Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          QzTuDo/1YO7lzfo5quBqRsJuIUEpnMuEdihmgbD4TcY=
Subject key identifier:   BD:D2:C2:65:A6:4E:9D:23:77:D8:20:6B:B1:BA:4E:E2:1A:6C:C1:98
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       01976E195DBB6E04715530CB00FEC3B3E3ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          062A
Signing time:             Sat 14 Jun 2025 11:00:45 +0000
Manifest this update:     Sat 14 Jun 2025 11:00:45 +0000
Manifest next update:     Sun 15 Jun 2025 11:00:45 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: WuFQ7ZZrgpA79exqLZj8vshSxpkeJ3mVCDQ4HPP6pUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:19:5d:bb:6e:04:71:55:30:cb:00:fe:c3:b3:e3:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Jun 14 11:00:45 2025 GMT
            Not After : Jun 15 11:00:45 2025 GMT
        Subject: CN=bdd2c265a64e9d2377d8206bb1ba4ee21a6cc198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:80:0e:37:fe:16:d2:5f:5c:6d:8c:f5:e5:9e:
                    b5:af:98:7a:5f:f0:00:27:3d:2c:26:4c:7e:27:b5:
                    50:65:0d:f5:08:58:eb:c6:44:04:f5:a2:61:0e:b0:
                    fd:e4:58:1d:d9:b1:70:18:9a:d8:83:52:a3:32:91:
                    61:39:8b:b4:e1:35:d8:20:b7:f1:f7:b2:c8:77:90:
                    04:54:22:7a:e7:ef:af:6b:37:ca:b1:6b:f2:ea:83:
                    ee:d0:77:25:c9:8f:56:02:98:1a:0e:e1:aa:1d:8f:
                    41:a8:de:be:7d:50:48:db:34:17:c8:77:18:10:f7:
                    8a:a3:2f:8a:9e:a6:ed:bd:59:34:85:be:e1:d1:c5:
                    5a:a2:bb:56:68:77:ca:fd:0a:19:54:80:f6:da:48:
                    02:76:e4:89:50:3b:0c:f6:23:f3:12:f2:57:43:06:
                    2e:93:14:ab:7e:a1:23:51:94:71:2f:a9:f5:98:cc:
                    84:83:9b:c0:be:ec:98:e9:b7:d3:16:4c:2a:7e:11:
                    e1:94:31:32:2c:ba:8d:7c:b5:60:b8:32:80:8b:0b:
                    de:21:52:3c:d4:08:19:df:50:fc:7f:a2:10:58:4b:
                    90:54:ec:fa:c5:42:0f:e0:0c:de:92:eb:52:7d:a1:
                    2e:0e:44:a4:d7:b8:7e:bb:8e:7b:0b:89:7c:6d:33:
                    b4:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:D2:C2:65:A6:4E:9D:23:77:D8:20:6B:B1:BA:4E:E2:1A:6C:C1:98
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f6:d2:6a:81:d2:aa:76:bf:dd:5c:56:76:ec:f9:1b:b7:de:
         61:e3:96:99:05:a5:49:3e:d7:4f:99:78:4f:63:25:94:28:10:
         c8:f0:cd:d2:7a:8e:70:84:58:11:f6:e8:fa:fe:51:09:22:1f:
         7b:91:5e:58:d5:95:6f:34:e7:a0:21:19:85:12:4c:9a:36:dd:
         43:21:ff:32:17:37:c3:53:9f:47:64:98:2b:c4:29:65:36:ac:
         59:ba:fb:09:56:29:05:c4:da:aa:c8:57:d6:1a:83:40:d4:77:
         35:bf:d3:6a:75:1f:fe:62:40:ba:5f:39:20:6d:e4:8a:0f:57:
         8d:eb:d2:62:38:4f:20:c4:0c:0c:d0:0e:ca:4f:01:72:d5:ea:
         24:4d:d2:d9:ad:ce:0b:0e:0d:35:e7:24:be:ee:4c:13:30:d3:
         2e:55:51:5b:4a:ae:5d:d9:fe:00:d7:1f:d2:bd:6a:4a:61:19:
         6d:d2:7d:fc:bd:87:c2:8e:ed:1c:44:c2:74:e2:aa:4b:4f:14:
         92:13:e7:a5:85:f3:c2:a0:3d:f3:5f:c6:30:24:76:cc:7a:2a:
         7a:7d:6f:d0:08:89:8d:f1:1f:96:3e:59:b7:af:ca:9d:02:de:
         32:a2:d0:12:6c:89:b1:cf:5d:1e:92:98:f3:0c:f2:bf:b1:de:
         9c:db:6c:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduGV27bgRxVTDLAP7Ds+PtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNjE0MTEwMDQ1WhcNMjUwNjE1MTEwMDQ1WjAzMTEwLwYDVQQD
EyhiZGQyYzI2NWE2NGU5ZDIzNzdkODIwNmJiMWJhNGVlMjFhNmNjMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IAON/4W0l9cbYz15Z61r5h6X/AA
Jz0sJkx+J7VQZQ31CFjrxkQE9aJhDrD95Fgd2bFwGJrYg1KjMpFhOYu04TXYILfx
97LId5AEVCJ65++vazfKsWvy6oPu0HclyY9WApgaDuGqHY9BqN6+fVBI2zQXyHcY
EPeKoy+KnqbtvVk0hb7h0cVaortWaHfK/QoZVID22kgCduSJUDsM9iPzEvJXQwYu
kxSrfqEjUZRxL6n1mMyEg5vAvuyY6bfTFkwqfhHhlDEyLLqNfLVguDKAiwveIVI8
1AgZ31D8f6IQWEuQVOz6xUIP4AzekutSfaEuDkSk17h+u457C4l8bTO0NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3SwmWmTp0jd9gga7G6TuIabMGYMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPbSaoHS
qna/3VxWduz5G7feYeOWmQWlST7XT5l4T2MllCgQyPDN0nqOcIRYEfbo+v5RCSIf
e5FeWNWVbzTnoCEZhRJMmjbdQyH/Mhc3w1OfR2SYK8QpZTasWbr7CVYpBcTaqshX
1hqDQNR3Nb/TanUf/mJAul85IG3kig9XjevSYjhPIMQMDNAOyk8BctXqJE3S2a3O
Cw4NNeckvu5MEzDTLlVRW0quXdn+ANcf0r1qSmEZbdJ9/L2Hwo7tHETCdOKqS08U
khPnpYXzwqA981/GMCR2zHoqen1v0AiJjfEflj5Zt6/KnQLeMqLQEmyJsc9dHpKY
8wzyv7HenNtsSA==
-----END CERTIFICATE-----