6:13:7b:a4:95:46:ac:42:fa:
         49:93:cf:23:49:66:22:86:35:d5:50:29:53:0e:25:02:2d:48:
         e0:9a:7d:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52M7oM9Gib5nVqa1OKl2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUwNjI5MDQwMTIzWhcNMjUwNjMwMDQwMTIzWjAzMTEwLwYDVQQD
Eyg3OGY4Nzc1ODFiZmYzYzQ3YzE4MWY0ZWU1YzFmYTUwZjg2Mzg0N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv54yyhUCETOsmVi1topJncDBg87
cuc8+tp5OvqLXoWiXF81JDBYnRD7PsqxK4is3AYcyubaoyc5HBYbTDQ+DUsumvjW
HEbiUGrOF01i5jpTSXxI9Qz1V2E7mdMfpgDKlD0U2Ww/orGiQysXZ5an94ALiCXJ
oYYr+w3UoVhMdAzYYG4Rhhf1Vv0QXN0cnddSHOsHrMEudyyN32qBciz/fVJEXqLN
jtCPpdz0v2hW0kQazgyiRd42wOCa9rMGaGbT60h7bPJlmdOeo0FO6oXZnQ+MsXZ+
+ZzT8cKpD93JfzCIe7WejWq6PCHhlB0lTJoAu640wnw1RyrapmwcOm//KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHj4d1gb/zxHwYH07lwfpQ+GOEfVMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhwURHEJ
TvoeauolL7Z+hFUpqAKn5kvHzSUZSPfotzqsO4bMeWQYmGW3mz+SruXx7CL1rAtw
DqkU5u35+5r3EuNcyU6QPVKy5wYFSoBWeIuHQHRXPVcUPqiEVrLKGpMhb86dtARx
tiLGoXrGiTYoI/wrEu8ML0T31k+SneOygF9FppOwhPW54534RiGVtYsg0pEYdXPE
CBDujVDcCBEL5b00ZgGoz/xA+yZe/6Augw5V02XsrbRjZFXSsO+njfLEdRc4h14W
DBdYI0nmRTMpSRBXajNE1FMSdsvIy3ZImuE9thN7pJVGrEL6SZPPI0lmIoY11VAp
Uw4lAi1I4Jp9vg==
-----END CERTIFICATE-----