Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
File:                     k8QjPQuo54YYoJpyVh3M0GSYyE4.mft (raw, json)
Hash identifier:          o0O8xClmGPHYXmbJYC0W0mLD8SMESvq1xrgccpnfwF4=
Subject key identifier:   87:72:7F:1B:C3:2A:57:5B:52:9E:11:83:F5:C7:FE:B6:16:07:D8:15
Authority key identifier: 93:C4:23:3D:0B:A8:E7:86:18:A0:9A:72:56:1D:CC:D0:64:98:C8:4E
Certificate issuer:       /CN=93c4233d0ba8e78618a09a72561dccd06498c84e
Certificate serial:       0197B6A14353DB53FEDBD74044F8AE8F95C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:51 +0000
Files and hashes:         1: k8QjPQuo54YYoJpyVh3M0GSYyE4.crl (hash: b8YP8HDyvtQZywvIi+S6X4dh8t/uhU3Mt9m5DW1+SNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:43:53:db:53:fe:db:d7:40:44:f8:ae:8f:95:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93c4233d0ba8e78618a09a72561dccd06498c84e
        Validity
            Not Before: Jun 28 13:01:51 2025 GMT
            Not After : Jun 29 13:01:51 2025 GMT
        Subject: CN=87727f1bc32a575b529e1183f5c7feb61607d815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:93:9b:4b:19:09:6f:f5:8b:02:19:98:11:12:
                    a9:95:d0:25:7e:36:4f:ce:fc:95:ad:56:9e:ac:4f:
                    d0:d2:74:75:d4:e5:31:72:5f:db:6c:b9:7e:75:f8:
                    38:03:a0:c3:8d:11:8e:ce:9b:c3:e7:08:23:17:8b:
                    1f:8f:94:cd:cb:53:7e:82:37:c4:ee:98:c3:65:24:
                    e7:c9:90:d0:32:ca:8e:e2:55:c7:b3:8e:28:34:df:
                    a5:80:70:70:05:07:86:01:58:34:6d:62:16:e3:80:
                    aa:8c:03:34:69:e5:b1:fc:4b:41:24:2f:86:cf:42:
                    66:41:98:13:8c:ac:b7:52:9e:45:42:93:bd:91:d6:
                    a3:e2:fa:07:99:ee:d6:40:96:6f:b2:a4:1f:ff:7c:
                    b6:85:25:07:84:f3:52:06:d5:1f:c8:1b:50:5d:a2:
                    5c:80:29:2a:e1:49:40:2c:4c:8b:71:61:f4:79:13:
                    f1:22:74:42:ec:f7:08:ab:74:f1:a1:1e:f9:80:13:
                    8e:54:b9:b2:b1:fd:04:41:0d:87:ae:32:13:f9:83:
                    5a:df:17:d0:dd:43:a9:11:04:85:ef:d5:0f:3b:68:
                    2c:ff:fc:94:99:76:aa:88:86:a4:43:59:d2:97:e9:
                    e0:2f:c4:4b:43:1b:55:4e:fa:fe:60:3c:fb:19:99:
                    f0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:72:7F:1B:C3:2A:57:5B:52:9E:11:83:F5:C7:FE:B6:16:07:D8:15
            X509v3 Authority Key Identifier:
                keyid:93:C4:23:3D:0B:A8:E7:86:18:A0:9A:72:56:1D:CC:D0:64:98:C8:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:a0:43:14:90:63:7b:c2:d8:0e:0c:f3:0b:fe:c6:1f:16:e2:
         90:e9:2b:53:d0:47:a7:8e:cd:17:b0:fa:a2:1b:3f:ab:3f:59:
         29:41:04:6c:43:0d:a4:9b:09:50:2e:0a:4e:9e:d9:7e:fd:19:
         0d:de:2c:66:e9:c0:fc:51:ee:95:0e:91:00:e0:b8:2c:15:23:
         06:6d:44:78:4b:86:80:14:13:cc:a6:f4:19:52:6a:8f:35:8e:
         ac:b8:63:f7:5a:5b:07:d1:b0:5e:24:60:c9:26:c1:14:41:9e:
         37:c1:59:55:60:aa:fb:ee:79:5e:9c:db:d9:27:79:14:19:7f:
         26:7f:ac:05:4c:3d:7c:a5:3e:2c:b1:61:03:2f:47:48:e2:df:
         25:7a:48:44:3e:05:8d:6d:c9:b1:56:39:27:c8:aa:5a:eb:a1:
         4a:90:cc:74:0e:25:2b:02:4e:80:1a:63:6a:b3:6b:e3:a4:67:
         69:51:0f:1f:54:aa:61:78:2b:49:4d:45:0a:a3:10:30:01:23:
         6f:7b:5c:5c:5e:22:78:95:23:37:f8:0a:c4:32:c4:ca:d4:76:
         80:f0:11:2e:6f:97:21:72:80:ef:48:3c:69:1e:2f:b3:aa:80:
         50:7f:cb:78:3a:0a:10:9d:87:94:f2:d7:f2:f3:0f:16:d3:15:
         a7:fb:a1:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUNT21P+29dARPiuj5XDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYzQyMzNkMGJhOGU3ODYxOGEwOWE3MjU2MWRjY2QwNjQ5
OGM4NGUwHhcNMjUwNjI4MTMwMTUxWhcNMjUwNjI5MTMwMTUxWjAzMTEwLwYDVQQD
Eyg4NzcyN2YxYmMzMmE1NzViNTI5ZTExODNmNWM3ZmViNjE2MDdkODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ObSxkJb/WLAhmYERKpldAlfjZP
zvyVrVaerE/Q0nR11OUxcl/bbLl+dfg4A6DDjRGOzpvD5wgjF4sfj5TNy1N+gjfE
7pjDZSTnyZDQMsqO4lXHs44oNN+lgHBwBQeGAVg0bWIW44CqjAM0aeWx/EtBJC+G
z0JmQZgTjKy3Up5FQpO9kdaj4voHme7WQJZvsqQf/3y2hSUHhPNSBtUfyBtQXaJc
gCkq4UlALEyLcWH0eRPxInRC7PcIq3TxoR75gBOOVLmysf0EQQ2HrjIT+YNa3xfQ
3UOpEQSF79UPO2gs//yUmXaqiIakQ1nSl+ngL8RLQxtVTvr+YDz7GZnwdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdyfxvDKldbUp4Rg/XH/rYWB9gVMB8GA1UdIwQY
MBaAFJPEIz0LqOeGGKCaclYdzNBkmMhOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81Zjc1N2ItNGYyMi00M2RiLTlkYTkt
MjQ5NjExNmU0MTVkLzEvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81Zjc1N2ItNGYyMi00M2RiLTlkYTktMjQ5NjExNmU0MTVk
LzEvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh6BDFJBj
e8LYDgzzC/7GHxbikOkrU9BHp47NF7D6ohs/qz9ZKUEEbEMNpJsJUC4KTp7Zfv0Z
Dd4sZunA/FHulQ6RAOC4LBUjBm1EeEuGgBQTzKb0GVJqjzWOrLhj91pbB9GwXiRg
ySbBFEGeN8FZVWCq++55Xpzb2Sd5FBl/Jn+sBUw9fKU+LLFhAy9HSOLfJXpIRD4F
jW3JsVY5J8iqWuuhSpDMdA4lKwJOgBpjarNr46RnaVEPH1SqYXgrSU1FCqMQMAEj
b3tcXF4ieJUjN/gKxDLEytR2gPARLm+XIXKA70g8aR4vs6qAUH/LeDoKEJ2HlPLX
8vMPFtMVp/uhRA==
-----END CERTIFICATE-----