Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
File:                     6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft (raw, json)
Hash identifier:          O0Y8G/ahc4HOmeSlIf4k+6EsmZCe/IagfG0FfqQQ/ho=
Subject key identifier:   5E:F1:1E:CD:92:7E:CF:A8:31:5D:1A:BE:D4:00:7F:53:6B:1C:E0:5C
Authority key identifier: E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2
Certificate issuer:       /CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
Certificate serial:       0197B96ADC196A9B4FF72E7B7C1E031ACF7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
Manifest number:          0675
Signing time:             Sun 29 Jun 2025 02:01:17 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:17 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:17 +0000
Files and hashes:         1: 6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl (hash: X7pU7yuL8jxHgKpbBnoaAuZYtDsj4SRwxi9hpu48lJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:dc:19:6a:9b:4f:f7:2e:7b:7c:1e:03:1a:cf:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
        Validity
            Not Before: Jun 29 02:01:17 2025 GMT
            Not After : Jun 30 02:01:17 2025 GMT
        Subject: CN=5ef11ecd927ecfa8315d1abed4007f536b1ce05c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:57:0a:77:e7:55:bb:9b:1b:f0:72:e7:c8:0b:
                    34:4f:e0:f9:de:4d:79:31:3e:25:ff:80:0b:f4:88:
                    ed:c2:aa:ae:db:0d:d9:64:19:af:c7:ba:6a:32:63:
                    51:23:f1:a6:4b:bb:95:9c:62:0a:82:fc:83:a5:f4:
                    01:d5:21:d3:fb:55:58:78:83:1d:b6:08:6a:78:fe:
                    51:e3:d9:15:f6:51:9e:8f:cd:b6:de:bd:90:71:8a:
                    f3:94:64:8c:31:e9:a4:ea:ea:94:b5:bc:b7:de:7d:
                    7a:2a:d5:92:57:fb:55:cb:70:5c:1b:df:76:02:1f:
                    e1:32:b6:21:a5:78:fb:5d:2b:f5:59:d4:c4:fc:aa:
                    84:b9:b7:43:ca:d0:64:3f:ae:7d:b5:e9:90:8a:76:
                    37:d3:aa:57:ab:4b:10:f1:e7:d2:8e:f3:b1:de:fe:
                    d2:0a:84:e2:ae:3d:43:ce:ab:b3:98:ef:08:87:c5:
                    68:9c:d5:23:3c:fb:6b:31:d9:91:d4:53:f7:b8:9c:
                    65:47:e8:b4:34:15:36:78:0a:2e:ca:16:be:bf:c0:
                    2b:25:2c:1b:a6:e8:21:ff:f0:69:18:7a:a3:64:03:
                    af:e2:f8:fe:22:f2:12:04:e9:4a:38:41:f1:86:8b:
                    e1:c1:89:fe:1e:9e:70:15:64:31:09:69:59:82:b1:
                    ba:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F1:1E:CD:92:7E:CF:A8:31:5D:1A:BE:D4:00:7F:53:6B:1C:E0:5C
            X509v3 Authority Key Identifier:
                keyid:E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:0d:5d:a9:8c:ec:fc:66:a2:f3:b0:80:0a:82:c7:b8:33:13:
         07:fa:c7:df:c9:37:78:09:73:a4:a5:59:d6:05:d9:4b:07:a6:
         9f:4e:6f:88:ae:2e:6c:7d:1a:41:d4:1a:3a:d1:54:5f:13:76:
         50:79:79:0b:76:d6:bf:c9:ae:14:b6:bd:c0:77:e3:50:73:f2:
         2d:85:de:9d:2b:27:e8:cb:77:0a:64:06:56:84:85:7f:cb:87:
         03:f2:29:52:72:5d:3d:fb:ef:26:d7:d0:ac:14:f3:b3:5c:a3:
         91:29:a0:d4:1d:6a:63:d4:cc:be:2f:30:95:f9:65:4a:02:64:
         7d:43:5f:e6:c5:f8:73:d5:2e:d9:f2:6a:de:77:44:39:30:71:
         21:10:b3:5c:96:f1:59:6e:66:89:9b:27:0b:b5:86:12:a5:41:
         f9:e4:ca:a5:fd:5b:1e:31:f1:1e:b8:c5:9d:ec:c7:e8:66:8e:
         75:fd:6c:b6:15:a8:8f:ec:e8:f9:86:26:6d:eb:cb:13:fd:47:
         ec:91:35:75:e9:e2:75:c3:17:9b:d5:e5:85:0c:1b:22:db:58:
         5d:2b:5c:bd:ce:19:58:29:bf:ed:bf:4d:46:6e:6a:03:21:66:
         5f:bf:71:59:ff:b2:1d:57:10:79:5f:5e:19:27:85:42:a1:6a:
         21:75:9f:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5atwZaptP9y57fB4DGs98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzJhNmMyZWJlYTQ2NDEzMDcyZjkwZGQ1MjZkNzhmMTEw
MmY0ZjIwHhcNMjUwNjI5MDIwMTE3WhcNMjUwNjMwMDIwMTE3WjAzMTEwLwYDVQQD
Eyg1ZWYxMWVjZDkyN2VjZmE4MzE1ZDFhYmVkNDAwN2Y1MzZiMWNlMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lcKd+dVu5sb8HLnyAs0T+D53k15
MT4l/4AL9Ijtwqqu2w3ZZBmvx7pqMmNRI/GmS7uVnGIKgvyDpfQB1SHT+1VYeIMd
tghqeP5R49kV9lGej8223r2QcYrzlGSMMemk6uqUtby33n16KtWSV/tVy3BcG992
Ah/hMrYhpXj7XSv1WdTE/KqEubdDytBkP659temQinY306pXq0sQ8efSjvOx3v7S
CoTirj1DzquzmO8Ih8VonNUjPPtrMdmR1FP3uJxlR+i0NBU2eAouyha+v8ArJSwb
pugh//BpGHqjZAOv4vj+IvISBOlKOEHxhovhwYn+Hp5wFWQxCWlZgrG6NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7xHs2Sfs+oMV0avtQAf1NrHOBcMB8GA1UdIwQY
MBaAFOlypsLr6kZBMHL5DdUm148RAvTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMt
NGY5NzRjOTc3OTQ1LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMtNGY5NzRjOTc3OTQ1
LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKQ1dqYzs
/Gai87CACoLHuDMTB/rH38k3eAlzpKVZ1gXZSwemn05viK4ubH0aQdQaOtFUXxN2
UHl5C3bWv8muFLa9wHfjUHPyLYXenSsn6Mt3CmQGVoSFf8uHA/IpUnJdPfvvJtfQ
rBTzs1yjkSmg1B1qY9TMvi8wlfllSgJkfUNf5sX4c9Uu2fJq3ndEOTBxIRCzXJbx
WW5miZsnC7WGEqVB+eTKpf1bHjHxHrjFnezH6GaOdf1sthWoj+zo+YYmbevLE/1H
7JE1denidcMXm9XlhQwbIttYXStcvc4ZWCm/7b9NRm5qAyFmX79xWf+yHVcQeV9e
GSeFQqFqIXWf1A==
-----END CERTIFICATE-----