Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
File:                     ci0p5qil5cpi3rc-r_OrE95VBq0.mft (raw, json)
Hash identifier:          HBft85tZcEZCKE4YLGczUb3gu6+06tDBX7v3lsr0r8M=
Subject key identifier:   B8:F7:F4:58:E8:9F:D2:B2:80:38:7A:E8:62:59:31:53:6C:39:E8:6E
Authority key identifier: 72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD
Certificate issuer:       /CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
Certificate serial:       0197C94B4D55BD840ECD614F2A25886314B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
Manifest number:          C5
Signing time:             Wed 02 Jul 2025 04:00:44 +0000
Manifest this update:     Wed 02 Jul 2025 04:00:44 +0000
Manifest next update:     Thu 03 Jul 2025 04:00:44 +0000
Files and hashes:         1: ci0p5qil5cpi3rc-r_OrE95VBq0.crl (hash: SU4jnlLH7ubKgxatT2DYMB7eM5h9gdqLE6ioU+hl4rQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 04:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:4b:4d:55:bd:84:0e:cd:61:4f:2a:25:88:63:14:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
        Validity
            Not Before: Jul  2 04:00:44 2025 GMT
            Not After : Jul  3 04:00:44 2025 GMT
        Subject: CN=b8f7f458e89fd2b280387ae8625931536c39e86e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e5:4a:c2:5f:84:fa:df:b8:eb:de:82:b1:79:
                    b9:fe:6a:81:d7:10:ad:54:ad:94:01:50:c9:6d:c0:
                    d3:7d:5d:32:a2:a2:cc:d8:fe:f3:56:f3:6f:b5:6b:
                    0f:a4:62:db:a3:d9:20:da:13:b9:23:c3:0c:f5:ac:
                    83:b6:ad:60:80:27:a8:c6:ba:59:50:72:bc:4c:81:
                    e6:d7:44:3e:dd:bd:9c:d5:e6:c8:fa:35:ae:a2:d1:
                    67:bd:8e:39:2b:3f:ee:5e:3a:ab:3d:1e:be:02:b3:
                    b9:c7:30:3b:f5:d6:68:34:52:08:1f:06:5d:7c:c1:
                    1c:57:db:ba:9f:c3:47:62:0d:21:df:d8:32:51:0f:
                    b2:c2:e6:17:d8:0e:bd:7f:77:9c:16:2a:a0:bc:9d:
                    e8:60:77:43:a8:25:93:cf:40:67:d9:2e:90:1a:cb:
                    22:02:1b:6b:48:d4:b4:9b:a4:6c:41:73:b4:b8:6a:
                    bf:01:69:a6:17:f4:5c:d4:b9:58:51:7f:ee:0f:dd:
                    1c:42:5d:ce:2e:dc:d6:86:c1:33:8b:96:73:d7:02:
                    43:0b:ab:66:9d:2b:9d:8c:17:d9:a4:04:d5:29:3b:
                    f3:59:55:fb:48:fa:f2:be:93:e6:1c:6a:8f:34:37:
                    9c:89:1b:e2:80:e7:cf:04:e2:93:3f:60:ed:b1:82:
                    ec:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:F7:F4:58:E8:9F:D2:B2:80:38:7A:E8:62:59:31:53:6C:39:E8:6E
            X509v3 Authority Key Identifier:
                keyid:72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:b9:b5:ab:0a:d0:54:d6:c9:9d:ef:12:54:16:39:30:12:d5:
         f1:0f:d8:45:da:f3:6a:f8:5f:41:70:d9:2c:eb:d0:d9:04:d2:
         20:98:cb:59:5d:5d:be:89:ad:8b:30:cb:1a:23:4b:f5:07:e1:
         be:b6:68:56:bc:7b:7f:7c:59:c3:66:ec:63:d6:ba:a1:41:88:
         40:bb:20:fd:23:3f:6a:7e:e1:cb:27:22:80:69:ca:d4:f7:3e:
         cb:05:f3:0f:91:ac:21:c9:ea:52:08:3b:e7:b8:3e:6d:c4:0a:
         66:d6:8c:91:d1:e1:1e:fa:b2:a4:9e:2f:a3:62:1e:de:d4:43:
         d8:29:2f:3b:30:f3:c4:70:d9:a8:0b:9e:8b:f2:1b:a9:a0:c2:
         97:1c:ba:49:d3:ab:53:23:48:11:7b:01:7d:d2:f3:34:dc:2a:
         d7:fb:98:94:b1:0d:e2:dc:54:77:a0:a9:96:3a:d5:6b:67:aa:
         f3:e5:c8:2a:03:93:ba:17:a3:51:71:7a:29:6a:34:de:ac:da:
         e2:69:ae:af:04:80:e9:37:68:af:81:ab:2a:66:cc:51:04:5a:
         e8:8c:22:1d:23:57:ef:0e:c6:bf:2f:44:0b:cb:ed:4b:9a:3e:
         00:91:f9:64:ad:bd:d0:b2:e3:bf:df:f2:b4:84:66:1e:1c:96:
         a8:84:8a:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJS01VvYQOzWFPKiWIYxSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmQyOWU2YThhNWU1Y2E2MmRlYjczZWFmZjNhYjEzZGU1
NTA2YWQwHhcNMjUwNzAyMDQwMDQ0WhcNMjUwNzAzMDQwMDQ0WjAzMTEwLwYDVQQD
EyhiOGY3ZjQ1OGU4OWZkMmIyODAzODdhZTg2MjU5MzE1MzZjMzllODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOVKwl+E+t+4696CsXm5/mqB1xCt
VK2UAVDJbcDTfV0yoqLM2P7zVvNvtWsPpGLbo9kg2hO5I8MM9ayDtq1ggCeoxrpZ
UHK8TIHm10Q+3b2c1ebI+jWuotFnvY45Kz/uXjqrPR6+ArO5xzA79dZoNFIIHwZd
fMEcV9u6n8NHYg0h39gyUQ+ywuYX2A69f3ecFiqgvJ3oYHdDqCWTz0Bn2S6QGssi
AhtrSNS0m6RsQXO0uGq/AWmmF/Rc1LlYUX/uD90cQl3OLtzWhsEzi5Zz1wJDC6tm
nSudjBfZpATVKTvzWVX7SPryvpPmHGqPNDeciRvigOfPBOKTP2DtsYLsZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLj39Fjon9KygDh66GJZMVNsOehuMB8GA1UdIwQY
MBaAFHItKeaopeXKYt63Pq/zqxPeVQatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYt
NTU0NzkwMGI4ZDU5LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYtNTU0NzkwMGI4ZDU5
LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrm1qwrQ
VNbJne8SVBY5MBLV8Q/YRdrzavhfQXDZLOvQ2QTSIJjLWV1dvomtizDLGiNL9Qfh
vrZoVrx7f3xZw2bsY9a6oUGIQLsg/SM/an7hyycigGnK1Pc+ywXzD5GsIcnqUgg7
57g+bcQKZtaMkdHhHvqypJ4vo2Ie3tRD2CkvOzDzxHDZqAuei/IbqaDClxy6SdOr
UyNIEXsBfdLzNNwq1/uYlLEN4txUd6CpljrVa2eq8+XIKgOTuhejUXF6KWo03qza
4mmurwSA6Tdor4GrKmbMUQRa6IwiHSNX7w7Gvy9EC8vtS5o+AJH5ZK290LLjv9/y
tIRmHhyWqISKKQ==
-----END CERTIFICATE-----