Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
File:                     6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft (raw, json)
Hash identifier:          CmaBnwD/4I2jgL9/vE7ArecUBavLOYGCpV/cp47OM7w=
Subject key identifier:   2D:CE:93:70:17:D0:74:5F:92:61:DC:71:DC:54:5C:44:E8:FA:DC:C0
Authority key identifier: E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2
Certificate issuer:       /CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
Certificate serial:       0198D54E90B45D094148145A6ECE523423C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
Manifest number:          0708
Signing time:             Sat 23 Aug 2025 05:02:32 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:32 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:32 +0000
Files and hashes:         1: 6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl (hash: Gr1tKEyR/5Kxp3mmjN0sBoFY4POkAL2nkh2BiEmVBr4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:90:b4:5d:09:41:48:14:5a:6e:ce:52:34:23:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
        Validity
            Not Before: Aug 23 05:02:32 2025 GMT
            Not After : Aug 24 05:02:32 2025 GMT
        Subject: CN=2dce937017d0745f9261dc71dc545c44e8fadcc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f6:3e:61:41:dd:6c:59:94:b3:69:30:35:e4:
                    79:4c:ae:64:df:1c:85:26:87:03:13:1e:c9:48:a8:
                    5b:eb:7f:5f:0c:98:5f:94:6b:6c:84:28:b4:5f:b3:
                    2c:f8:d1:8b:3a:ec:36:08:85:f3:0d:69:19:a1:79:
                    26:04:80:60:74:29:00:e7:e1:78:9f:84:2a:80:d0:
                    ae:ab:56:ce:e3:1f:e6:44:60:11:56:1b:a9:a0:71:
                    ba:d2:9b:97:0a:1a:d0:93:b0:76:dd:a7:f1:5d:2b:
                    32:57:4b:95:46:4b:3f:27:d3:10:a0:a1:3b:6d:75:
                    57:4c:93:29:f7:f8:d9:55:f3:ab:ae:b5:a1:42:dd:
                    53:81:5c:0b:1b:89:cd:fa:38:2c:03:a8:cb:6e:88:
                    e6:ad:f9:51:2d:2b:f7:39:44:4b:2d:29:b3:45:e8:
                    c6:7e:a7:7b:71:a7:28:70:e0:04:62:b4:ea:02:7d:
                    56:ea:d6:c4:71:71:85:8e:fc:bf:df:20:57:60:70:
                    5b:bd:74:a3:a5:e4:32:1c:91:d8:6e:d2:23:00:f8:
                    9e:b9:77:f9:43:59:26:74:a2:38:8f:13:7b:bc:5c:
                    6e:6f:81:01:95:98:f2:67:35:28:4f:ef:05:45:ab:
                    b4:d3:ba:b6:9b:5e:f9:36:25:ff:db:44:c0:94:b8:
                    48:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CE:93:70:17:D0:74:5F:92:61:DC:71:DC:54:5C:44:E8:FA:DC:C0
            X509v3 Authority Key Identifier:
                keyid:E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:84:d1:98:26:66:db:4e:20:c5:f4:b8:73:a1:5d:e4:5b:e9:
         e9:b8:dc:1c:a5:28:50:fc:36:ec:8e:98:54:57:4e:d8:b2:48:
         24:54:99:f1:13:0f:b4:d3:62:2b:da:97:76:b2:32:9c:94:dd:
         12:fa:2d:35:9b:3b:97:c1:31:7d:51:27:92:a7:f7:11:42:76:
         8a:a6:9a:d0:71:1b:49:a4:0a:c9:17:e9:9f:f5:cc:b8:32:b1:
         4f:e9:7b:03:32:6d:a4:51:3e:26:61:af:67:d1:18:3a:61:99:
         fb:a2:18:e4:31:eb:a0:57:81:ef:1f:4a:18:33:75:e8:7b:f9:
         2f:5e:7f:16:aa:51:4e:88:78:ae:5a:57:75:fc:7f:ba:e7:b1:
         dc:ca:5b:8c:23:29:a6:ef:f6:cb:f7:aa:c6:62:a7:40:dc:ad:
         c9:a1:5a:71:3d:b5:73:6d:0d:52:b8:42:85:0c:6a:2b:4f:19:
         ce:c0:d9:f4:49:d0:7e:00:fc:e5:2b:a0:e1:3a:09:f4:2f:14:
         97:42:29:03:74:8b:b5:ed:92:dd:da:53:db:bb:c4:3b:53:94:
         93:56:84:2b:b5:fb:3b:db:a5:0c:98:9f:13:7b:9a:ee:c0:c9:
         50:3c:81:fe:84:fc:75:12:15:4b:13:7e:4f:c0:8f:6f:c1:68:
         60:f5:2f:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTpC0XQlBSBRabs5SNCPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzJhNmMyZWJlYTQ2NDEzMDcyZjkwZGQ1MjZkNzhmMTEw
MmY0ZjIwHhcNMjUwODIzMDUwMjMyWhcNMjUwODI0MDUwMjMyWjAzMTEwLwYDVQQD
EygyZGNlOTM3MDE3ZDA3NDVmOTI2MWRjNzFkYzU0NWM0NGU4ZmFkY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfY+YUHdbFmUs2kwNeR5TK5k3xyF
JocDEx7JSKhb639fDJhflGtshCi0X7Ms+NGLOuw2CIXzDWkZoXkmBIBgdCkA5+F4
n4QqgNCuq1bO4x/mRGARVhupoHG60puXChrQk7B23afxXSsyV0uVRks/J9MQoKE7
bXVXTJMp9/jZVfOrrrWhQt1TgVwLG4nN+jgsA6jLbojmrflRLSv3OURLLSmzRejG
fqd7cacocOAEYrTqAn1W6tbEcXGFjvy/3yBXYHBbvXSjpeQyHJHYbtIjAPieuXf5
Q1kmdKI4jxN7vFxub4EBlZjyZzUoT+8FRau007q2m175NiX/20TAlLhIiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3Ok3AX0HRfkmHccdxUXETo+tzAMB8GA1UdIwQY
MBaAFOlypsLr6kZBMHL5DdUm148RAvTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMt
NGY5NzRjOTc3OTQ1LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMtNGY5NzRjOTc3OTQ1
LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoTRmCZm
204gxfS4c6Fd5Fvp6bjcHKUoUPw27I6YVFdO2LJIJFSZ8RMPtNNiK9qXdrIynJTd
EvotNZs7l8ExfVEnkqf3EUJ2iqaa0HEbSaQKyRfpn/XMuDKxT+l7AzJtpFE+JmGv
Z9EYOmGZ+6IY5DHroFeB7x9KGDN16Hv5L15/FqpRToh4rlpXdfx/uuex3MpbjCMp
pu/2y/eqxmKnQNytyaFacT21c20NUrhChQxqK08ZzsDZ9EnQfgD85Sug4ToJ9C8U
l0IpA3SLte2S3dpT27vEO1OUk1aEK7X7O9ulDJifE3ua7sDJUDyB/oT8dRIVSxN+
T8CPb8FoYPUvwA==
-----END CERTIFICATE-----