Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File:                     XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier:          ChDSbmbO1+CfCAeLe6RLlPJ9Gd59vd2vHQV6kp8KWSY=
Subject key identifier:   7E:CF:A7:FE:21:80:AB:50:2C:60:9A:B3:2D:D7:A0:DF:3E:3C:F5:66
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer:       /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial:       01976A0585861D71C4150640CB2175EE75A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number:          0662
Signing time:             Fri 13 Jun 2025 16:00:36 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:36 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:36 +0000
Files and hashes:         1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: dlStR3NE0pBnYB8KyNPNxy9r3x3QFfOVDdLckHnM+PU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:85:86:1d:71:c4:15:06:40:cb:21:75:ee:75:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
        Validity
            Not Before: Jun 13 16:00:36 2025 GMT
            Not After : Jun 14 16:00:36 2025 GMT
        Subject: CN=7ecfa7fe2180ab502c609ab32dd7a0df3e3cf566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f2:d9:30:2d:27:12:40:b6:c5:a5:3e:ea:1a:
                    c1:d8:5a:65:1b:06:81:61:53:23:11:dd:a9:08:3e:
                    42:74:ba:9b:83:06:86:af:03:8d:b9:3b:b8:90:27:
                    21:7d:35:0a:ba:79:86:dc:eb:e5:82:99:3a:d2:d6:
                    c3:25:16:71:31:e4:ee:fa:9a:c0:1f:f9:41:cb:05:
                    34:87:82:2d:e9:66:9e:be:be:53:5a:31:10:d6:e3:
                    9c:c4:37:df:89:23:20:86:79:b8:05:fe:a6:de:7c:
                    27:f1:93:ba:0b:89:bb:ae:4c:6f:5e:f7:0a:9f:37:
                    dc:81:90:b0:57:3c:e2:1e:dd:9f:b4:55:16:a8:a6:
                    49:0b:60:1d:f5:84:a2:98:37:8a:ba:4b:f6:20:6d:
                    16:f8:34:7c:80:8a:58:48:30:a9:be:b0:c3:02:55:
                    e1:70:93:06:c9:53:b5:32:c0:9f:c0:b0:cc:f9:57:
                    ac:aa:fc:09:f5:2d:59:7b:3a:3a:6b:b4:cb:b9:24:
                    9d:5c:8b:db:88:ee:ae:ef:c7:c8:cb:d7:1e:f3:bb:
                    c3:ab:12:19:3b:d8:c1:5c:4e:6b:3a:72:de:e5:0e:
                    13:77:62:9a:bd:37:b1:2c:19:a0:51:a7:7e:0e:e8:
                    9f:c3:9c:18:3a:69:5d:06:c1:c9:d9:21:ba:b6:97:
                    ef:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:CF:A7:FE:21:80:AB:50:2C:60:9A:B3:2D:D7:A0:DF:3E:3C:F5:66
            X509v3 Authority Key Identifier:
                keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:32:0e:7e:84:f7:d5:b4:ec:f8:82:01:a8:c9:08:55:56:57:
         93:1f:ef:ad:5a:57:53:0a:81:7e:fd:5e:38:13:02:5d:5e:75:
         3a:c0:5b:13:d5:32:d8:63:ca:61:ad:ab:da:5b:5b:eb:bc:7f:
         55:69:d4:e1:fa:75:de:1b:9f:cc:3b:2c:47:56:3a:01:71:a5:
         0f:3e:6c:fc:b4:52:96:9f:9f:8f:5c:df:4f:41:b8:1d:77:7a:
         e5:86:26:91:76:30:18:db:50:9b:8b:a4:d5:88:4f:19:4c:1e:
         03:5c:25:8a:f8:29:df:23:f0:5a:fd:6b:10:9a:13:d0:7d:ed:
         5e:ad:22:17:85:6b:88:56:0c:30:13:32:50:01:a1:21:2a:8d:
         04:46:53:90:01:6d:d1:31:90:42:45:b8:b5:c5:1f:7c:8d:54:
         1a:bb:51:6e:fa:39:08:de:77:70:0c:7c:30:1f:2a:94:00:9d:
         ce:f6:67:e2:65:8f:fa:66:96:f7:6b:a6:96:2b:5b:fb:83:0a:
         7e:5f:e3:eb:c8:fb:dc:99:6e:ae:87:56:86:fb:ba:56:cd:7c:
         6b:dc:b6:44:ce:60:6c:f8:ac:f3:1d:8d:5e:b2:49:c0:5a:5b:
         58:92:f3:5c:ea:c2:5c:2e:7e:49:56:11:2d:f5:ad:25:60:3c:
         36:8f:45:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBYWGHXHEFQZAyyF17nWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUwNjEzMTYwMDM2WhcNMjUwNjE0MTYwMDM2WjAzMTEwLwYDVQQD
Eyg3ZWNmYTdmZTIxODBhYjUwMmM2MDlhYjMyZGQ3YTBkZjNlM2NmNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vLZMC0nEkC2xaU+6hrB2FplGwaB
YVMjEd2pCD5CdLqbgwaGrwONuTu4kCchfTUKunmG3Ovlgpk60tbDJRZxMeTu+prA
H/lBywU0h4It6Waevr5TWjEQ1uOcxDffiSMghnm4Bf6m3nwn8ZO6C4m7rkxvXvcK
nzfcgZCwVzziHt2ftFUWqKZJC2Ad9YSimDeKukv2IG0W+DR8gIpYSDCpvrDDAlXh
cJMGyVO1MsCfwLDM+VesqvwJ9S1Zezo6a7TLuSSdXIvbiO6u78fIy9ce87vDqxIZ
O9jBXE5rOnLe5Q4Td2KavTexLBmgUad+Duifw5wYOmldBsHJ2SG6tpfvgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7Pp/4hgKtQLGCasy3XoN8+PPVmMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASDIOfoT3
1bTs+IIBqMkIVVZXkx/vrVpXUwqBfv1eOBMCXV51OsBbE9Uy2GPKYa2r2ltb67x/
VWnU4fp13hufzDssR1Y6AXGlDz5s/LRSlp+fj1zfT0G4HXd65YYmkXYwGNtQm4uk
1YhPGUweA1wlivgp3yPwWv1rEJoT0H3tXq0iF4VriFYMMBMyUAGhISqNBEZTkAFt
0TGQQkW4tcUffI1UGrtRbvo5CN53cAx8MB8qlACdzvZn4mWP+maW92umlitb+4MK
fl/j68j73JlurodWhvu6Vs18a9y2RM5gbPis8x2NXrJJwFpbWJLzXOrCXC5+SVYR
LfWtJWA8No9FiA==
-----END CERTIFICATE-----