Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
File:                     xqnvrGfjS7iro4n_jw16HFZUM_0.mft (raw, json)
Hash identifier:          LukcZJPS3PC6DDglIDn/dE/9C9F4DPruqcHFTL9sNXg=
Subject key identifier:   22:50:0C:BC:5D:70:05:AE:D8:0C:D0:AD:23:DB:D9:3B:72:1B:3D:B4
Authority key identifier: C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD
Certificate issuer:       /CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
Certificate serial:       019874870627C74CE02FAA16B2912EFE817E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
Manifest number:          0D23
Signing time:             Mon 04 Aug 2025 10:01:02 +0000
Manifest this update:     Mon 04 Aug 2025 10:01:02 +0000
Manifest next update:     Tue 05 Aug 2025 10:01:02 +0000
Files and hashes:         1: xqnvrGfjS7iro4n_jw16HFZUM_0.crl (hash: XUnxObtzhntMciiLvG+VrP/WxVnb9FMQOC8ltdZjrD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 10:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:87:06:27:c7:4c:e0:2f:aa:16:b2:91:2e:fe:81:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
        Validity
            Not Before: Aug  4 10:01:02 2025 GMT
            Not After : Aug  5 10:01:02 2025 GMT
        Subject: CN=22500cbc5d7005aed80cd0ad23dbd93b721b3db4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:6e:ed:ed:f1:7e:2c:b9:03:96:e6:dd:80:fe:
                    e6:ba:c4:db:0e:96:a2:2a:ee:59:b3:5f:36:bd:43:
                    78:a3:9e:ae:60:c1:75:45:0a:b4:91:80:bb:fd:b6:
                    3f:ef:ca:c6:3e:99:f2:61:03:85:0a:1b:ca:59:aa:
                    c8:a3:79:b1:7f:8b:d1:73:5e:c3:37:6c:87:9d:c9:
                    ed:f6:bd:41:8e:f8:a8:e9:71:40:e7:17:e8:ae:6b:
                    4b:7e:5b:97:3c:c1:19:bd:39:82:fb:37:17:09:88:
                    26:1d:fb:ac:e5:01:59:67:2c:53:28:f1:22:bd:5c:
                    a8:a0:94:72:7c:44:f9:58:e7:b9:c2:f1:ee:67:6a:
                    db:06:cc:98:76:75:d6:66:11:a5:cc:70:bd:18:ca:
                    73:5a:e3:b3:69:3a:68:c8:39:49:16:25:23:a2:fe:
                    55:4c:9c:2e:98:a9:80:15:76:e9:21:82:c9:f2:7f:
                    56:8b:bc:dd:14:63:37:e5:b9:6d:e9:40:92:c6:b7:
                    51:cd:37:a6:a3:1b:e5:2f:3c:d9:a3:67:92:d9:29:
                    fe:a1:d7:75:28:02:e7:71:f6:61:14:09:ad:aa:9d:
                    30:01:96:30:cc:f1:50:9b:f0:ac:ba:53:b5:c4:b7:
                    cc:bf:3f:09:f8:f5:c4:2c:19:0c:c0:2e:62:8e:61:
                    4f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:50:0C:BC:5D:70:05:AE:D8:0C:D0:AD:23:DB:D9:3B:72:1B:3D:B4
            X509v3 Authority Key Identifier:
                keyid:C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:45:07:e9:9d:8b:84:d7:8d:19:db:56:cd:05:ed:27:a6:8d:
         19:fb:47:0a:49:c9:20:39:01:83:37:72:10:b5:60:54:5b:53:
         f7:6a:0e:fd:9f:b2:5a:93:7c:d2:05:f8:7f:91:7c:3a:b5:d7:
         43:25:a6:79:e6:0b:2a:b5:df:8c:87:d5:7a:82:e4:c7:b3:42:
         00:e7:99:e6:0d:c9:e0:e9:b7:8e:0b:38:ae:34:18:7d:80:2a:
         47:11:e0:70:46:b3:05:33:4d:cf:b3:5a:9d:02:8f:b0:2f:c0:
         a6:b6:e6:55:eb:b0:a1:05:09:10:60:b4:a9:bd:08:e5:82:13:
         ba:5c:07:fb:bb:ee:31:78:f5:e4:f0:31:07:d8:ed:97:8a:08:
         4a:a8:2d:8d:cd:1a:75:a6:a6:bd:8f:a9:6a:0a:b8:f5:0b:3f:
         98:19:38:f1:71:bf:56:94:fa:37:a8:99:29:de:24:ee:81:3f:
         bf:81:62:a5:43:7b:60:b3:84:5d:63:c8:81:75:8f:e2:1e:9f:
         b6:ae:dc:5c:50:a3:9f:fa:82:f7:58:e9:e8:23:ce:bc:56:8f:
         ac:9e:52:b1:e3:5c:97:1e:5b:47:91:b7:bd:30:99:af:d7:53:
         6a:7d:c6:c8:ca:46:12:30:48:a4:c8:17:92:a9:8c:8d:03:df:
         01:73:47:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0hwYnx0zgL6oWspEu/oF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTllZmFjNjdlMzRiYjhhYmEzODlmZjhmMGQ3YTFjNTY1
NDMzZmQwHhcNMjUwODA0MTAwMTAyWhcNMjUwODA1MTAwMTAyWjAzMTEwLwYDVQQD
EygyMjUwMGNiYzVkNzAwNWFlZDgwY2QwYWQyM2RiZDkzYjcyMWIzZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m7t7fF+LLkDlubdgP7musTbDpai
Ku5Zs182vUN4o56uYMF1RQq0kYC7/bY/78rGPpnyYQOFChvKWarIo3mxf4vRc17D
N2yHncnt9r1Bjvio6XFA5xformtLfluXPMEZvTmC+zcXCYgmHfus5QFZZyxTKPEi
vVyooJRyfET5WOe5wvHuZ2rbBsyYdnXWZhGlzHC9GMpzWuOzaTpoyDlJFiUjov5V
TJwumKmAFXbpIYLJ8n9Wi7zdFGM35blt6UCSxrdRzTemoxvlLzzZo2eS2Sn+odd1
KALncfZhFAmtqp0wAZYwzPFQm/CsulO1xLfMvz8J+PXELBkMwC5ijmFPnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJQDLxdcAWu2AzQrSPb2TtyGz20MB8GA1UdIwQY
MBaAFMap76xn40u4q6OJ/48NehxWVDP9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3Nzkt
ZGMzMzk0MmNhMTk3LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3NzktZGMzMzk0MmNhMTk3
LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEUH6Z2L
hNeNGdtWzQXtJ6aNGftHCknJIDkBgzdyELVgVFtT92oO/Z+yWpN80gX4f5F8OrXX
QyWmeeYLKrXfjIfVeoLkx7NCAOeZ5g3J4Om3jgs4rjQYfYAqRxHgcEazBTNNz7Na
nQKPsC/AprbmVeuwoQUJEGC0qb0I5YITulwH+7vuMXj15PAxB9jtl4oISqgtjc0a
daamvY+pagq49Qs/mBk48XG/VpT6N6iZKd4k7oE/v4FipUN7YLOEXWPIgXWP4h6f
tq7cXFCjn/qC91jp6CPOvFaPrJ5SseNclx5bR5G3vTCZr9dTan3GyMpGEjBIpMgX
kqmMjQPfAXNHEw==
-----END CERTIFICATE-----