Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          c9dWjhX+Vr51zRGUW5uNP6gm1cxD9Z5ENTGOdVTItNU=
Subject key identifier:   FD:DE:CA:DA:3A:90:EE:6E:CD:A5:D1:F7:10:AA:D5:CF:C0:7F:BB:45
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       01976D3E30492096D394F519CF862D6C2D53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 07:01:21 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:21 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:21 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: medIX/+fxCQcecq2o/vF52lrLTG+y+A2B/b8UQ9JNxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:30:49:20:96:d3:94:f5:19:cf:86:2d:6c:2d:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Jun 14 07:01:21 2025 GMT
            Not After : Jun 15 07:01:21 2025 GMT
        Subject: CN=fddecada3a90ee6ecda5d1f710aad5cfc07fbb45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:51:d1:63:9e:29:ce:a3:5b:44:34:83:6b:d0:
                    96:59:c9:07:aa:e9:1e:c9:72:28:5c:da:a5:d0:ad:
                    ff:d3:e9:55:f1:e2:f3:cc:c6:12:9a:c3:e5:41:54:
                    68:42:72:79:c1:ab:f0:c9:46:08:c3:58:b2:22:c5:
                    5a:ff:a6:e7:13:a2:04:65:06:46:f1:c9:29:06:f9:
                    9e:b3:7b:c9:37:a9:1e:0a:55:f2:92:4d:13:08:3d:
                    77:58:36:d5:a7:f4:ec:a8:ea:a1:5d:d8:1a:6b:16:
                    28:10:a7:3b:bb:25:5b:ed:27:d6:be:0a:82:e3:f8:
                    a6:4b:96:7d:04:a2:4d:9a:a6:83:6c:76:ee:95:02:
                    af:21:2c:07:73:af:95:3b:33:e3:c8:16:70:1e:9d:
                    35:4a:33:19:dc:75:7e:6e:05:da:2c:c9:68:f1:cf:
                    4c:9e:9b:e2:c6:79:32:85:2c:b2:20:dd:98:89:76:
                    ac:ee:1c:50:fc:2e:3f:de:cb:ba:fa:23:1c:03:52:
                    b6:79:c2:18:f5:79:a5:b0:21:53:df:2a:64:d7:35:
                    6d:d2:8b:3a:7a:f6:c0:1f:84:4f:fb:5a:dc:b1:ec:
                    d0:7b:09:9a:be:c1:81:eb:a4:47:a2:68:3e:69:ff:
                    94:50:24:12:45:4f:b3:47:82:12:83:0a:e5:e8:bf:
                    08:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:DE:CA:DA:3A:90:EE:6E:CD:A5:D1:F7:10:AA:D5:CF:C0:7F:BB:45
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ca:7a:4e:08:37:1a:28:97:eb:54:b0:7d:f5:41:00:d9:ea:
         30:0f:22:da:3d:e3:6e:9e:0f:14:61:46:94:71:74:c9:df:b0:
         5a:e1:72:7a:f9:fe:d7:7a:51:4b:29:99:a4:ef:76:5d:e8:1d:
         dd:80:6a:cf:75:e2:76:6d:b8:d9:19:ad:08:01:a4:61:ee:02:
         be:d5:97:ca:69:42:0e:e4:c0:46:7e:87:b9:e7:d2:1e:32:47:
         e4:9e:cf:ff:32:11:e2:19:8c:d8:e0:98:85:42:2a:3f:31:63:
         98:ed:ec:f6:35:62:50:ea:b0:c8:a6:b0:98:26:0d:2b:17:a1:
         eb:dc:6f:88:17:5a:04:aa:a8:15:30:08:d8:42:be:22:fb:a9:
         5a:27:ff:e4:52:de:71:4b:5f:38:1f:32:3a:c3:a0:84:94:29:
         38:21:03:6f:bb:1a:21:f9:c7:b3:61:b4:4c:7f:d7:da:24:c1:
         04:2c:22:1d:7a:4e:12:f2:2a:db:51:2d:bb:1a:28:b2:08:72:
         43:6e:e1:7b:56:e0:65:52:e6:1c:bb:50:5c:77:77:f4:c9:fe:
         cc:81:9a:88:5c:0c:0b:69:9a:3e:50:54:c3:be:00:62:cf:ac:
         68:2b:2b:ec:6c:88:5b:2a:d0:89:8a:07:30:31:13:af:07:d8:
         39:55:44:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPjBJIJbTlPUZz4YtbC1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjUwNjE0MDcwMTIxWhcNMjUwNjE1MDcwMTIxWjAzMTEwLwYDVQQD
EyhmZGRlY2FkYTNhOTBlZTZlY2RhNWQxZjcxMGFhZDVjZmMwN2ZiYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlHRY54pzqNbRDSDa9CWWckHquke
yXIoXNql0K3/0+lV8eLzzMYSmsPlQVRoQnJ5wavwyUYIw1iyIsVa/6bnE6IEZQZG
8ckpBvmes3vJN6keClXykk0TCD13WDbVp/TsqOqhXdgaaxYoEKc7uyVb7SfWvgqC
4/imS5Z9BKJNmqaDbHbulQKvISwHc6+VOzPjyBZwHp01SjMZ3HV+bgXaLMlo8c9M
npvixnkyhSyyIN2YiXas7hxQ/C4/3su6+iMcA1K2ecIY9XmlsCFT3ypk1zVt0os6
evbAH4RP+1rcsezQewmavsGB66RHomg+af+UUCQSRU+zR4ISgwrl6L8IpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3eyto6kO5uzaXR9xCq1c/Af7tFMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsp6Tgg3
GiiX61SwffVBANnqMA8i2j3jbp4PFGFGlHF0yd+wWuFyevn+13pRSymZpO92Xegd
3YBqz3Xidm242RmtCAGkYe4CvtWXymlCDuTARn6HuefSHjJH5J7P/zIR4hmM2OCY
hUIqPzFjmO3s9jViUOqwyKawmCYNKxeh69xviBdaBKqoFTAI2EK+IvupWif/5FLe
cUtfOB8yOsOghJQpOCEDb7saIfnHs2G0TH/X2iTBBCwiHXpOEvIq21Etuxoosghy
Q27he1bgZVLmHLtQXHd39Mn+zIGaiFwMC2maPlBUw74AYs+saCsr7GyIWyrQiYoH
MDETrwfYOVVEIw==
-----END CERTIFICATE-----