Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
File:                     xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json)
Hash identifier:          jARuyzihBdFooefNkpImoHLAG2PaHdXp2DqGV0zC6Mg=
Subject key identifier:   86:5A:98:52:69:5A:0A:BA:B2:3D:57:1E:D1:7C:33:41:96:9D:3D:52
Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
Certificate issuer:       /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Certificate serial:       01976C992D7D9E02E9396CCFB3931E0248F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
Manifest number:          07BE
Signing time:             Sat 14 Jun 2025 04:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 04:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 04:01:07 +0000
Files and hashes:         1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: gcO/s0oFIpQWPVLqDwbca66WBjO7JIHzJa/VcSZAT1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:99:2d:7d:9e:02:e9:39:6c:cf:b3:93:1e:02:48:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
        Validity
            Not Before: Jun 14 04:01:07 2025 GMT
            Not After : Jun 15 04:01:07 2025 GMT
        Subject: CN=865a9852695a0abab23d571ed17c3341969d3d52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ea:6d:2e:08:41:4f:d3:72:b5:98:4d:79:25:
                    7f:a9:7a:d7:4c:d3:74:77:fc:12:d0:d6:1c:37:f8:
                    74:bc:88:40:db:d6:18:2f:3b:2c:d6:ae:3d:5c:3e:
                    c9:7b:a8:ab:ae:0a:87:29:4b:ca:47:79:43:6b:ae:
                    2d:c3:c5:b9:88:e4:c8:7f:7a:f1:36:6b:89:a3:15:
                    73:d5:c3:cb:f9:fc:6b:d5:4d:c2:52:34:6f:d6:b4:
                    0a:bb:4a:0e:8c:33:6e:e7:bb:d9:30:4c:2b:0b:51:
                    45:8e:d5:4c:ea:64:66:b4:94:7e:2f:33:a6:63:e9:
                    91:91:a6:af:b9:26:df:35:ca:78:58:35:a2:ff:d9:
                    83:f6:c7:8a:a0:98:22:36:15:82:c3:10:13:2f:45:
                    a1:9f:4a:c2:66:7b:70:f7:22:a5:1e:21:78:72:c2:
                    0a:0a:a3:67:1a:59:e0:ac:3f:99:d4:fa:d7:78:62:
                    09:00:24:f1:5e:56:5f:c7:b3:ee:49:ce:c8:9b:e6:
                    87:1c:b1:34:49:a8:fd:34:61:f1:33:6f:be:db:de:
                    04:92:b3:14:d7:c3:11:95:6a:92:9f:7e:87:45:58:
                    80:a8:75:99:3d:d9:78:6e:14:e9:00:57:3b:27:b4:
                    18:16:3b:7b:ad:08:c8:8e:4e:84:c3:98:fc:79:4c:
                    20:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:5A:98:52:69:5A:0A:BA:B2:3D:57:1E:D1:7C:33:41:96:9D:3D:52
            X509v3 Authority Key Identifier:
                keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:d4:0f:cc:bc:35:4b:96:1f:27:d4:be:f3:01:1e:22:4f:51:
         21:20:94:8e:9b:57:e6:68:5c:5f:5c:71:3b:97:39:fb:cc:5c:
         41:a3:58:6e:34:78:63:69:56:2e:97:6b:a9:b1:bd:97:0b:d8:
         90:e7:c3:d5:c6:48:dc:c6:64:56:ad:61:f5:61:11:d5:8a:a7:
         e6:15:89:ea:f7:0e:2f:27:e2:27:eb:10:34:f0:4e:6f:ee:7d:
         20:6a:90:50:6e:3b:4b:da:1d:86:2e:5b:e1:6e:f9:db:15:e5:
         0b:f5:9b:30:73:b7:69:b4:4d:ad:bc:7b:1e:95:ac:af:27:f0:
         cf:28:3f:73:29:fe:b2:da:c7:67:ae:74:4c:93:3c:85:c5:cf:
         ae:c9:78:7b:49:ae:c3:fd:bf:42:5c:47:76:e4:c8:50:ce:63:
         6c:7e:de:ae:23:ba:6a:a8:76:f9:a3:85:69:b7:21:01:d1:64:
         30:72:23:31:d1:fb:fc:3d:b8:90:b8:fd:25:72:ce:57:f3:97:
         f8:82:df:72:18:4e:94:80:bf:86:d8:89:f9:a8:72:0f:c4:0f:
         9b:07:c4:2c:26:71:e2:cb:bf:74:a7:c5:22:43:2f:40:f7:d1:
         50:3c:0b:1b:19:05:b3:3b:fa:5f:ce:eb:9c:e2:b9:57:01:52:
         dc:1b:a2:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmS19ngLpOWzPs5MeAkj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5
NzQ1ZTkwHhcNMjUwNjE0MDQwMTA3WhcNMjUwNjE1MDQwMTA3WjAzMTEwLwYDVQQD
Eyg4NjVhOTg1MjY5NWEwYWJhYjIzZDU3MWVkMTdjMzM0MTk2OWQzZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+ptLghBT9NytZhNeSV/qXrXTNN0
d/wS0NYcN/h0vIhA29YYLzss1q49XD7Je6irrgqHKUvKR3lDa64tw8W5iOTIf3rx
NmuJoxVz1cPL+fxr1U3CUjRv1rQKu0oOjDNu57vZMEwrC1FFjtVM6mRmtJR+LzOm
Y+mRkaavuSbfNcp4WDWi/9mD9seKoJgiNhWCwxATL0Whn0rCZntw9yKlHiF4csIK
CqNnGlngrD+Z1PrXeGIJACTxXlZfx7PuSc7Im+aHHLE0Saj9NGHxM2++294EkrMU
18MRlWqSn36HRViAqHWZPdl4bhTpAFc7J7QYFjt7rQjIjk6Ew5j8eUwgrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZamFJpWgq6sj1XHtF8M0GWnT1SMB8GA1UdIwQY
MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut
YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz
LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI9QPzLw1
S5YfJ9S+8wEeIk9RISCUjptX5mhcX1xxO5c5+8xcQaNYbjR4Y2lWLpdrqbG9lwvY
kOfD1cZI3MZkVq1h9WER1Yqn5hWJ6vcOLyfiJ+sQNPBOb+59IGqQUG47S9odhi5b
4W752xXlC/WbMHO3abRNrbx7HpWsryfwzyg/cyn+strHZ650TJM8hcXPrsl4e0mu
w/2/QlxHduTIUM5jbH7eriO6aqh2+aOFabchAdFkMHIjMdH7/D24kLj9JXLOV/OX
+ILfchhOlIC/htiJ+ahyD8QPmwfELCZx4su/dKfFIkMvQPfRUDwLGxkFszv6X87r
nOK5VwFS3BuiDg==
-----END CERTIFICATE-----