Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          dNTAGancxpQ85gg0kL5zw9fvFmuw2lj4+oTeVXuYzxw=
Subject key identifier:   55:33:1A:9F:A1:50:1A:96:BB:A1:2D:16:8F:E0:DC:F5:29:08:08:94
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       0197B96AEED328FE14F14FAA1636BCFD5A3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          0FAE
Signing time:             Sun 29 Jun 2025 02:01:22 +0000
Manifest this update:     Sun 29 Jun 2025 02:01:22 +0000
Manifest next update:     Mon 30 Jun 2025 02:01:22 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: sqeqNEZF9oqX60WVctHy4lkiPh88F2sXSI4dTDL+9Xw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:6a:ee:d3:28:fe:14:f1:4f:aa:16:36:bc:fd:5a:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Jun 29 02:01:22 2025 GMT
            Not After : Jun 30 02:01:22 2025 GMT
        Subject: CN=55331a9fa1501a96bba12d168fe0dcf529080894
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:be:89:bc:d5:74:ea:89:c8:54:60:94:72:78:
                    f9:0f:65:43:22:83:59:a0:1b:7c:d9:7d:24:e6:2c:
                    9c:f0:fa:7d:8d:2e:28:f5:d1:60:d3:12:a7:54:00:
                    dc:17:c0:9d:6a:9f:21:e7:7f:a2:43:95:a9:03:81:
                    6f:01:ad:c7:3b:01:30:d7:99:48:78:a2:a7:c8:5d:
                    ff:3e:52:b4:56:ae:c0:63:62:79:28:9e:81:87:ee:
                    a7:3d:64:df:9b:ee:2b:ba:0d:ce:be:48:60:9a:8c:
                    5c:80:0d:f0:39:20:dc:e1:fc:94:49:82:bc:c8:61:
                    12:72:49:f5:17:50:c4:1e:c6:08:ab:12:46:2e:55:
                    ab:da:fc:37:c6:be:04:c6:af:5c:e9:7a:09:92:68:
                    00:c0:ce:9b:81:b4:c0:76:41:dd:66:ad:34:0d:25:
                    50:18:19:d2:a6:a4:72:95:e9:ef:10:33:30:e5:2f:
                    a0:7e:94:40:91:ac:4e:54:66:90:ad:07:1e:b2:dd:
                    4f:7c:cc:e9:34:f3:27:1c:ef:22:aa:64:7c:56:7c:
                    d3:44:b3:5d:f3:1d:6f:45:25:1d:b1:68:62:49:5a:
                    89:35:69:ce:9d:ef:a6:c5:fd:c2:0c:92:da:31:8f:
                    9b:2d:72:6e:0e:db:12:f4:f4:6f:b2:60:12:fa:c4:
                    1d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:33:1A:9F:A1:50:1A:96:BB:A1:2D:16:8F:E0:DC:F5:29:08:08:94
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:c7:82:a0:fc:02:a2:47:9d:27:54:c6:a8:1e:1a:6e:a7:97:
         31:6f:bc:f2:95:8a:4f:9a:32:a3:93:9c:b5:77:af:96:9a:36:
         2b:ec:a2:86:e2:4e:61:36:19:42:8d:0e:86:a8:b9:4f:ba:7c:
         52:53:b3:63:27:50:c1:4e:a5:d6:d2:35:b3:3c:3b:0b:d2:22:
         55:ce:d3:3e:d6:57:b1:2b:14:12:a8:7e:f6:01:ce:1e:e7:82:
         b6:f2:c2:2d:0a:5f:13:cf:c6:70:2c:4a:a6:49:73:e0:67:bd:
         7a:73:46:fb:46:33:ff:a4:59:ab:e3:b6:e4:e4:21:6c:dd:e8:
         24:74:87:fb:67:43:8e:e1:ba:4b:a0:48:c2:75:e8:8f:28:33:
         a4:d4:82:60:4b:15:3b:39:17:65:79:ee:fc:1a:c3:81:ac:d2:
         e0:48:5b:a3:1b:d6:2e:b0:95:39:21:2a:59:63:b3:c7:93:8a:
         b5:53:ce:e3:ed:fe:0b:aa:f7:fe:3b:96:03:38:5b:03:53:42:
         69:9c:4e:cb:f3:82:87:46:af:96:92:6c:c0:76:5e:67:52:a3:
         82:e6:5a:3d:ed:62:08:24:b5:71:9c:b7:75:0e:11:aa:6f:86:
         f5:f8:b4:07:0c:d8:b9:4c:b0:ab:63:fa:be:91:a4:a9:d1:12:
         8d:51:11:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5au7TKP4U8U+qFja8/Vo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjUwNjI5MDIwMTIyWhcNMjUwNjMwMDIwMTIyWjAzMTEwLwYDVQQD
Eyg1NTMzMWE5ZmExNTAxYTk2YmJhMTJkMTY4ZmUwZGNmNTI5MDgwODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp76JvNV06onIVGCUcnj5D2VDIoNZ
oBt82X0k5iyc8Pp9jS4o9dFg0xKnVADcF8Cdap8h53+iQ5WpA4FvAa3HOwEw15lI
eKKnyF3/PlK0Vq7AY2J5KJ6Bh+6nPWTfm+4rug3OvkhgmoxcgA3wOSDc4fyUSYK8
yGESckn1F1DEHsYIqxJGLlWr2vw3xr4Exq9c6XoJkmgAwM6bgbTAdkHdZq00DSVQ
GBnSpqRylenvEDMw5S+gfpRAkaxOVGaQrQcest1PfMzpNPMnHO8iqmR8VnzTRLNd
8x1vRSUdsWhiSVqJNWnOne+mxf3CDJLaMY+bLXJuDtsS9PRvsmAS+sQdRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUzGp+hUBqWu6EtFo/g3PUpCAiUMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoceCoPwC
okedJ1TGqB4abqeXMW+88pWKT5oyo5OctXevlpo2K+yihuJOYTYZQo0Ohqi5T7p8
UlOzYydQwU6l1tI1szw7C9IiVc7TPtZXsSsUEqh+9gHOHueCtvLCLQpfE8/GcCxK
pklz4Ge9enNG+0Yz/6RZq+O25OQhbN3oJHSH+2dDjuG6S6BIwnXojygzpNSCYEsV
OzkXZXnu/BrDgazS4EhboxvWLrCVOSEqWWOzx5OKtVPO4+3+C6r3/juWAzhbA1NC
aZxOy/OCh0avlpJswHZeZ1KjguZaPe1iCCS1cZy3dQ4Rqm+G9fi0BwzYuUywq2P6
vpGkqdESjVERdw==
-----END CERTIFICATE-----