Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          Wvp7Z0gmpz+V4Sm0FrPsqC03pvoYj8hd0iEIWr2CUfE=
Subject key identifier:   CE:37:5F:FE:BD:D1:70:CC:05:37:0C:01:69:DB:B6:57:C1:CF:AB:B7
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       019768BC50FB77469BC5783340F66DEBD6A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 10:01:01 +0000
Manifest this update:     Fri 13 Jun 2025 10:01:01 +0000
Manifest next update:     Sat 14 Jun 2025 10:01:01 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: 0TeeCjAyyhrVk9tz14o4teWSGkz6ClCIwj93G4qct3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bc:50:fb:77:46:9b:c5:78:33:40:f6:6d:eb:d6:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Jun 13 10:01:01 2025 GMT
            Not After : Jun 14 10:01:01 2025 GMT
        Subject: CN=ce375ffebdd170cc05370c0169dbb657c1cfabb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ba:19:a1:1f:02:a6:7c:47:58:25:87:73:e5:
                    5a:94:6c:63:12:31:f4:79:68:8d:cf:04:af:f9:58:
                    8f:f4:92:64:42:52:4e:42:7a:4b:5f:17:28:8d:32:
                    6e:ea:17:de:8f:55:54:d5:dd:17:e9:10:6d:6f:82:
                    3e:9a:d6:8e:54:11:68:d9:c6:e0:19:3c:14:bb:e6:
                    49:be:19:d6:2a:05:e0:d7:eb:6a:4c:97:4e:4b:87:
                    8a:a4:33:21:ef:06:39:49:cc:e8:9c:4c:89:47:f9:
                    91:1b:d0:e8:3a:8c:30:d9:0e:66:7e:76:dc:d5:9f:
                    cf:9d:f0:3f:a9:be:74:cc:8d:81:39:fb:83:21:d9:
                    91:04:f9:0d:86:1b:a3:fb:68:83:30:03:11:ab:99:
                    59:64:a9:58:f2:c5:1e:07:13:be:25:70:c5:c5:64:
                    29:0d:5f:1d:f4:86:a8:4e:31:51:78:ee:70:65:a4:
                    a9:14:3d:97:63:b3:39:3e:31:c4:0e:c1:ff:87:a3:
                    6b:75:8a:d9:94:5b:19:66:56:36:dc:d7:53:96:e1:
                    66:f3:c4:7f:41:27:1e:72:58:c5:d8:8f:ef:62:14:
                    07:39:2b:59:77:b9:51:f7:13:a6:ed:d7:7e:fc:e4:
                    50:5e:c2:74:73:b1:41:78:89:f8:e3:e5:67:b9:be:
                    81:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:37:5F:FE:BD:D1:70:CC:05:37:0C:01:69:DB:B6:57:C1:CF:AB:B7
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:26:c7:5d:98:95:96:4a:50:5d:e1:1e:d8:e3:7c:a8:af:68:
         05:15:b0:db:fa:15:c3:26:12:d5:49:2d:77:74:11:8c:b9:78:
         56:8d:35:df:ec:d9:b0:22:ed:83:7e:52:13:b7:64:ac:39:8c:
         92:95:48:21:fe:4e:be:0d:fe:38:71:ba:f1:e4:00:dc:2d:b5:
         dd:f4:ec:71:59:4e:b8:ce:18:d7:66:d1:a0:00:7d:96:cf:46:
         96:e3:4c:75:41:a8:bf:23:e8:90:19:f6:d0:fc:1e:65:51:5b:
         50:74:64:37:87:98:c8:d7:92:b6:bd:5a:c7:b5:68:4e:86:1f:
         a0:4d:c9:bf:ef:f9:01:0c:12:44:1e:8a:89:13:fe:21:0c:70:
         f3:6b:c1:e5:2c:02:4f:9a:1d:9b:73:c0:50:3b:1f:55:8a:95:
         7b:91:d0:84:b1:e2:a3:31:82:09:ad:09:90:71:89:85:08:af:
         6a:60:5a:d9:cb:d3:28:8a:60:3a:fe:9a:a9:72:ad:01:66:43:
         23:2b:60:bd:02:40:bb:11:dd:b5:c1:fd:fc:7a:72:90:09:14:
         b4:df:d7:59:50:da:6d:6b:c2:3d:fd:f2:53:ef:d4:58:9d:e1:
         63:37:80:e4:9e:cf:29:7e:73:f3:36:21:ec:b4:7d:cb:a6:1f:
         b8:34:e9:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdovFD7d0abxXgzQPZt69ahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjUwNjEzMTAwMTAxWhcNMjUwNjE0MTAwMTAxWjAzMTEwLwYDVQQD
EyhjZTM3NWZmZWJkZDE3MGNjMDUzNzBjMDE2OWRiYjY1N2MxY2ZhYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlroZoR8CpnxHWCWHc+ValGxjEjH0
eWiNzwSv+ViP9JJkQlJOQnpLXxcojTJu6hfej1VU1d0X6RBtb4I+mtaOVBFo2cbg
GTwUu+ZJvhnWKgXg1+tqTJdOS4eKpDMh7wY5SczonEyJR/mRG9DoOoww2Q5mfnbc
1Z/PnfA/qb50zI2BOfuDIdmRBPkNhhuj+2iDMAMRq5lZZKlY8sUeBxO+JXDFxWQp
DV8d9IaoTjFReO5wZaSpFD2XY7M5PjHEDsH/h6NrdYrZlFsZZlY23NdTluFm88R/
QScecljF2I/vYhQHOStZd7lR9xOm7dd+/ORQXsJ0c7FBeIn44+Vnub6BUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM43X/690XDMBTcMAWnbtlfBz6u3MB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASibHXZiV
lkpQXeEe2ON8qK9oBRWw2/oVwyYS1Uktd3QRjLl4Vo013+zZsCLtg35SE7dkrDmM
kpVIIf5Ovg3+OHG68eQA3C213fTscVlOuM4Y12bRoAB9ls9GluNMdUGovyPokBn2
0PweZVFbUHRkN4eYyNeStr1ax7VoToYfoE3Jv+/5AQwSRB6KiRP+IQxw82vB5SwC
T5odm3PAUDsfVYqVe5HQhLHiozGCCa0JkHGJhQivamBa2cvTKIpgOv6aqXKtAWZD
IytgvQJAuxHdtcH9/HpykAkUtN/XWVDabWvCPf3yU+/UWJ3hYzeA5J7PKX5z8zYh
7LR9y6YfuDTp8g==
-----END CERTIFICATE-----