Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
File:                     xLCiTzhOiW3lHlg149KEYHtJxZE.mft (raw, json)
Hash identifier:          btaCMgSIYT1SLjHzMqmluKOPK6kryteE+xkw4AjCb2M=
Subject key identifier:   8B:5D:AA:1E:55:87:AA:4B:C0:9C:04:88:F7:8E:8B:3C:71:63:29:5F
Authority key identifier: C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91
Certificate issuer:       /CN=c4b0a24f384e896de51e5835e3d284607b49c591
Certificate serial:       0197D1A99F1D6BD6D3327452873D176BB5B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
Manifest number:          97
Signing time:             Thu 03 Jul 2025 19:00:43 +0000
Manifest this update:     Thu 03 Jul 2025 19:00:43 +0000
Manifest next update:     Fri 04 Jul 2025 19:00:43 +0000
Files and hashes:         1: xLCiTzhOiW3lHlg149KEYHtJxZE.crl (hash: 0muKUC3KN6Kzc6KQsLroFF36/9sNK2xDCFqkyz/msAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 17:39:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d1:a9:9f:1d:6b:d6:d3:32:74:52:87:3d:17:6b:b5:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4b0a24f384e896de51e5835e3d284607b49c591
        Validity
            Not Before: Jul  3 19:00:43 2025 GMT
            Not After : Jul  4 19:00:43 2025 GMT
        Subject: CN=8b5daa1e5587aa4bc09c0488f78e8b3c7163295f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:99:b6:15:a8:7f:fb:5a:a5:d7:35:23:14:b1:
                    65:03:80:ba:09:79:d9:97:48:f1:27:98:5b:c0:cc:
                    f0:47:f3:a2:5a:48:f7:70:34:65:dc:9b:b0:0f:16:
                    e3:5c:76:04:83:a3:1b:ef:cd:6a:ec:5f:d8:92:0d:
                    c5:a5:49:ee:2a:05:b3:77:61:2a:fc:a4:58:b1:ef:
                    58:03:4b:fc:fd:cd:fa:1c:93:39:f1:53:9d:74:94:
                    39:01:9c:4b:5e:fc:ef:a5:ac:5a:39:a5:2e:bc:5a:
                    b1:e0:1b:14:3b:77:99:b6:03:f1:5e:e5:4b:90:ca:
                    c5:ca:05:14:03:63:40:91:8a:68:b2:2e:65:c5:ab:
                    8d:23:63:7a:1e:2f:7b:9b:b4:3c:8b:2d:56:55:49:
                    b3:d1:78:d0:e8:cf:1d:0a:2e:a2:5c:83:0b:71:46:
                    f4:67:11:e3:7f:e0:a1:35:45:6c:ea:e7:58:0b:f4:
                    d1:6d:f7:9f:60:e9:53:34:5e:f9:c7:29:87:e8:43:
                    5c:2d:9c:3b:19:ae:d8:ea:7f:d6:f1:1c:28:21:87:
                    c0:3c:59:c1:4c:25:d2:6c:8a:4d:54:85:b4:b7:4b:
                    8e:22:02:d6:ee:98:29:d5:64:19:ce:87:29:69:c5:
                    ac:c5:a5:04:8c:a2:1b:04:b0:13:35:7b:00:ef:2a:
                    81:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5D:AA:1E:55:87:AA:4B:C0:9C:04:88:F7:8E:8B:3C:71:63:29:5F
            X509v3 Authority Key Identifier:
                keyid:C4:B0:A2:4F:38:4E:89:6D:E5:1E:58:35:E3:D2:84:60:7B:49:C5:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLCiTzhOiW3lHlg149KEYHtJxZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e2927e-bff0-4c61-9188-b86a6f262633/1/xLCiTzhOiW3lHlg149KEYHtJxZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:0c:59:f8:93:4b:49:e7:2f:f9:b1:0a:fc:1e:2e:4d:c8:2e:
         b8:5c:42:ab:5d:0c:76:1b:12:f8:b7:ca:c0:0d:97:e3:1d:c7:
         20:cb:41:9f:26:60:1a:fb:14:6c:ad:0f:2a:39:51:9b:6f:bb:
         3a:a9:b5:be:13:f9:70:6e:03:81:82:91:d7:8d:a3:ae:77:b4:
         76:eb:d9:fa:de:dd:0e:bb:35:3f:e8:88:b5:19:aa:5a:3a:88:
         e3:30:a6:d5:aa:12:d7:a5:29:f5:ca:11:25:18:94:b2:10:67:
         bd:91:91:98:a9:51:95:df:1e:5f:e7:1e:6b:90:30:84:31:55:
         8f:f3:f7:8c:85:f5:09:f4:a0:23:fc:5c:10:66:83:40:e9:99:
         43:ce:04:d1:36:31:cb:3c:00:ca:aa:bd:6b:31:47:84:68:b3:
         94:6a:ab:96:dc:18:a0:cf:6a:ad:4b:4c:c4:1d:2c:81:b2:e0:
         7a:0b:6f:bf:99:21:73:5e:b8:4f:94:93:65:2b:61:a8:1e:2f:
         f8:48:62:da:73:20:ec:da:5a:57:e2:c3:99:50:ce:d6:53:f3:
         4c:b4:fb:26:08:44:53:50:fb:d5:c9:f8:25:cc:2f:28:2f:cb:
         73:3f:1b:fe:70:3d:01:e6:77:a7:8e:fe:ca:34:bf:46:40:b3:
         4a:d2:c7:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfRqZ8da9bTMnRShz0Xa7W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjBhMjRmMzg0ZTg5NmRlNTFlNTgzNWUzZDI4NDYwN2I0
OWM1OTEwHhcNMjUwNzAzMTkwMDQzWhcNMjUwNzA0MTkwMDQzWjAzMTEwLwYDVQQD
Eyg4YjVkYWExZTU1ODdhYTRiYzA5YzA0ODhmNzhlOGIzYzcxNjMyOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpm2Fah/+1ql1zUjFLFlA4C6CXnZ
l0jxJ5hbwMzwR/OiWkj3cDRl3JuwDxbjXHYEg6Mb781q7F/Ykg3FpUnuKgWzd2Eq
/KRYse9YA0v8/c36HJM58VOddJQ5AZxLXvzvpaxaOaUuvFqx4BsUO3eZtgPxXuVL
kMrFygUUA2NAkYposi5lxauNI2N6Hi97m7Q8iy1WVUmz0XjQ6M8dCi6iXIMLcUb0
ZxHjf+ChNUVs6udYC/TRbfefYOlTNF75xymH6ENcLZw7Ga7Y6n/W8RwoIYfAPFnB
TCXSbIpNVIW0t0uOIgLW7pgp1WQZzocpacWsxaUEjKIbBLATNXsA7yqBiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItdqh5Vh6pLwJwEiPeOizxxYylfMB8GA1UdIwQY
MBaAFMSwok84Tolt5R5YNePShGB7ScWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgt
Yjg2YTZmMjYyNjMzLzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lMjkyN2UtYmZmMC00YzYxLTkxODgtYjg2YTZmMjYyNjMz
LzEveExDaVR6aE9pVzNsSGxnMTQ5S0VZSHRKeFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzQxZ+JNL
Secv+bEK/B4uTcguuFxCq10MdhsS+LfKwA2X4x3HIMtBnyZgGvsUbK0PKjlRm2+7
Oqm1vhP5cG4DgYKR142jrne0duvZ+t7dDrs1P+iItRmqWjqI4zCm1aoS16Up9coR
JRiUshBnvZGRmKlRld8eX+cea5AwhDFVj/P3jIX1CfSgI/xcEGaDQOmZQ84E0TYx
yzwAyqq9azFHhGizlGqrltwYoM9qrUtMxB0sgbLgegtvv5khc164T5STZSthqB4v
+Ehi2nMg7NpaV+LDmVDO1lPzTLT7JghEU1D71cn4JcwvKC/Lcz8b/nA9AeZ3p47+
yjS/RkCzStLHKQ==
-----END CERTIFICATE-----