Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
File:                     mXZKyKibCft4hQ10xo4dqo8-KvE.mft (raw, json)
Hash identifier:          xl5MKtHEgojlUw8abjrYeJ7gnqqMh5Yn2sR1lbAq6Y0=
Subject key identifier:   76:6C:E5:B0:4D:50:A5:33:A4:BE:AE:BE:9D:D1:05:60:D6:28:63:69
Authority key identifier: 99:76:4A:C8:A8:9B:09:FB:78:85:0D:74:C6:8E:1D:AA:8F:3E:2A:F1
Certificate issuer:       /CN=99764ac8a89b09fb78850d74c68e1daa8f3e2af1
Certificate serial:       0197C0B6E2C0DD450F09D20F45EDB287A2E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
Manifest number:          07CD
Signing time:             Mon 30 Jun 2025 12:01:40 +0000
Manifest this update:     Mon 30 Jun 2025 12:01:40 +0000
Manifest next update:     Tue 01 Jul 2025 12:01:40 +0000
Files and hashes:         1: mXZKyKibCft4hQ10xo4dqo8-KvE.crl (hash: 1iDqqx53MT7169dysquAbU4Oy+X7lEm8Pdo5w6tJIH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 12:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:b6:e2:c0:dd:45:0f:09:d2:0f:45:ed:b2:87:a2:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99764ac8a89b09fb78850d74c68e1daa8f3e2af1
        Validity
            Not Before: Jun 30 12:01:40 2025 GMT
            Not After : Jul  1 12:01:40 2025 GMT
        Subject: CN=766ce5b04d50a533a4beaebe9dd10560d6286369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fa:49:7d:e7:3c:8d:5b:5b:24:04:b0:9c:25:
                    13:da:95:29:1f:6f:2e:79:e3:73:86:f9:dc:b8:94:
                    8a:c3:a5:38:31:01:c8:bb:51:00:fe:62:b5:18:03:
                    71:ab:30:ee:1d:26:a1:62:e6:e8:a2:a2:35:ba:42:
                    8d:c3:67:16:ee:1e:2f:41:f3:f2:8a:97:0e:ec:54:
                    be:94:1d:56:b8:87:bf:b8:e6:a3:80:f3:ea:42:8b:
                    e3:b9:50:b7:d8:b0:df:3d:1a:67:cf:75:70:08:b3:
                    74:75:31:a1:b5:06:f1:fe:d7:c2:63:dd:65:2d:cc:
                    d7:74:fe:c6:5e:63:03:07:97:78:17:cf:6f:35:03:
                    57:7f:02:0a:a1:aa:c4:a2:13:d3:9e:79:0d:18:52:
                    89:e4:50:05:75:91:de:e7:9f:24:dc:a5:10:61:d0:
                    b6:0b:32:66:bc:52:15:d5:f2:36:aa:fa:07:9d:a8:
                    d6:5c:d4:98:d6:1a:b5:49:c9:70:14:28:fe:07:77:
                    c4:0e:f4:f8:35:6d:eb:72:82:0e:c0:de:1a:bb:d9:
                    2a:d8:a8:f2:1c:d7:90:2f:74:95:f8:84:4c:3f:e6:
                    17:a1:db:d6:53:90:c2:22:30:3b:85:5b:ae:54:98:
                    12:aa:df:5a:6f:59:1f:62:a2:59:a5:47:14:00:56:
                    dd:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6C:E5:B0:4D:50:A5:33:A4:BE:AE:BE:9D:D1:05:60:D6:28:63:69
            X509v3 Authority Key Identifier:
                keyid:99:76:4A:C8:A8:9B:09:FB:78:85:0D:74:C6:8E:1D:AA:8F:3E:2A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXZKyKibCft4hQ10xo4dqo8-KvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/cb58eb-7c04-4cb9-8f33-8168cf472962/1/mXZKyKibCft4hQ10xo4dqo8-KvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:06:9e:09:51:8c:d2:8c:c6:71:b1:92:ab:0d:ee:c9:6b:3b:
         0d:3b:dd:bd:87:49:2e:e1:4d:24:35:b3:58:ca:e0:64:04:e0:
         f6:78:83:0c:d3:5a:11:84:b2:75:01:9e:d7:25:b5:76:e6:9a:
         9f:c4:de:db:55:08:68:52:18:d4:c5:7f:a0:91:13:40:bc:46:
         97:a9:d4:0f:5d:e0:4c:4f:54:6b:c9:79:35:37:65:cd:2e:09:
         85:61:8d:d9:03:64:c5:b5:13:47:08:24:25:6c:14:ac:1c:2f:
         a9:e2:d2:c1:09:1b:25:f7:2e:6f:31:10:55:5b:6b:39:d5:e7:
         a9:f2:b1:5a:d6:81:62:d3:f9:73:22:83:b4:14:c2:fb:c2:22:
         95:e9:fc:ed:50:e2:95:ce:df:4f:a1:9f:7e:5e:8d:bf:b7:96:
         0b:d4:64:ed:a5:5e:72:1a:24:11:7f:73:6f:07:95:6a:c3:e0:
         85:60:0e:07:02:d1:a2:a1:68:77:ef:ed:e6:48:c3:a4:17:7d:
         d4:bc:3d:c3:4f:6a:e9:cc:a1:8c:1d:3d:89:bd:33:f4:9b:49:
         45:46:69:c4:92:96:81:15:88:b0:25:e0:85:cc:2f:c5:de:30:
         b1:46:63:72:10:7d:ac:69:21:e8:91:57:49:76:4d:eb:22:82:
         46:ed:bd:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfAtuLA3UUPCdIPRe2yh6LkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzY0YWM4YTg5YjA5ZmI3ODg1MGQ3NGM2OGUxZGFhOGYz
ZTJhZjEwHhcNMjUwNjMwMTIwMTQwWhcNMjUwNzAxMTIwMTQwWjAzMTEwLwYDVQQD
Eyg3NjZjZTViMDRkNTBhNTMzYTRiZWFlYmU5ZGQxMDU2MGQ2Mjg2MzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPpJfec8jVtbJASwnCUT2pUpH28u
eeNzhvncuJSKw6U4MQHIu1EA/mK1GANxqzDuHSahYubooqI1ukKNw2cW7h4vQfPy
ipcO7FS+lB1WuIe/uOajgPPqQovjuVC32LDfPRpnz3VwCLN0dTGhtQbx/tfCY91l
LczXdP7GXmMDB5d4F89vNQNXfwIKoarEohPTnnkNGFKJ5FAFdZHe558k3KUQYdC2
CzJmvFIV1fI2qvoHnajWXNSY1hq1SclwFCj+B3fEDvT4NW3rcoIOwN4au9kq2Kjy
HNeQL3SV+IRMP+YXodvWU5DCIjA7hVuuVJgSqt9ab1kfYqJZpUcUAFbdwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZs5bBNUKUzpL6uvp3RBWDWKGNpMB8GA1UdIwQY
MBaAFJl2Ssiomwn7eIUNdMaOHaqPPirxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jYjU4ZWItN2MwNC00Y2I5LThmMzMt
ODE2OGNmNDcyOTYyLzEvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jYjU4ZWItN2MwNC00Y2I5LThmMzMtODE2OGNmNDcyOTYy
LzEvbVhaS3lLaWJDZnQ0aFExMHhvNGRxbzgtS3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAawaeCVGM
0ozGcbGSqw3uyWs7DTvdvYdJLuFNJDWzWMrgZATg9niDDNNaEYSydQGe1yW1duaa
n8Te21UIaFIY1MV/oJETQLxGl6nUD13gTE9Ua8l5NTdlzS4JhWGN2QNkxbUTRwgk
JWwUrBwvqeLSwQkbJfcubzEQVVtrOdXnqfKxWtaBYtP5cyKDtBTC+8Iilen87VDi
lc7fT6Gffl6Nv7eWC9Rk7aVechokEX9zbweVasPghWAOBwLRoqFod+/t5kjDpBd9
1Lw9w09q6cyhjB09ib0z9JtJRUZpxJKWgRWIsCXghcwvxd4wsUZjchB9rGkh6JFX
SXZN6yKCRu29XQ==
-----END CERTIFICATE-----