Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
File:                     xRlGjFXmvnFcDagFzvta7IXTKSY.mft (raw, json)
Hash identifier:          M1dFxYB2xgTMCcisLXOcYLK/7ZYtYfD9ntx1Mxb4x5E=
Subject key identifier:   CA:C8:49:A5:C6:9A:55:FC:FB:16:1A:B7:EE:E5:F0:15:8D:D1:F6:CF
Authority key identifier: C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26
Certificate issuer:       /CN=c519468c55e6be715c0da805cefb5aec85d32926
Certificate serial:       0197C42506D73160A59266A6F9D3EB8D29F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
Manifest number:          0EB5
Signing time:             Tue 01 Jul 2025 04:00:50 +0000
Manifest this update:     Tue 01 Jul 2025 04:00:50 +0000
Manifest next update:     Wed 02 Jul 2025 04:00:50 +0000
Files and hashes:         1: xRlGjFXmvnFcDagFzvta7IXTKSY.crl (hash: mlsHiMR1Bb09gKj5wvnMBeXosfA6h+Sw8N89hE+OC64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c4:25:06:d7:31:60:a5:92:66:a6:f9:d3:eb:8d:29:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c519468c55e6be715c0da805cefb5aec85d32926
        Validity
            Not Before: Jul  1 04:00:50 2025 GMT
            Not After : Jul  2 04:00:50 2025 GMT
        Subject: CN=cac849a5c69a55fcfb161ab7eee5f0158dd1f6cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8f:37:af:9f:cd:4d:21:f2:7e:29:20:c0:91:
                    d5:36:c4:ea:07:3e:57:14:de:b7:7d:9b:ad:00:35:
                    81:14:10:01:57:10:de:d8:35:9d:8e:76:13:5d:1a:
                    38:f6:f8:47:b2:98:ad:52:b7:70:16:ca:03:95:28:
                    ba:54:db:80:c7:d7:e1:9b:8d:5d:80:2e:8a:64:a7:
                    c3:aa:3c:6a:34:c0:16:49:65:48:58:c9:19:6e:83:
                    ec:12:2d:8b:50:32:99:2c:2a:d5:99:3e:a0:b5:4c:
                    f1:68:bf:1d:5d:9e:b4:80:ac:1b:d0:e0:b1:f3:7a:
                    70:6f:fc:9b:15:19:c0:41:4c:08:b0:bf:24:be:9d:
                    cb:94:ec:60:38:f6:83:c2:f5:84:d1:d0:60:16:21:
                    41:db:8f:8f:a5:bd:89:4b:e0:c7:78:e3:73:56:a9:
                    50:ec:05:fd:4d:e8:3a:38:b2:88:e4:7d:70:ba:83:
                    b8:d7:8c:0e:79:0b:d9:de:14:6e:70:cc:48:bb:77:
                    fd:a2:d8:05:cb:2a:af:ff:d7:d5:3a:63:99:a7:12:
                    69:d9:03:be:f9:f2:79:3d:2a:4f:97:e9:d4:67:89:
                    3c:97:de:1e:51:9f:89:7f:ec:f8:f3:b0:6a:e8:4d:
                    cb:b4:18:be:ea:1d:65:8d:7d:d1:71:db:ba:0c:96:
                    b9:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C8:49:A5:C6:9A:55:FC:FB:16:1A:B7:EE:E5:F0:15:8D:D1:F6:CF
            X509v3 Authority Key Identifier:
                keyid:C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:e7:39:4b:52:d6:fc:05:8f:6b:14:25:4e:77:bc:62:32:55:
         48:c0:23:09:66:74:11:62:83:52:e3:fe:f8:cf:31:bd:f0:34:
         70:b4:c4:3b:5c:e0:db:04:b0:4d:e3:84:30:ac:27:db:55:62:
         f8:25:c6:57:a3:18:34:cf:b5:f5:da:71:49:6d:08:32:49:b4:
         e7:4c:a9:2b:9b:4c:8d:e5:26:e6:8d:33:4a:0b:b5:89:58:1d:
         d2:76:cf:b4:66:7c:87:a3:90:de:b1:cf:78:d0:73:06:b2:df:
         4f:6d:32:bb:cb:b9:bb:f5:7f:07:9e:1c:7a:1f:2d:e6:e8:25:
         8e:45:66:6d:e0:67:50:b6:bd:33:41:b9:ab:a2:c9:95:ba:23:
         7f:04:94:8d:29:08:d1:46:98:b5:5a:1a:6b:0d:54:fd:ec:17:
         71:51:72:37:aa:19:1a:1a:4e:fb:25:fe:3b:03:f4:ec:c0:8b:
         43:89:7c:6a:67:bf:60:ce:b7:e0:62:c7:74:85:f5:52:3c:79:
         0b:e7:40:92:a3:f0:4e:2d:6b:cb:c5:ea:1e:10:31:51:d8:22:
         18:b1:fe:bc:81:a8:15:41:15:70:67:d4:8a:51:10:0c:c7:4f:
         61:7a:5b:ad:c3:27:8d:3e:f4:88:55:36:53:47:69:26:18:66:
         7e:6a:cd:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJQbXMWClkmam+dPrjSn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTk0NjhjNTVlNmJlNzE1YzBkYTgwNWNlZmI1YWVjODVk
MzI5MjYwHhcNMjUwNzAxMDQwMDUwWhcNMjUwNzAyMDQwMDUwWjAzMTEwLwYDVQQD
EyhjYWM4NDlhNWM2OWE1NWZjZmIxNjFhYjdlZWU1ZjAxNThkZDFmNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI83r5/NTSHyfikgwJHVNsTqBz5X
FN63fZutADWBFBABVxDe2DWdjnYTXRo49vhHspitUrdwFsoDlSi6VNuAx9fhm41d
gC6KZKfDqjxqNMAWSWVIWMkZboPsEi2LUDKZLCrVmT6gtUzxaL8dXZ60gKwb0OCx
83pwb/ybFRnAQUwIsL8kvp3LlOxgOPaDwvWE0dBgFiFB24+Ppb2JS+DHeONzVqlQ
7AX9Teg6OLKI5H1wuoO414wOeQvZ3hRucMxIu3f9otgFyyqv/9fVOmOZpxJp2QO+
+fJ5PSpPl+nUZ4k8l94eUZ+Jf+z487Bq6E3LtBi+6h1ljX3Rcdu6DJa5owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrISaXGmlX8+xYat+7l8BWN0fbPMB8GA1UdIwQY
MBaAFMUZRoxV5r5xXA2oBc77WuyF0ykmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2Ut
NmE3MWI4NDRhZDY2LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2UtNmE3MWI4NDRhZDY2
LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASOc5S1LW
/AWPaxQlTne8YjJVSMAjCWZ0EWKDUuP++M8xvfA0cLTEO1zg2wSwTeOEMKwn21Vi
+CXGV6MYNM+19dpxSW0IMkm050ypK5tMjeUm5o0zSgu1iVgd0nbPtGZ8h6OQ3rHP
eNBzBrLfT20yu8u5u/V/B54ceh8t5ugljkVmbeBnULa9M0G5q6LJlbojfwSUjSkI
0UaYtVoaaw1U/ewXcVFyN6oZGhpO+yX+OwP07MCLQ4l8ame/YM634GLHdIX1Ujx5
C+dAkqPwTi1ry8XqHhAxUdgiGLH+vIGoFUEVcGfUilEQDMdPYXpbrcMnjT70iFU2
U0dpJhhmfmrN+w==
-----END CERTIFICATE-----