Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          L82cA9hjzjOZTaJySNCG12c5YCBPVEtLmj4QousPdAo=
Subject key identifier:   53:62:93:B7:37:01:E0:58:B6:D3:B5:93:D5:9B:49:76:1B:63:FA:CA
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       01976D06F417C6513AB6222039C5599B25BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          0E2A
Signing time:             Sat 14 Jun 2025 06:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 06:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 06:01:01 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: cgW1S8eAl0/P9trPiQRjKFR07Fs9gDuQBM9qGrB+NsQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:f4:17:c6:51:3a:b6:22:20:39:c5:59:9b:25:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Jun 14 06:01:01 2025 GMT
            Not After : Jun 15 06:01:01 2025 GMT
        Subject: CN=536293b73701e058b6d3b593d59b49761b63faca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:43:be:80:85:1b:05:25:37:04:c3:80:c5:0a:
                    e6:51:93:8b:a1:34:70:f1:b4:11:68:bd:4f:e3:d2:
                    30:d4:47:63:5a:03:18:91:f5:f7:8a:7d:54:84:1b:
                    bc:26:c6:9a:07:5a:1b:42:8d:57:b5:5d:51:7d:11:
                    4c:51:5f:22:91:f6:ff:52:3a:b8:10:3d:85:2d:16:
                    09:10:6b:0a:92:0e:ca:be:93:1e:ee:ee:c1:c1:4f:
                    e5:1a:d3:5d:71:97:83:57:20:86:c1:1c:71:03:8f:
                    2a:47:e3:b2:a1:17:b5:fc:76:ca:53:0a:93:0e:14:
                    3e:8c:e6:ee:0f:c4:62:3d:fb:66:53:4e:55:d1:ff:
                    fe:c2:45:e2:85:ae:43:de:0c:38:34:00:60:c3:41:
                    72:39:9a:17:26:b5:83:10:ce:90:89:7e:7b:5e:17:
                    db:10:98:f6:60:82:9f:70:de:dc:ed:17:23:f3:ca:
                    83:90:c2:03:8b:7a:04:11:55:9b:48:df:4a:6f:ee:
                    9d:dc:33:e3:e8:37:32:28:7d:43:34:46:42:ce:af:
                    62:5a:f6:e6:41:7d:c7:34:b1:dd:c2:7c:3e:0e:b4:
                    d5:34:35:8c:25:30:f4:f8:8a:c3:6b:d7:99:3e:cb:
                    47:61:29:a2:6b:d0:3d:36:9a:5a:45:9f:4e:0a:e9:
                    99:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:62:93:B7:37:01:E0:58:B6:D3:B5:93:D5:9B:49:76:1B:63:FA:CA
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:d6:5c:ca:be:7b:27:e9:ae:6a:1a:e4:7b:b3:b7:7d:e1:29:
         f2:1b:eb:7b:dc:d8:96:df:98:b0:cf:9d:6e:53:b1:c7:fb:55:
         e2:94:9b:1d:44:a8:af:98:e5:77:3d:40:12:9a:f3:7a:d4:c5:
         06:ec:47:32:77:9c:23:6e:5f:d3:ef:9a:9e:f6:53:ab:cb:5b:
         e4:a0:37:97:32:4d:f8:d9:d7:d4:f8:d7:a2:0b:bb:aa:45:62:
         8a:50:3c:43:d9:1a:4f:2e:34:5f:fc:94:9c:73:28:c0:38:47:
         a2:56:5b:21:2a:38:a1:44:6d:91:20:cf:e0:4d:3b:fd:63:af:
         83:54:e6:5f:03:4f:aa:dc:ea:f3:91:58:fe:f6:4b:e4:c9:c2:
         fe:6c:1b:80:7c:a3:82:2f:af:a5:5c:88:02:53:52:0a:64:40:
         29:a3:23:bd:9b:f2:df:20:74:45:11:ba:4b:81:0b:8a:52:cd:
         29:db:82:80:f3:55:a7:b8:33:07:1f:c4:3c:10:e6:3f:ca:00:
         8e:49:41:29:42:05:7f:59:2b:ef:92:27:86:43:9c:ba:27:64:
         ef:27:96:f4:8e:e2:63:62:1d:b3:fe:df:18:a3:f0:bd:db:19:
         d4:5a:a2:c0:85:7c:d5:73:4d:20:7b:f1:ba:b1:c1:44:0a:37:
         a4:d4:d7:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBvQXxlE6tiIgOcVZmyW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjUwNjE0MDYwMTAxWhcNMjUwNjE1MDYwMTAxWjAzMTEwLwYDVQQD
Eyg1MzYyOTNiNzM3MDFlMDU4YjZkM2I1OTNkNTliNDk3NjFiNjNmYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUO+gIUbBSU3BMOAxQrmUZOLoTRw
8bQRaL1P49Iw1EdjWgMYkfX3in1UhBu8JsaaB1obQo1XtV1RfRFMUV8ikfb/Ujq4
ED2FLRYJEGsKkg7KvpMe7u7BwU/lGtNdcZeDVyCGwRxxA48qR+OyoRe1/HbKUwqT
DhQ+jObuD8RiPftmU05V0f/+wkXiha5D3gw4NABgw0FyOZoXJrWDEM6QiX57Xhfb
EJj2YIKfcN7c7Rcj88qDkMIDi3oEEVWbSN9Kb+6d3DPj6DcyKH1DNEZCzq9iWvbm
QX3HNLHdwnw+DrTVNDWMJTD0+IrDa9eZPstHYSmia9A9NppaRZ9OCumZqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNik7c3AeBYttO1k9WbSXYbY/rKMB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASdZcyr57
J+muahrke7O3feEp8hvre9zYlt+YsM+dblOxx/tV4pSbHUSor5jldz1AEprzetTF
BuxHMnecI25f0++anvZTq8tb5KA3lzJN+NnX1PjXogu7qkViilA8Q9kaTy40X/yU
nHMowDhHolZbISo4oURtkSDP4E07/WOvg1TmXwNPqtzq85FY/vZL5MnC/mwbgHyj
gi+vpVyIAlNSCmRAKaMjvZvy3yB0RRG6S4ELilLNKduCgPNVp7gzBx/EPBDmP8oA
jklBKUIFf1kr75InhkOcuidk7yeW9I7iY2Ids/7fGKPwvdsZ1FqiwIV81XNNIHvx
urHBRAo3pNTXTg==
-----END CERTIFICATE-----