Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          4WsvQbJQtXIHPwpNItmCRfii/sMwuYHAa0QY0JFywtc=
Subject key identifier:   15:E5:F4:BE:CC:3E:36:DB:57:A9:FF:0C:6E:07:EE:7F:8C:2B:54:C3
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       01976E877052B6413AE42290F449234D56EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0A72
Signing time:             Sat 14 Jun 2025 13:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:59 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: rXLYCj41OEAY/U8rZb/NRG56t/wpbb+6JWDlFBRTRhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:70:52:b6:41:3a:e4:22:90:f4:49:23:4d:56:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Jun 14 13:00:59 2025 GMT
            Not After : Jun 15 13:00:59 2025 GMT
        Subject: CN=15e5f4becc3e36db57a9ff0c6e07ee7f8c2b54c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ac:a2:a7:3b:10:23:4a:d6:63:7c:6a:fb:0e:
                    98:5e:22:95:cf:48:11:f3:97:a1:e5:a1:ab:73:eb:
                    7b:68:15:09:e0:de:46:69:a6:37:71:3f:91:c7:ea:
                    90:82:1a:45:f3:93:ad:6e:ff:dc:86:d6:3c:fa:ca:
                    8a:17:12:38:1c:fc:14:37:65:76:65:03:7e:f5:65:
                    56:96:53:2e:93:cf:1a:22:11:15:43:5c:86:34:6d:
                    15:ae:c8:b7:a9:a5:c6:84:f8:04:78:70:4e:19:e4:
                    45:06:18:0f:54:ab:04:a9:6c:27:97:08:ae:8c:34:
                    ca:0d:f8:f9:2a:e7:06:38:35:1a:a2:4f:a5:3e:f9:
                    e5:0e:1c:04:29:a8:af:cd:ba:c1:f1:4c:bb:f7:4c:
                    ca:f7:b3:e7:11:7a:d0:fa:0a:74:59:25:12:4e:bc:
                    c1:da:6c:8b:cb:1b:2f:c4:29:4b:4b:07:79:19:6f:
                    da:84:42:da:88:09:78:ba:a6:77:51:13:13:c9:71:
                    6a:9f:09:bd:53:02:8a:43:cd:c0:55:de:ab:25:a3:
                    2f:99:42:a6:0d:27:b1:6d:e0:24:a6:41:d3:e3:0d:
                    62:8e:e7:99:14:2f:ab:fe:c8:83:71:f3:67:71:4b:
                    28:b9:e0:18:39:06:6d:67:63:8d:5d:7c:b1:1c:d1:
                    79:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E5:F4:BE:CC:3E:36:DB:57:A9:FF:0C:6E:07:EE:7F:8C:2B:54:C3
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:d3:47:0c:47:8d:43:64:11:e3:84:31:ac:e6:ef:df:1e:a0:
         76:85:fb:0c:1b:52:f0:69:a5:4c:0a:3a:e0:60:5a:59:0c:e1:
         c6:89:e1:20:25:68:9f:9a:88:bf:34:92:9d:af:24:41:cf:d1:
         68:f2:94:10:41:d3:6e:3e:8a:67:b7:0e:0b:d4:54:78:fe:f9:
         8e:5f:97:d3:22:51:d9:78:14:98:a6:e8:e2:ee:85:8b:b8:55:
         58:ad:55:c3:40:57:f6:d8:e7:7a:84:ce:52:fa:86:20:4a:32:
         15:92:62:46:47:75:e0:62:ef:cd:c7:44:52:d0:57:48:d0:c4:
         24:88:df:cd:ea:1c:af:38:f0:2f:9e:6b:ee:b7:ea:67:b5:43:
         91:2d:8d:e8:19:16:96:9d:e5:0d:15:5a:e3:78:0f:d5:20:73:
         58:28:45:14:d4:b1:ca:6d:9c:3f:d9:f5:9c:68:42:c4:bd:9b:
         73:05:c8:44:e7:9e:07:b5:b7:1b:22:5e:d5:1f:e3:25:00:19:
         c3:51:ea:d2:da:3c:e6:d3:93:7f:30:9b:86:63:9b:50:db:3f:
         07:ee:bf:a5:5d:7f:74:7d:1c:18:9f:f5:e1:3d:ed:d4:88:ef:
         ce:e8:6e:31:61:4b:c1:79:be:2c:ba:d5:b6:12:2e:2b:11:d7:
         4e:67:b0:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduh3BStkE65CKQ9EkjTVbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNjE0MTMwMDU5WhcNMjUwNjE1MTMwMDU5WjAzMTEwLwYDVQQD
EygxNWU1ZjRiZWNjM2UzNmRiNTdhOWZmMGM2ZTA3ZWU3ZjhjMmI1NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKyipzsQI0rWY3xq+w6YXiKVz0gR
85eh5aGrc+t7aBUJ4N5GaaY3cT+Rx+qQghpF85Otbv/chtY8+sqKFxI4HPwUN2V2
ZQN+9WVWllMuk88aIhEVQ1yGNG0Vrsi3qaXGhPgEeHBOGeRFBhgPVKsEqWwnlwiu
jDTKDfj5KucGODUaok+lPvnlDhwEKaivzbrB8Uy790zK97PnEXrQ+gp0WSUSTrzB
2myLyxsvxClLSwd5GW/ahELaiAl4uqZ3URMTyXFqnwm9UwKKQ83AVd6rJaMvmUKm
DSexbeAkpkHT4w1ijueZFC+r/siDcfNncUsoueAYOQZtZ2ONXXyxHNF5lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXl9L7MPjbbV6n/DG4H7n+MK1TDMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtNHDEeN
Q2QR44QxrObv3x6gdoX7DBtS8GmlTAo64GBaWQzhxonhICVon5qIvzSSna8kQc/R
aPKUEEHTbj6KZ7cOC9RUeP75jl+X0yJR2XgUmKbo4u6Fi7hVWK1Vw0BX9tjneoTO
UvqGIEoyFZJiRkd14GLvzcdEUtBXSNDEJIjfzeocrzjwL55r7rfqZ7VDkS2N6BkW
lp3lDRVa43gP1SBzWChFFNSxym2cP9n1nGhCxL2bcwXIROeeB7W3GyJe1R/jJQAZ
w1Hq0to85tOTfzCbhmObUNs/B+6/pV1/dH0cGJ/14T3t1IjvzuhuMWFLwXm+LLrV
thIuKxHXTmewGw==
-----END CERTIFICATE-----