Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          OVIkmX+b4yIU36TTNmwHwGf7zwiJlpaALoa1BWYRSQE=
Subject key identifier:   47:8E:46:34:A5:BF:A3:16:72:E3:3F:90:A1:75:FC:25:CF:A6:DC:1D
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       0197B7EA3974A61226B5D71357E58EBF27D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          0687
Signing time:             Sat 28 Jun 2025 19:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:09 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: QnOjNUVJHJMwlswJyH9uEWYcpbOzGh4bgTnJ4asVN6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:39:74:a6:12:26:b5:d7:13:57:e5:8e:bf:27:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Jun 28 19:01:09 2025 GMT
            Not After : Jun 29 19:01:09 2025 GMT
        Subject: CN=478e4634a5bfa31672e33f90a175fc25cfa6dc1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:9c:37:0a:62:5c:55:d1:99:a0:66:a1:5f:44:
                    7d:d4:20:19:3a:7e:5e:27:04:e1:47:11:8e:2f:e7:
                    7b:09:d3:40:72:20:13:ca:15:16:7b:17:28:57:a0:
                    61:e3:56:96:9b:0a:87:dd:02:76:28:3c:d1:69:7e:
                    41:c0:a9:b8:04:d5:a7:71:58:11:cd:e8:dd:4c:72:
                    c0:f8:55:68:4b:64:0a:4d:1d:30:41:e4:fe:5b:a3:
                    c3:32:8f:06:5f:45:ee:0b:ca:12:86:4d:df:76:86:
                    ce:1b:3c:9f:40:05:56:d0:c4:16:6c:13:72:6b:09:
                    a4:68:8f:83:7d:85:31:90:9a:40:61:01:d7:bd:3f:
                    70:df:d7:7e:0d:9f:d4:9d:ae:2f:b3:80:16:6e:d6:
                    79:dd:73:0a:b4:00:4d:57:60:b5:d1:cc:bb:2c:f2:
                    ef:de:26:ad:2f:90:d2:98:fe:84:73:d3:87:46:3d:
                    4d:2d:79:ab:63:c2:a9:6a:3c:b6:bf:cb:1b:0e:a3:
                    cc:99:7f:92:25:78:d6:fb:20:60:6e:9f:98:d0:b2:
                    27:87:25:46:5f:2c:c9:0f:58:1f:9b:04:d4:2e:40:
                    ba:0a:ec:95:92:da:59:52:88:01:e9:e2:64:ef:cf:
                    89:0e:6e:e7:aa:06:97:67:55:29:71:cb:03:b4:3a:
                    d9:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:8E:46:34:A5:BF:A3:16:72:E3:3F:90:A1:75:FC:25:CF:A6:DC:1D
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:25:52:07:ad:76:52:42:45:5b:b6:71:62:d9:b1:a8:59:14:
         43:6f:e2:d1:d7:f5:37:4c:56:54:ab:e2:00:b7:c6:66:67:1c:
         e7:55:59:3a:a9:98:36:de:92:e6:d1:cc:0f:c1:28:6c:9b:44:
         96:c2:e3:70:34:6b:d7:ce:7f:4e:01:77:83:6f:22:2b:a5:a0:
         1a:6d:4e:c8:f5:3f:33:68:2f:46:bc:7b:1a:ef:55:36:c1:fa:
         97:31:12:4e:8c:9f:1e:c4:6b:f3:13:8d:51:a2:7d:b9:5d:3c:
         8a:4b:e6:70:11:76:cc:20:41:69:3d:a9:93:db:26:80:9b:11:
         3d:b2:94:c7:98:89:e9:ed:84:ef:44:3c:65:4d:75:03:d0:ad:
         1c:7c:54:48:a5:ce:ae:a8:be:67:c8:ae:e7:40:f4:a1:32:ec:
         3e:79:48:7f:05:3f:cc:57:80:7d:5a:e7:f6:42:97:88:47:9f:
         c9:9e:60:c5:00:5f:e4:9a:97:33:be:66:87:c4:41:f6:4a:95:
         ca:2c:1f:ff:25:d5:b7:03:13:57:0f:2a:c5:fb:d4:94:91:fc:
         64:8d:db:8f:58:4f:50:fe:4c:21:e6:45:fc:d4:8d:37:1c:93:
         c4:09:eb:44:35:74:b7:39:fb:84:82:5a:19:71:d3:df:2a:a5:
         e1:f3:42:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36jl0phImtdcTV+WOvyfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjUwNjI4MTkwMTA5WhcNMjUwNjI5MTkwMTA5WjAzMTEwLwYDVQQD
Eyg0NzhlNDYzNGE1YmZhMzE2NzJlMzNmOTBhMTc1ZmMyNWNmYTZkYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJw3CmJcVdGZoGahX0R91CAZOn5e
JwThRxGOL+d7CdNAciATyhUWexcoV6Bh41aWmwqH3QJ2KDzRaX5BwKm4BNWncVgR
zejdTHLA+FVoS2QKTR0wQeT+W6PDMo8GX0XuC8oShk3fdobOGzyfQAVW0MQWbBNy
awmkaI+DfYUxkJpAYQHXvT9w39d+DZ/Una4vs4AWbtZ53XMKtABNV2C10cy7LPLv
3iatL5DSmP6Ec9OHRj1NLXmrY8Kpajy2v8sbDqPMmX+SJXjW+yBgbp+Y0LInhyVG
XyzJD1gfmwTULkC6CuyVktpZUogB6eJk78+JDm7nqgaXZ1UpccsDtDrZ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeORjSlv6MWcuM/kKF1/CXPptwdMB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAayVSB612
UkJFW7ZxYtmxqFkUQ2/i0df1N0xWVKviALfGZmcc51VZOqmYNt6S5tHMD8EobJtE
lsLjcDRr185/TgF3g28iK6WgGm1OyPU/M2gvRrx7Gu9VNsH6lzESToyfHsRr8xON
UaJ9uV08ikvmcBF2zCBBaT2pk9smgJsRPbKUx5iJ6e2E70Q8ZU11A9CtHHxUSKXO
rqi+Z8iu50D0oTLsPnlIfwU/zFeAfVrn9kKXiEefyZ5gxQBf5JqXM75mh8RB9kqV
yiwf/yXVtwMTVw8qxfvUlJH8ZI3bj1hPUP5MIeZF/NSNNxyTxAnrRDV0tzn7hIJa
GXHT3yql4fNCxQ==
-----END CERTIFICATE-----