Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          TWAa0Jq6BPwplkMIrfudlBhqo4dcwBqoSkUDGB47nSw=
Subject key identifier:   79:1B:7B:F7:25:C6:77:3A:0C:41:BF:56:2D:99:CF:82:4D:A4:4B:B7
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       01976D3E7654F21824B3D910A7B981862C50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0CA1
Signing time:             Sat 14 Jun 2025 07:01:39 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:39 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:39 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: AqUamlSIa84T+xDkmmrnKdPXXC7D+VA186TdFWgi1CA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:76:54:f2:18:24:b3:d9:10:a7:b9:81:86:2c:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: Jun 14 07:01:39 2025 GMT
            Not After : Jun 15 07:01:39 2025 GMT
        Subject: CN=791b7bf725c6773a0c41bf562d99cf824da44bb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:24:9d:d3:19:4d:14:60:34:bb:ae:ae:54:b2:
                    42:e2:df:81:a1:5c:5c:b0:f5:92:b2:2c:63:82:b0:
                    62:08:d1:37:2b:15:e9:d8:9b:14:38:62:53:c1:d6:
                    d4:d3:b7:78:8a:c8:d5:2d:21:93:67:ff:bd:e9:ba:
                    6e:de:9d:af:ff:6d:40:e7:77:50:ba:76:2f:f8:a0:
                    2f:26:95:55:fb:91:ad:0e:54:f0:a1:26:f0:e9:33:
                    c4:40:20:b8:39:fe:62:d0:22:00:9e:e8:a6:d2:3d:
                    c2:8a:09:3d:1f:89:9c:ec:25:03:b9:60:66:06:2d:
                    84:ff:86:e3:12:ad:69:ee:ad:f4:dd:b6:59:37:2a:
                    26:e4:1f:09:82:41:55:b7:f1:90:33:cf:da:7b:84:
                    15:70:4f:92:67:d8:b6:f0:ce:1b:30:21:79:76:fa:
                    c5:3e:0e:6f:77:0a:c4:4f:9c:7a:8c:6a:65:64:6d:
                    da:ed:f2:40:fb:02:ae:dd:70:f7:90:a9:ed:a5:6e:
                    99:65:45:71:22:2d:38:9e:0c:2c:41:90:51:69:27:
                    82:20:8c:42:8b:37:96:16:08:b0:c1:07:7c:97:81:
                    a7:f9:6c:a5:ca:1e:10:47:e9:25:e7:7b:5f:df:28:
                    6b:05:ea:19:00:94:c5:d8:25:98:81:c1:e0:39:9b:
                    69:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:1B:7B:F7:25:C6:77:3A:0C:41:BF:56:2D:99:CF:82:4D:A4:4B:B7
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:83:c5:0f:0e:06:ba:c3:d1:d8:19:1c:63:30:3d:af:57:83:
         ac:70:3a:e7:47:78:fa:18:ac:c3:4c:4d:59:99:c3:b6:12:f5:
         94:f6:79:c0:2b:bd:6b:b1:69:45:8d:75:19:48:89:ad:8e:a4:
         ce:85:fa:93:e8:34:18:5e:84:47:a9:40:e0:3f:e7:5b:54:0d:
         6f:e8:7d:6a:a7:b5:ac:7b:76:32:60:68:44:2c:39:ca:76:5f:
         3f:e0:57:74:09:19:41:67:79:a7:ed:9c:ac:0f:9f:cf:ad:e5:
         2e:f6:5a:9c:a8:c5:04:41:c3:8f:10:44:8d:9a:43:69:79:8a:
         6f:46:43:85:a0:20:2b:5b:eb:78:57:62:45:09:51:e8:eb:e9:
         37:ec:54:9b:c7:13:31:be:03:5c:13:da:2d:b2:72:15:a5:46:
         43:8b:f3:86:49:42:6f:94:f9:5c:df:7e:73:e9:cf:da:a4:bd:
         5d:46:f4:73:fc:c9:db:e6:65:f2:8b:0e:2d:47:7c:31:56:bf:
         79:04:1c:84:73:d6:80:e4:30:41:14:2c:6f:c7:57:bb:83:79:
         3b:9f:fe:fa:1d:eb:1c:7b:5c:47:7d:36:4b:a4:3f:9d:a1:9b:
         43:8c:c1:88:ff:d2:0e:54:80:1b:aa:86:f1:22:dd:71:f3:d0:
         f9:c1:2a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPnZU8hgks9kQp7mBhixQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjUwNjE0MDcwMTM5WhcNMjUwNjE1MDcwMTM5WjAzMTEwLwYDVQQD
Eyg3OTFiN2JmNzI1YzY3NzNhMGM0MWJmNTYyZDk5Y2Y4MjRkYTQ0YmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSSd0xlNFGA0u66uVLJC4t+BoVxc
sPWSsixjgrBiCNE3KxXp2JsUOGJTwdbU07d4isjVLSGTZ/+96bpu3p2v/21A53dQ
unYv+KAvJpVV+5GtDlTwoSbw6TPEQCC4Of5i0CIAnuim0j3Cigk9H4mc7CUDuWBm
Bi2E/4bjEq1p7q303bZZNyom5B8JgkFVt/GQM8/ae4QVcE+SZ9i28M4bMCF5dvrF
Pg5vdwrET5x6jGplZG3a7fJA+wKu3XD3kKntpW6ZZUVxIi04ngwsQZBRaSeCIIxC
izeWFgiwwQd8l4Gn+Wylyh4QR+kl53tf3yhrBeoZAJTF2CWYgcHgOZtpPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkbe/clxnc6DEG/Vi2Zz4JNpEu3MB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoPFDw4G
usPR2BkcYzA9r1eDrHA650d4+hisw0xNWZnDthL1lPZ5wCu9a7FpRY11GUiJrY6k
zoX6k+g0GF6ER6lA4D/nW1QNb+h9aqe1rHt2MmBoRCw5ynZfP+BXdAkZQWd5p+2c
rA+fz63lLvZanKjFBEHDjxBEjZpDaXmKb0ZDhaAgK1vreFdiRQlR6OvpN+xUm8cT
Mb4DXBPaLbJyFaVGQ4vzhklCb5T5XN9+c+nP2qS9XUb0c/zJ2+Zl8osOLUd8MVa/
eQQchHPWgOQwQRQsb8dXu4N5O5/++h3rHHtcR302S6Q/naGbQ4zBiP/SDlSAG6qG
8SLdcfPQ+cEqjQ==
-----END CERTIFICATE-----