Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
File:                     xRvfUzN6yxiydpUsNX6RmAvMWww.mft (raw, json)
Hash identifier:          JOXZPl6W01kdDH96E+ihoX7TB/o46XTRA11+ICyBME0=
Subject key identifier:   76:F4:EA:B0:45:1B:76:40:A6:2F:BE:36:F5:8A:E7:10:D5:87:DC:A3
Authority key identifier: C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C
Certificate issuer:       /CN=c51bdf53337acb18b276952c357e91980bcc5b0c
Certificate serial:       0197C42507F59F11195FC6A96BDD0AEC511A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
Manifest number:          09CB
Signing time:             Tue 01 Jul 2025 04:00:50 +0000
Manifest this update:     Tue 01 Jul 2025 04:00:50 +0000
Manifest next update:     Wed 02 Jul 2025 04:00:50 +0000
Files and hashes:         1: xRvfUzN6yxiydpUsNX6RmAvMWww.crl (hash: GRnJh6bIRsNqqM7+xIBqUOE0QI3/rJ0eiOsQUpps9Lk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c4:25:07:f5:9f:11:19:5f:c6:a9:6b:dd:0a:ec:51:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c51bdf53337acb18b276952c357e91980bcc5b0c
        Validity
            Not Before: Jul  1 04:00:50 2025 GMT
            Not After : Jul  2 04:00:50 2025 GMT
        Subject: CN=76f4eab0451b7640a62fbe36f58ae710d587dca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:02:e3:c1:a8:ea:d7:e0:45:7a:c7:e1:84:55:
                    51:fa:4b:01:88:8f:3b:13:3d:b8:51:54:2f:e6:2f:
                    3a:1d:cd:c7:ff:fa:7f:d8:18:79:47:1f:ab:28:f3:
                    4d:45:b6:12:ab:67:0c:d4:6d:d4:0b:3c:98:f6:a2:
                    4c:4b:e3:3a:7e:73:b3:f9:0c:61:4b:10:e6:d2:3e:
                    11:94:94:bd:09:ae:14:0d:49:1b:f7:d1:c7:38:2e:
                    00:17:e6:3e:43:1d:ca:fe:2b:2f:79:3c:5a:b3:26:
                    3a:3d:c4:0a:34:aa:b1:ff:8d:04:30:b1:1b:6a:ac:
                    3b:52:24:67:6c:71:25:47:72:80:ab:49:e3:38:5c:
                    f4:1a:4c:ad:76:5e:84:e6:b9:11:06:20:7a:18:87:
                    01:8a:e9:f6:dc:17:92:f3:64:93:22:72:c0:c9:9c:
                    4e:71:48:ab:2d:ec:49:1f:4c:c2:39:7a:d4:55:a8:
                    dc:9b:c7:18:0f:1b:b6:84:aa:89:04:05:52:53:95:
                    2a:1a:a7:52:8d:9f:3e:a4:a0:7f:56:69:51:ea:66:
                    47:4b:2d:55:9c:67:64:2a:f6:ee:e1:aa:ab:90:b7:
                    5f:95:84:01:a3:1b:8c:12:52:17:3d:b8:ae:ba:d9:
                    10:c8:d2:19:b7:ff:43:d2:b1:53:c0:90:71:95:cf:
                    b2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F4:EA:B0:45:1B:76:40:A6:2F:BE:36:F5:8A:E7:10:D5:87:DC:A3
            X509v3 Authority Key Identifier:
                keyid:C5:1B:DF:53:33:7A:CB:18:B2:76:95:2C:35:7E:91:98:0B:CC:5B:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRvfUzN6yxiydpUsNX6RmAvMWww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/83e5ea-9fe4-4814-83c6-1bb430606535/1/xRvfUzN6yxiydpUsNX6RmAvMWww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:5f:f0:81:cd:e1:65:81:fa:62:d4:f4:1e:33:d0:f9:b7:0a:
         8f:b5:24:85:9a:1b:84:ea:e2:79:cb:4a:76:da:f5:ee:15:c7:
         26:e5:e9:dd:20:0c:f1:8e:06:f0:7a:84:00:83:50:74:e9:3f:
         92:f1:ca:5a:7f:64:78:b2:21:e0:2e:af:fb:1a:cb:43:05:a2:
         b7:2c:34:fb:fb:95:f3:bd:2e:14:df:6e:4f:a3:a8:45:15:61:
         a5:18:7c:c9:de:2b:82:65:41:d5:7b:f6:97:e3:e3:e5:a8:0e:
         b6:1b:fd:6e:2a:8d:84:92:5f:c4:3e:56:15:87:ff:52:0d:d8:
         91:ba:5a:f3:9a:3f:b3:74:2b:70:e9:90:64:4d:ba:b6:35:56:
         02:23:30:cb:18:be:90:c0:8c:ad:bb:fb:40:ae:cc:49:34:f9:
         9d:4c:af:0c:65:a4:75:00:bf:c8:4f:72:fa:9b:0b:1d:53:84:
         0f:db:d1:e4:3f:72:dc:bc:8f:68:de:05:99:ff:75:2a:b9:83:
         2d:98:07:06:42:27:11:ea:e6:6a:4c:40:66:64:37:ca:1e:75:
         aa:24:77:8b:b6:f6:6d:58:54:8b:50:f1:66:cd:0e:82:1e:c3:
         fa:81:83:57:23:80:a5:ef:77:2e:ea:fb:e5:c5:69:81:f2:4a:
         db:88:af:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJQf1nxEZX8apa90K7FEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MWJkZjUzMzM3YWNiMThiMjc2OTUyYzM1N2U5MTk4MGJj
YzViMGMwHhcNMjUwNzAxMDQwMDUwWhcNMjUwNzAyMDQwMDUwWjAzMTEwLwYDVQQD
Eyg3NmY0ZWFiMDQ1MWI3NjQwYTYyZmJlMzZmNThhZTcxMGQ1ODdkY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wLjwajq1+BFesfhhFVR+ksBiI87
Ez24UVQv5i86Hc3H//p/2Bh5Rx+rKPNNRbYSq2cM1G3UCzyY9qJMS+M6fnOz+Qxh
SxDm0j4RlJS9Ca4UDUkb99HHOC4AF+Y+Qx3K/isveTxasyY6PcQKNKqx/40EMLEb
aqw7UiRnbHElR3KAq0njOFz0Gkytdl6E5rkRBiB6GIcBiun23BeS82STInLAyZxO
cUirLexJH0zCOXrUVajcm8cYDxu2hKqJBAVSU5UqGqdSjZ8+pKB/VmlR6mZHSy1V
nGdkKvbu4aqrkLdflYQBoxuMElIXPbiuutkQyNIZt/9D0rFTwJBxlc+yVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHb06rBFG3ZApi++NvWK5xDVh9yjMB8GA1UdIwQY
MBaAFMUb31MzessYsnaVLDV+kZgLzFsMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYt
MWJiNDMwNjA2NTM1LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84M2U1ZWEtOWZlNC00ODE0LTgzYzYtMWJiNDMwNjA2NTM1
LzEveFJ2ZlV6TjZ5eGl5ZHBVc05YNlJtQXZNV3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKV/wgc3h
ZYH6YtT0HjPQ+bcKj7UkhZobhOriectKdtr17hXHJuXp3SAM8Y4G8HqEAINQdOk/
kvHKWn9keLIh4C6v+xrLQwWityw0+/uV870uFN9uT6OoRRVhpRh8yd4rgmVB1Xv2
l+Pj5agOthv9biqNhJJfxD5WFYf/Ug3Ykbpa85o/s3QrcOmQZE26tjVWAiMwyxi+
kMCMrbv7QK7MSTT5nUyvDGWkdQC/yE9y+psLHVOED9vR5D9y3LyPaN4Fmf91KrmD
LZgHBkInEermakxAZmQ3yh51qiR3i7b2bVhUi1DxZs0Ogh7D+oGDVyOApe93Lur7
5cVpgfJK24ivDA==
-----END CERTIFICATE-----