Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
File:                     XOackdRTOWv6Fm8FG_jwbAOghcs.mft (raw, json)
Hash identifier:          V4GmIAXyRpy1Cu4dZs1UsDed/F/g8u8juOg3/QrVO98=
Subject key identifier:   01:6F:C0:08:CD:B5:4A:E0:16:F2:3A:1C:33:CE:C1:83:39:E8:C6:4A
Authority key identifier: 5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB
Certificate issuer:       /CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
Certificate serial:       0197696123140155D4881A8EAA14C510C9E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
Manifest number:          0A99
Signing time:             Fri 13 Jun 2025 13:01:03 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:03 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:03 +0000
Files and hashes:         1: XOackdRTOWv6Fm8FG_jwbAOghcs.crl (hash: 5poW34hvkSx9DpxwsyRFkuB59FGjvJZJVkLGYMwfPSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:23:14:01:55:d4:88:1a:8e:aa:14:c5:10:c9:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ce69c91d453396bfa166f051bf8f06c03a085cb
        Validity
            Not Before: Jun 13 13:01:03 2025 GMT
            Not After : Jun 14 13:01:03 2025 GMT
        Subject: CN=016fc008cdb54ae016f23a1c33cec18339e8c64a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fa:af:2f:33:23:1c:02:1c:c7:8e:74:48:2d:
                    41:19:cd:3f:aa:dc:61:c2:2b:85:9c:f8:17:75:b2:
                    c0:70:1a:ff:b4:d5:ef:7a:4e:dc:4f:17:8a:4a:b9:
                    2b:cb:85:35:57:44:b3:a6:16:c3:d4:10:31:09:ce:
                    93:c3:ed:9e:3c:66:83:5d:95:27:d1:52:79:11:db:
                    cc:e4:64:95:10:27:6b:85:e7:23:ff:74:ee:fb:d0:
                    b0:31:a8:6e:71:66:48:4e:78:45:1c:5a:c1:b6:29:
                    ce:71:85:d3:3d:e8:18:8a:2a:af:b1:37:51:19:9d:
                    12:95:14:3e:1c:ac:ec:94:d0:65:8b:db:68:2f:3d:
                    1e:8a:7f:18:93:7f:85:62:f4:8e:ac:a6:ca:c0:51:
                    dc:62:4e:b8:94:8c:18:f3:4f:bf:09:32:0e:a4:5c:
                    69:b8:32:49:1b:5a:14:57:b3:ab:38:3e:96:31:8d:
                    ce:89:43:60:51:b0:a9:1b:23:4c:b3:a9:7f:26:2a:
                    f4:bf:3e:32:39:04:8e:9b:8e:9e:54:36:6d:ef:95:
                    c8:77:6a:4e:54:2a:dc:bb:34:92:75:ee:dd:e3:e0:
                    ff:18:ff:21:86:7e:be:99:39:ec:4a:1d:11:93:0a:
                    69:04:01:fa:5a:d8:50:6f:0b:6a:cf:84:9d:cd:71:
                    1b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:6F:C0:08:CD:B5:4A:E0:16:F2:3A:1C:33:CE:C1:83:39:E8:C6:4A
            X509v3 Authority Key Identifier:
                keyid:5C:E6:9C:91:D4:53:39:6B:FA:16:6F:05:1B:F8:F0:6C:03:A0:85:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOackdRTOWv6Fm8FG_jwbAOghcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6e6dd8-1bca-4630-9574-a597ee637db4/1/XOackdRTOWv6Fm8FG_jwbAOghcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:82:de:33:0c:58:e1:ba:0b:b3:e2:0c:e0:cb:20:10:36:90:
         d0:29:fa:59:2a:74:6f:f3:36:5b:95:2c:3c:3d:4f:b9:93:88:
         03:53:02:01:14:39:1f:f5:f5:c4:d1:6f:87:33:89:aa:55:42:
         11:a7:70:59:07:85:8a:8e:e2:08:71:d0:1c:c0:dd:d5:12:b1:
         9d:d8:b7:a2:90:7d:65:27:38:b4:74:4c:16:2b:e5:ee:6c:db:
         95:3d:be:ce:14:81:be:b1:75:55:79:a0:f7:33:31:0f:fb:99:
         61:52:a1:0f:88:6d:95:86:05:09:8d:12:34:d9:42:6c:1c:db:
         75:89:43:95:4b:9a:f3:50:8f:a5:ce:9f:a6:0f:61:69:87:a7:
         8c:2c:40:49:6a:4e:c8:94:a9:e1:97:3b:2a:af:fe:09:f1:29:
         39:de:f8:92:bf:ae:1c:c9:b0:a6:84:90:6d:b4:7d:85:ae:38:
         57:83:be:4c:d0:c8:10:17:ef:e1:25:6a:20:d0:fa:c3:a0:1a:
         f1:3f:5c:7b:43:30:7a:97:fe:3b:50:76:03:37:06:c7:99:f5:
         d8:2f:fe:87:47:8d:6a:ec:89:33:b4:20:18:c6:f9:8d:7b:ec:
         85:00:c6:66:04:1c:84:04:46:05:46:71:4b:1d:c3:c9:1c:15:
         e4:af:04:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYSMUAVXUiBqOqhTFEMnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTY5YzkxZDQ1MzM5NmJmYTE2NmYwNTFiZjhmMDZjMDNh
MDg1Y2IwHhcNMjUwNjEzMTMwMTAzWhcNMjUwNjE0MTMwMTAzWjAzMTEwLwYDVQQD
EygwMTZmYzAwOGNkYjU0YWUwMTZmMjNhMWMzM2NlYzE4MzM5ZThjNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvqvLzMjHAIcx450SC1BGc0/qtxh
wiuFnPgXdbLAcBr/tNXvek7cTxeKSrkry4U1V0SzphbD1BAxCc6Tw+2ePGaDXZUn
0VJ5EdvM5GSVECdrhecj/3Tu+9CwMahucWZITnhFHFrBtinOcYXTPegYiiqvsTdR
GZ0SlRQ+HKzslNBli9toLz0ein8Yk3+FYvSOrKbKwFHcYk64lIwY80+/CTIOpFxp
uDJJG1oUV7OrOD6WMY3OiUNgUbCpGyNMs6l/Jir0vz4yOQSOm46eVDZt75XId2pO
VCrcuzSSde7d4+D/GP8hhn6+mTnsSh0RkwppBAH6WthQbwtqz4SdzXEb7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFvwAjNtUrgFvI6HDPOwYM56MZKMB8GA1UdIwQY
MBaAFFzmnJHUUzlr+hZvBRv48GwDoIXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQt
YTU5N2VlNjM3ZGI0LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ZTZkZDgtMWJjYS00NjMwLTk1NzQtYTU5N2VlNjM3ZGI0
LzEvWE9hY2tkUlRPV3Y2Rm04RkdfandiQU9naGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHYLeMwxY
4boLs+IM4MsgEDaQ0Cn6WSp0b/M2W5UsPD1PuZOIA1MCARQ5H/X1xNFvhzOJqlVC
EadwWQeFio7iCHHQHMDd1RKxndi3opB9ZSc4tHRMFivl7mzblT2+zhSBvrF1VXmg
9zMxD/uZYVKhD4htlYYFCY0SNNlCbBzbdYlDlUua81CPpc6fpg9haYenjCxASWpO
yJSp4Zc7Kq/+CfEpOd74kr+uHMmwpoSQbbR9ha44V4O+TNDIEBfv4SVqIND6w6Aa
8T9ce0Mwepf+O1B2AzcGx5n12C/+h0eNauyJM7QgGMb5jXvshQDGZgQchARGBUZx
Sx3DyRwV5K8Ekg==
-----END CERTIFICATE-----