Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          5B2Sm1r+pq/YFtmCfZVO5si6JNcbvwXN7uh3Qm4r9WM=
Subject key identifier:   8D:22:12:41:15:86:61:B3:71:55:70:07:A2:9E:7F:33:70:0D:D7:87
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       0197B6A115AA93D5270050BA25F50618A4B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:39 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: 1nds44T+7od878FI6R8tCSE18V/yLntZDl4iQqfQLo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:15:aa:93:d5:27:00:50:ba:25:f5:06:18:a4:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Jun 28 13:01:39 2025 GMT
            Not After : Jun 29 13:01:39 2025 GMT
        Subject: CN=8d221241158661b371557007a29e7f33700dd787
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9b:74:8c:a7:7a:92:ac:98:3f:9c:fb:28:d5:
                    d5:fa:5c:37:41:97:06:c5:ff:70:47:fe:d2:f2:94:
                    e9:43:d0:27:c3:29:9a:93:08:d2:8d:32:3d:5a:39:
                    8a:6e:b9:95:43:69:a3:47:24:76:9e:a7:e1:dd:ee:
                    28:c2:38:4a:a7:8d:42:07:8c:d5:7f:9d:67:d3:ff:
                    6d:56:07:64:b3:6e:01:f3:52:0f:11:ba:d5:33:27:
                    a5:5c:28:c4:cd:57:38:29:97:d8:b6:fc:fd:c3:4b:
                    ae:18:ff:78:df:1d:8d:03:55:fd:4a:c2:b5:8f:3a:
                    93:47:bf:6f:71:cc:b6:b3:ed:93:de:d9:a1:6e:30:
                    89:9c:1d:f0:1d:2b:26:01:0f:e4:6c:ce:76:b9:ab:
                    fe:16:92:1a:f3:1f:ae:b1:34:33:4d:02:91:88:de:
                    7b:c3:5e:9f:ab:0c:39:39:d2:d4:69:aa:5f:48:b5:
                    09:ae:c2:a5:88:7e:bc:ae:69:bc:2f:11:18:f8:84:
                    84:02:06:d7:c5:fb:cd:68:99:05:ba:a3:74:15:56:
                    d2:65:b7:d9:7b:37:80:a7:3a:5e:6e:81:00:e8:58:
                    8a:9a:11:f3:50:ca:21:c2:89:58:a0:dd:ac:6b:a9:
                    7c:6c:ad:52:2c:05:eb:ea:30:76:c0:d5:31:cb:fe:
                    ea:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:22:12:41:15:86:61:B3:71:55:70:07:A2:9E:7F:33:70:0D:D7:87
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:bb:18:d2:58:3c:94:23:b2:e4:f1:f0:49:b1:68:fd:97:ea:
         e8:56:8c:9d:9a:8e:ac:c6:7f:06:fb:6d:0c:9b:68:20:4a:9b:
         ae:c8:d5:32:43:08:44:68:63:91:e3:2a:6c:57:ef:dd:1d:4e:
         ad:87:2f:d6:53:bf:d1:2b:af:6a:6f:7b:c2:ad:23:0b:c3:16:
         a9:f5:e2:eb:57:b6:de:f5:b2:6f:1a:24:0d:4f:f3:fa:6b:78:
         28:30:0d:ed:2b:fd:0c:2e:ad:01:17:86:21:7d:11:a2:e0:04:
         6d:7e:3c:50:82:51:5b:ff:13:7a:50:4e:b2:4d:24:3c:35:f3:
         3e:54:7a:1c:9c:80:f0:3d:2f:15:b9:09:27:57:9e:46:13:30:
         24:cf:7f:69:34:4a:73:58:58:9c:50:92:54:ac:55:71:eb:fd:
         44:27:48:9c:8f:d9:00:69:42:27:74:91:c5:09:4c:8c:04:0c:
         f6:b5:68:9b:8b:96:40:87:fc:c7:b0:01:dd:18:2f:69:7c:e9:
         86:f5:3a:62:c6:9b:44:4f:43:ae:ab:aa:a5:6b:ac:ae:5c:df:
         48:d9:10:db:e1:a5:0e:b0:ad:38:49:79:e8:40:fa:39:70:e5:
         14:59:d2:38:8b:0f:b8:68:6c:c2:98:88:3b:25:b5:f3:45:fd:
         ac:e8:12:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRWqk9UnAFC6JfUGGKSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUwNjI4MTMwMTM5WhcNMjUwNjI5MTMwMTM5WjAzMTEwLwYDVQQD
Eyg4ZDIyMTI0MTE1ODY2MWIzNzE1NTcwMDdhMjllN2YzMzcwMGRkNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJt0jKd6kqyYP5z7KNXV+lw3QZcG
xf9wR/7S8pTpQ9AnwymakwjSjTI9WjmKbrmVQ2mjRyR2nqfh3e4owjhKp41CB4zV
f51n0/9tVgdks24B81IPEbrVMyelXCjEzVc4KZfYtvz9w0uuGP943x2NA1X9SsK1
jzqTR79vccy2s+2T3tmhbjCJnB3wHSsmAQ/kbM52uav+FpIa8x+usTQzTQKRiN57
w16fqww5OdLUaapfSLUJrsKliH68rmm8LxEY+ISEAgbXxfvNaJkFuqN0FVbSZbfZ
ezeApzpeboEA6FiKmhHzUMohwolYoN2sa6l8bK1SLAXr6jB2wNUxy/7qQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0iEkEVhmGzcVVwB6KefzNwDdeHMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbsY0lg8
lCOy5PHwSbFo/Zfq6FaMnZqOrMZ/BvttDJtoIEqbrsjVMkMIRGhjkeMqbFfv3R1O
rYcv1lO/0Suvam97wq0jC8MWqfXi61e23vWybxokDU/z+mt4KDAN7Sv9DC6tAReG
IX0RouAEbX48UIJRW/8TelBOsk0kPDXzPlR6HJyA8D0vFbkJJ1eeRhMwJM9/aTRK
c1hYnFCSVKxVcev9RCdInI/ZAGlCJ3SRxQlMjAQM9rVom4uWQIf8x7AB3RgvaXzp
hvU6YsabRE9DrquqpWusrlzfSNkQ2+GlDrCtOEl56ED6OXDlFFnSOIsPuGhswpiI
OyW180X9rOgS6w==
-----END CERTIFICATE-----