Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
File:                     WnMRox5rU6F10ZE1sryZOh-5hLE.mft (raw, json)
Hash identifier:          3u/Qlmwe/oO3U5Q6yDi7+oe/QvWLFEIN4gPUtaUPtJQ=
Subject key identifier:   B8:0F:FE:15:69:79:C4:42:91:1C:54:7F:19:94:6F:26:3A:39:51:DC
Authority key identifier: 5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1
Certificate issuer:       /CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
Certificate serial:       0197B7EA794360EF473A0D9C3A33D6E05F52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
Manifest number:          13DB
Signing time:             Sat 28 Jun 2025 19:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:26 +0000
Files and hashes:         1: WnMRox5rU6F10ZE1sryZOh-5hLE.crl (hash: 6X/F3jtvE4jvEwF+qsWTPaZhRAtXNWbW0cf3ok4gPfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:79:43:60:ef:47:3a:0d:9c:3a:33:d6:e0:5f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a7311a31e6b53a175d19135b2bc993a1fb984b1
        Validity
            Not Before: Jun 28 19:01:26 2025 GMT
            Not After : Jun 29 19:01:26 2025 GMT
        Subject: CN=b80ffe156979c442911c547f19946f263a3951dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b7:f6:d3:08:70:be:a8:cf:11:52:2d:aa:fe:
                    27:bc:56:b2:62:76:0e:bf:4e:43:fe:22:8e:eb:a6:
                    f7:5d:60:ab:91:c7:9e:e3:7c:e7:2a:c0:02:b6:cb:
                    01:4f:9b:88:f0:e6:65:4a:33:fa:e8:55:a9:25:95:
                    b8:49:18:a4:5b:83:8e:11:32:ee:84:02:00:6a:ac:
                    bd:cd:f9:95:14:f2:fc:09:5d:cd:e7:45:be:5c:c0:
                    72:5c:eb:fb:82:12:6f:cf:b9:71:39:e7:50:33:ee:
                    20:cf:69:1c:fa:5c:d7:b4:3b:a7:bd:86:e0:e4:03:
                    f8:38:42:6d:8b:53:06:34:64:06:da:6e:4f:74:ee:
                    a3:d1:84:4d:19:da:b6:6e:0a:1a:f9:9a:c4:70:b5:
                    33:8e:07:49:7a:e3:73:1d:a7:4e:b5:a1:50:86:62:
                    44:f0:76:0c:c9:91:20:77:da:fb:fc:34:46:5a:0b:
                    00:6d:f2:e1:5b:52:82:7d:01:97:23:54:33:c7:b8:
                    07:ab:6f:83:62:3a:eb:22:8c:21:37:eb:fd:9c:92:
                    15:57:66:92:a4:a8:a8:91:1b:80:43:c3:8d:78:9a:
                    07:e7:28:d9:74:33:8b:db:20:6e:cd:dd:aa:32:4b:
                    e7:8a:22:41:b8:02:8d:b0:53:d4:5a:0f:2f:a2:52:
                    32:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:0F:FE:15:69:79:C4:42:91:1C:54:7F:19:94:6F:26:3A:39:51:DC
            X509v3 Authority Key Identifier:
                keyid:5A:73:11:A3:1E:6B:53:A1:75:D1:91:35:B2:BC:99:3A:1F:B9:84:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnMRox5rU6F10ZE1sryZOh-5hLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e67781-171d-40d7-9037-1baa83c8a036/1/WnMRox5rU6F10ZE1sryZOh-5hLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:92:fe:5b:48:f9:bd:05:a5:9d:d4:33:1a:c7:b5:c4:90:48:
         d9:d7:fa:a5:3c:64:35:63:e6:93:75:4c:17:37:de:3a:64:c1:
         05:e2:f3:43:ca:67:65:9b:e9:8e:c9:aa:9f:2f:ba:37:19:c6:
         36:4d:25:46:e1:27:4a:92:fe:cc:32:29:80:18:b1:1e:d5:f6:
         9c:24:42:09:23:47:63:db:da:8a:99:cc:bd:f1:f1:c5:75:a4:
         75:2a:4a:93:fc:fd:f2:61:fe:82:6f:83:6d:0b:59:5d:89:66:
         9a:a5:d8:c7:17:ea:0c:41:5f:4b:37:a5:71:c6:df:70:e8:79:
         6d:5a:a8:9f:df:71:17:4d:9e:83:d1:d2:04:13:73:c3:f8:51:
         b6:6d:6c:77:d1:0d:d2:08:e7:a1:a5:0f:d0:6c:01:3c:e3:22:
         a8:e0:10:1c:16:1c:47:72:1c:5e:d9:47:fb:84:94:46:b8:5f:
         2e:54:64:27:12:c5:5f:d2:66:38:d6:1d:ab:24:2a:09:d4:8b:
         e4:70:7a:bc:1b:ef:f9:4a:ed:07:22:6a:70:a8:55:de:b5:7e:
         ab:51:88:2a:78:d6:0b:8c:ea:9b:40:37:7b:e8:23:e5:1f:8d:
         71:e4:24:10:60:3e:fc:fd:a1:ce:bc:db:68:4f:b7:be:71:3e:
         a0:14:6e:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36nlDYO9HOg2cOjPW4F9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzMxMWEzMWU2YjUzYTE3NWQxOTEzNWIyYmM5OTNhMWZi
OTg0YjEwHhcNMjUwNjI4MTkwMTI2WhcNMjUwNjI5MTkwMTI2WjAzMTEwLwYDVQQD
EyhiODBmZmUxNTY5NzljNDQyOTExYzU0N2YxOTk0NmYyNjNhMzk1MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7f20whwvqjPEVItqv4nvFayYnYO
v05D/iKO66b3XWCrkcee43znKsACtssBT5uI8OZlSjP66FWpJZW4SRikW4OOETLu
hAIAaqy9zfmVFPL8CV3N50W+XMByXOv7ghJvz7lxOedQM+4gz2kc+lzXtDunvYbg
5AP4OEJti1MGNGQG2m5PdO6j0YRNGdq2bgoa+ZrEcLUzjgdJeuNzHadOtaFQhmJE
8HYMyZEgd9r7/DRGWgsAbfLhW1KCfQGXI1Qzx7gHq2+DYjrrIowhN+v9nJIVV2aS
pKiokRuAQ8ONeJoH5yjZdDOL2yBuzd2qMkvniiJBuAKNsFPUWg8volIy9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgP/hVpecRCkRxUfxmUbyY6OVHcMB8GA1UdIwQY
MBaAFFpzEaMea1OhddGRNbK8mTofuYSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzct
MWJhYTgzYzhhMDM2LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lNjc3ODEtMTcxZC00MGQ3LTkwMzctMWJhYTgzYzhhMDM2
LzEvV25NUm94NXJVNkYxMFpFMXNyeVpPaC01aExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJL+W0j5
vQWlndQzGse1xJBI2df6pTxkNWPmk3VMFzfeOmTBBeLzQ8pnZZvpjsmqny+6NxnG
Nk0lRuEnSpL+zDIpgBixHtX2nCRCCSNHY9vaipnMvfHxxXWkdSpKk/z98mH+gm+D
bQtZXYlmmqXYxxfqDEFfSzelccbfcOh5bVqon99xF02eg9HSBBNzw/hRtm1sd9EN
0gjnoaUP0GwBPOMiqOAQHBYcR3IcXtlH+4SURrhfLlRkJxLFX9JmONYdqyQqCdSL
5HB6vBvv+UrtByJqcKhV3rV+q1GIKnjWC4zqm0A3e+gj5R+NceQkEGA+/P2hzrzb
aE+3vnE+oBRuIQ==
-----END CERTIFICATE-----