Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
File:                     Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json)
Hash identifier:          sKupkDM18Fh7dRlaFp+LF3qejsX0IFRV8OygwG1wn8E=
Subject key identifier:   CB:2E:B9:59:3E:31:F5:F4:D4:BA:68:C2:C4:A1:C3:02:6C:ED:BC:3E
Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B
Certificate issuer:       /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
Certificate serial:       01976BBD4C4085DD79A134EE8B4451C776E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
Manifest number:          0BE4
Signing time:             Sat 14 Jun 2025 00:00:57 +0000
Manifest this update:     Sat 14 Jun 2025 00:00:57 +0000
Manifest next update:     Sun 15 Jun 2025 00:00:57 +0000
Files and hashes:         1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: xAuIkTKSf3dVfV8vwN2Zv2tOUPNasmM4VbAah9CBXOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:4c:40:85:dd:79:a1:34:ee:8b:44:51:c7:76:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
        Validity
            Not Before: Jun 14 00:00:57 2025 GMT
            Not After : Jun 15 00:00:57 2025 GMT
        Subject: CN=cb2eb9593e31f5f4d4ba68c2c4a1c3026cedbc3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:0a:87:3f:12:88:ae:3b:92:85:c4:67:39:dd:
                    ec:7a:e7:2d:68:1a:ff:03:e0:f0:0c:74:5e:eb:dd:
                    8a:2a:4e:97:b9:a6:e8:8a:75:d2:8b:33:3b:c4:1d:
                    61:ff:69:90:bf:a7:d6:36:71:de:2d:c1:38:15:6d:
                    f2:ec:11:35:d3:ca:17:6f:d7:04:05:0b:4f:77:dc:
                    e9:e2:63:24:85:e5:2d:27:9f:8f:8f:e5:16:d4:53:
                    a8:3e:e8:16:ba:f9:2f:a0:00:5e:3a:d0:b1:51:02:
                    e4:9c:e0:aa:b5:cb:96:d3:4c:10:0c:c1:f5:ff:c0:
                    e1:d3:2b:d0:c7:b6:91:6f:6d:69:99:ec:4c:e2:e9:
                    81:2f:71:2d:af:e1:5e:0f:31:9f:5f:e1:75:89:67:
                    5a:bb:58:43:9b:b0:ad:7a:25:6a:a8:79:83:39:bf:
                    67:33:e2:df:9a:f4:c1:e7:6d:c7:15:a1:8a:8d:32:
                    1d:d2:e3:55:fc:37:3f:26:24:48:0d:5e:0a:18:e8:
                    da:c2:56:0e:3b:a6:a3:bd:cf:fb:08:41:0d:f4:24:
                    72:0e:a1:80:7c:e5:88:46:f0:12:00:ca:73:35:78:
                    aa:90:08:3a:7c:8c:4c:d2:86:e1:aa:9b:cb:ab:13:
                    24:b6:6d:13:2c:5b:14:d7:13:da:84:6b:1d:9d:b3:
                    5d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:2E:B9:59:3E:31:F5:F4:D4:BA:68:C2:C4:A1:C3:02:6C:ED:BC:3E
            X509v3 Authority Key Identifier:
                keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:1e:eb:53:da:eb:68:62:d4:52:40:6c:4e:17:49:c2:ba:08:
         7d:52:8d:e6:fc:5c:7c:15:7e:49:b3:4f:dd:f3:c7:cb:3e:5f:
         7d:54:70:8e:78:28:46:c4:0d:2c:b0:3b:25:b1:32:fa:a6:7e:
         1a:b8:56:12:9b:ef:b3:79:c1:b2:00:be:94:31:f7:fd:8f:93:
         36:3b:be:c1:c9:da:f7:1b:5e:8e:bf:9a:b5:0d:e4:33:4e:75:
         83:57:79:ae:15:27:10:6d:a1:6e:12:91:bc:e7:78:b3:cf:8e:
         48:21:78:b5:4b:4f:0b:68:74:f7:c3:25:74:c7:93:38:d0:54:
         d9:0b:e9:ca:47:8e:fa:94:35:3a:09:f5:01:fe:1e:b4:43:10:
         ae:b7:9d:27:7a:36:44:50:ed:02:5e:93:80:a0:45:5d:eb:e2:
         f8:ff:78:48:48:eb:92:2a:9d:a5:b0:a7:1a:da:cf:41:21:1c:
         dd:24:06:b5:7d:db:e2:ca:44:6d:8d:00:dc:57:6d:6f:9d:b1:
         95:29:91:7a:5a:a9:44:95:0e:6c:06:22:b7:93:20:cc:3f:0a:
         18:40:40:53:77:f8:6d:a4:f4:84:3c:cc:91:84:d8:e6:5d:19:
         75:33:26:14:59:5b:56:2a:c3:2c:a6:58:46:dc:1b:65:b1:d4:
         50:29:14:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvUxAhd15oTTui0RRx3bpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5
Yjc4M2IwHhcNMjUwNjE0MDAwMDU3WhcNMjUwNjE1MDAwMDU3WjAzMTEwLwYDVQQD
EyhjYjJlYjk1OTNlMzFmNWY0ZDRiYTY4YzJjNGExYzMwMjZjZWRiYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gqHPxKIrjuShcRnOd3seuctaBr/
A+DwDHRe692KKk6XuaboinXSizM7xB1h/2mQv6fWNnHeLcE4FW3y7BE108oXb9cE
BQtPd9zp4mMkheUtJ5+Pj+UW1FOoPugWuvkvoABeOtCxUQLknOCqtcuW00wQDMH1
/8Dh0yvQx7aRb21pmexM4umBL3Etr+FeDzGfX+F1iWdau1hDm7CteiVqqHmDOb9n
M+LfmvTB523HFaGKjTId0uNV/Dc/JiRIDV4KGOjawlYOO6ajvc/7CEEN9CRyDqGA
fOWIRvASAMpzNXiqkAg6fIxM0obhqpvLqxMktm0TLFsU1xPahGsdnbNdQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsuuVk+MfX01LpowsShwwJs7bw+MB8GA1UdIwQY
MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt
M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy
LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfh7rU9rr
aGLUUkBsThdJwroIfVKN5vxcfBV+SbNP3fPHyz5ffVRwjngoRsQNLLA7JbEy+qZ+
GrhWEpvvs3nBsgC+lDH3/Y+TNju+wcna9xtejr+atQ3kM051g1d5rhUnEG2hbhKR
vOd4s8+OSCF4tUtPC2h098MldMeTONBU2QvpykeO+pQ1Ogn1Af4etEMQrredJ3o2
RFDtAl6TgKBFXevi+P94SEjrkiqdpbCnGtrPQSEc3SQGtX3b4spEbY0A3Fdtb52x
lSmRelqpRJUObAYit5MgzD8KGEBAU3f4baT0hDzMkYTY5l0ZdTMmFFlbVirDLKZY
RtwbZbHUUCkUeQ==
-----END CERTIFICATE-----