Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          2Rxe2m5Wxh+XyIEUtN7NPdqANBHZqJWVAjZ9P3SPTXE=
Subject key identifier:   4E:95:41:3C:C5:C2:42:AB:7D:91:62:94:95:0F:F4:9F:BF:24:B7:06
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       0197B70F44758999B9D0119AAD184C996575
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1545
Signing time:             Sat 28 Jun 2025 15:02:00 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:00 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:00 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: h/+ebdCmAurGDXu1d05t5PvYV25nWZDAn9yzjnjpgWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:44:75:89:99:b9:d0:11:9a:ad:18:4c:99:65:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Jun 28 15:02:00 2025 GMT
            Not After : Jun 29 15:02:00 2025 GMT
        Subject: CN=4e95413cc5c242ab7d916294950ff49fbf24b706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:36:41:da:4d:ff:e5:08:e6:1d:ab:4d:60:5a:
                    d0:67:96:25:2e:59:50:07:86:b3:84:4d:88:fd:74:
                    f6:99:83:57:44:b9:85:71:ee:b1:7a:1a:4d:90:f7:
                    12:64:1b:58:96:fa:93:bd:c1:53:62:15:a4:8e:80:
                    8c:7d:de:07:cd:d8:8d:38:05:f2:57:d2:da:c3:f7:
                    9a:6c:04:96:db:68:c1:be:9e:da:58:f1:27:2a:8c:
                    eb:31:57:35:7f:ed:92:c6:2b:8f:bb:6a:33:18:50:
                    49:f9:da:8c:57:0a:26:b7:c3:fb:4e:c4:16:21:bd:
                    2b:57:6a:4c:83:8c:21:84:3b:50:9a:60:eb:0d:07:
                    25:7f:47:a4:d3:5d:66:eb:e3:44:09:b1:a4:51:c1:
                    4f:2d:86:c9:f2:f7:10:cf:52:73:40:e5:a2:bb:40:
                    ce:93:6f:16:a0:03:f1:b1:5f:d9:ff:18:e8:12:86:
                    32:77:e5:19:16:29:3a:e1:9e:04:57:5c:ad:26:6b:
                    4e:29:51:f2:e2:cd:be:7d:db:a5:86:dc:12:25:25:
                    07:03:0c:0c:de:58:2b:28:34:6d:07:31:ed:75:f8:
                    08:60:84:ea:8d:71:6e:b5:4b:0f:2e:25:14:c1:bd:
                    48:bf:d4:a1:30:fb:2e:b4:74:34:64:90:81:d8:e5:
                    2e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:95:41:3C:C5:C2:42:AB:7D:91:62:94:95:0F:F4:9F:BF:24:B7:06
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:77:d8:1e:ea:3a:83:c6:3f:10:54:43:85:85:3e:bc:91:04:
         17:71:7a:5c:1c:8b:cc:f6:0e:b4:21:14:eb:b5:81:7a:02:f3:
         43:de:f7:1d:11:ab:12:37:b8:09:64:89:7e:90:5c:b8:42:d7:
         ad:76:b2:81:d4:19:d6:5c:96:81:f1:e3:83:2f:75:22:9d:a5:
         61:56:de:f7:80:31:59:77:e4:5d:82:06:e0:e8:72:d3:06:dc:
         53:b5:10:10:55:75:f3:2b:9c:95:6b:15:a5:b2:1e:25:a9:d6:
         02:b2:01:b9:a3:e1:57:42:fc:fd:0e:f0:55:02:a7:ae:af:68:
         2b:bf:70:c2:bd:44:99:89:1c:b2:99:cf:cc:50:99:e2:d6:74:
         55:e4:02:06:1e:3f:bc:ea:61:95:b6:1c:2f:a5:06:08:c2:9c:
         00:dd:06:bb:ed:7a:6d:66:f3:a1:50:ec:f9:96:a9:b0:c6:cd:
         77:bd:be:a1:a2:c7:91:64:59:f8:4f:83:5c:45:da:4c:df:f0:
         45:cd:c8:9a:3d:a6:da:2d:bf:d1:36:18:4a:65:ba:a7:01:bf:
         94:6e:c4:73:90:64:0d:e6:0c:8d:a5:85:99:76:0e:a8:e8:e1:
         80:2f:fd:0d:5f:c1:0a:64:de:5a:6c:cc:02:ff:78:c3:d8:85:
         89:4d:34:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D0R1iZm50BGarRhMmWV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwNjI4MTUwMjAwWhcNMjUwNjI5MTUwMjAwWjAzMTEwLwYDVQQD
Eyg0ZTk1NDEzY2M1YzI0MmFiN2Q5MTYyOTQ5NTBmZjQ5ZmJmMjRiNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTZB2k3/5QjmHatNYFrQZ5YlLllQ
B4azhE2I/XT2mYNXRLmFce6xehpNkPcSZBtYlvqTvcFTYhWkjoCMfd4HzdiNOAXy
V9Law/eabASW22jBvp7aWPEnKozrMVc1f+2SxiuPu2ozGFBJ+dqMVwomt8P7TsQW
Ib0rV2pMg4whhDtQmmDrDQclf0ek011m6+NECbGkUcFPLYbJ8vcQz1JzQOWiu0DO
k28WoAPxsV/Z/xjoEoYyd+UZFik64Z4EV1ytJmtOKVHy4s2+fdulhtwSJSUHAwwM
3lgrKDRtBzHtdfgIYITqjXFutUsPLiUUwb1Iv9ShMPsutHQ0ZJCB2OUurQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6VQTzFwkKrfZFilJUP9J+/JLcGMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXfYHuo6
g8Y/EFRDhYU+vJEEF3F6XByLzPYOtCEU67WBegLzQ973HRGrEje4CWSJfpBcuELX
rXaygdQZ1lyWgfHjgy91Ip2lYVbe94AxWXfkXYIG4Ohy0wbcU7UQEFV18yuclWsV
pbIeJanWArIBuaPhV0L8/Q7wVQKnrq9oK79wwr1EmYkcspnPzFCZ4tZ0VeQCBh4/
vOphlbYcL6UGCMKcAN0Gu+16bWbzoVDs+ZapsMbNd72+oaLHkWRZ+E+DXEXaTN/w
Rc3Imj2m2i2/0TYYSmW6pwG/lG7Ec5BkDeYMjaWFmXYOqOjhgC/9DV/BCmTeWmzM
Av94w9iFiU00FQ==
-----END CERTIFICATE-----