Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          oxQTKCsBoW0El5x1U2xEtVFlsJNtieBZ58R8bLEOPMw=
Subject key identifier:   4E:B2:68:CF:32:BA:99:AB:87:6B:68:1D:43:3A:13:80:C1:B7:28:3E
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       0197B6A1CFBEDDF036C47466087A40EA5248
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          08D2
Signing time:             Sat 28 Jun 2025 13:02:27 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:27 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:27 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: L/nsAp6FP9gvO8CRBKRQ3KvXC7oWTnKcQypPmM9/Qx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:cf:be:dd:f0:36:c4:74:66:08:7a:40:ea:52:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Jun 28 13:02:27 2025 GMT
            Not After : Jun 29 13:02:27 2025 GMT
        Subject: CN=4eb268cf32ba99ab876b681d433a1380c1b7283e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4f:75:94:92:96:19:27:d9:99:42:89:0f:de:
                    ee:a6:a2:89:13:85:0e:11:52:00:9d:83:ef:a5:14:
                    36:20:97:1d:d6:b7:67:9d:da:cb:75:85:d4:08:c7:
                    ba:f3:3a:d0:9e:d1:0b:2a:56:38:64:f6:c2:5d:6d:
                    c5:6c:a1:d0:56:0f:b8:5c:0a:b3:e0:4d:11:3b:1b:
                    f3:19:a6:23:94:a3:49:7f:43:45:05:dc:2c:2d:88:
                    8c:c8:d2:a4:dd:6f:68:9c:e6:77:f1:fc:6e:b0:24:
                    40:34:63:b7:92:5c:83:5a:ae:9e:e4:23:86:b5:3d:
                    87:04:85:3a:25:7b:bf:64:5e:10:e3:62:f1:69:f5:
                    72:6c:65:21:95:dc:ed:fb:3e:d0:7e:2e:45:8c:e9:
                    da:18:34:76:43:17:e1:9f:b2:eb:a2:9a:87:70:64:
                    62:4d:ab:27:e4:3f:ce:80:23:0e:53:d8:7d:ae:29:
                    b5:f8:dc:6f:8d:51:36:2a:61:3b:8d:77:fb:83:17:
                    74:21:cf:65:6c:cb:5d:87:f4:7e:2d:6c:ca:f1:ba:
                    26:6f:f5:1d:ef:52:98:ad:b3:1d:38:ef:aa:20:28:
                    15:d7:1d:c4:bd:bd:d0:b9:24:ea:47:9f:61:a5:30:
                    e1:fa:64:cb:2d:6c:8a:d9:cc:44:db:11:7b:b0:7c:
                    03:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:B2:68:CF:32:BA:99:AB:87:6B:68:1D:43:3A:13:80:C1:B7:28:3E
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:15:1c:ed:0a:e2:fd:a7:1c:32:08:f4:58:85:4a:78:6f:ee:
         03:de:60:ed:b0:b9:a4:75:5e:c6:1c:0d:a3:6e:f1:d8:d7:59:
         a9:3c:28:f0:6f:24:8a:d9:a5:d5:05:d3:4f:80:c3:1d:9b:15:
         63:cf:34:76:ac:73:66:77:6e:15:c0:f2:9a:6f:9d:5b:ab:40:
         e5:88:78:4e:17:a8:98:94:6b:e2:f0:7d:25:1b:83:71:4d:f3:
         1e:6c:7a:04:6a:a4:1b:ca:31:5f:f8:bb:07:3a:77:d5:b3:a1:
         ea:8f:72:c6:6e:10:5d:0b:d9:0e:1a:ab:1f:15:f2:ea:5c:e8:
         d1:20:6a:ef:42:31:69:cf:fe:44:af:3f:af:b4:45:7a:80:a2:
         71:21:59:25:5a:4f:b2:de:46:ff:ec:4e:7c:f3:a3:b3:27:ab:
         1b:cb:ba:09:28:07:b4:d1:ff:21:ea:db:83:30:33:a3:eb:d7:
         63:6d:2a:7a:83:fb:1a:09:90:c5:e0:ee:c0:c9:9b:ea:80:aa:
         5a:43:1e:b7:f4:12:76:c3:ab:d3:e8:05:57:7a:49:da:57:4b:
         d1:80:bf:6e:ca:c5:b6:3b:d5:52:4b:e6:3c:ef:63:5b:60:5d:
         c8:69:20:d3:01:d5:ad:c3:99:7a:02:8b:16:28:22:0e:17:5f:
         4b:98:ec:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oc++3fA2xHRmCHpA6lJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjUwNjI4MTMwMjI3WhcNMjUwNjI5MTMwMjI3WjAzMTEwLwYDVQQD
Eyg0ZWIyNjhjZjMyYmE5OWFiODc2YjY4MWQ0MzNhMTM4MGMxYjcyODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU91lJKWGSfZmUKJD97upqKJE4UO
EVIAnYPvpRQ2IJcd1rdnndrLdYXUCMe68zrQntELKlY4ZPbCXW3FbKHQVg+4XAqz
4E0ROxvzGaYjlKNJf0NFBdwsLYiMyNKk3W9onOZ38fxusCRANGO3klyDWq6e5COG
tT2HBIU6JXu/ZF4Q42LxafVybGUhldzt+z7Qfi5FjOnaGDR2Qxfhn7LropqHcGRi
Tasn5D/OgCMOU9h9rim1+NxvjVE2KmE7jXf7gxd0Ic9lbMtdh/R+LWzK8bomb/Ud
71KYrbMdOO+qICgV1x3Evb3QuSTqR59hpTDh+mTLLWyK2cxE2xF7sHwDuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6yaM8yupmrh2toHUM6E4DBtyg+MB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRUc7Qri
/accMgj0WIVKeG/uA95g7bC5pHVexhwNo27x2NdZqTwo8G8kitml1QXTT4DDHZsV
Y880dqxzZnduFcDymm+dW6tA5Yh4TheomJRr4vB9JRuDcU3zHmx6BGqkG8oxX/i7
Bzp31bOh6o9yxm4QXQvZDhqrHxXy6lzo0SBq70Ixac/+RK8/r7RFeoCicSFZJVpP
st5G/+xOfPOjsyerG8u6CSgHtNH/IerbgzAzo+vXY20qeoP7GgmQxeDuwMmb6oCq
WkMet/QSdsOr0+gFV3pJ2ldL0YC/bsrFtjvVUkvmPO9jW2BdyGkg0wHVrcOZegKL
FigiDhdfS5js5w==
-----END CERTIFICATE-----