Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          4YRBjsQJKpEVK2lzvyQ7XfimF3Fd7KNXY3UB2hM003s=
Subject key identifier:   C8:36:86:2E:C7:85:B7:5C:0D:90:5C:07:23:B1:61:4D:C0:8F:42:4B
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       01978469E858DE9D65508B3BBC159785DC7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          01EA
Signing time:             Wed 18 Jun 2025 19:00:22 +0000
Manifest this update:     Wed 18 Jun 2025 19:00:22 +0000
Manifest next update:     Thu 19 Jun 2025 19:00:22 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: qHvuS/ISsm0NqU22rMq0r3spYki70jIFYD7mzKYYLjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 19:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:84:69:e8:58:de:9d:65:50:8b:3b:bc:15:97:85:dc:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Jun 18 19:00:22 2025 GMT
            Not After : Jun 19 19:00:22 2025 GMT
        Subject: CN=c836862ec785b75c0d905c0723b1614dc08f424b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:64:a4:48:16:e2:17:dd:a8:9a:24:7e:d5:d5:
                    2c:a0:6d:8b:b6:41:2b:11:5f:70:05:68:ca:4a:6c:
                    30:fd:f9:ff:15:1e:d0:de:66:65:42:fc:27:39:93:
                    83:ae:14:89:6d:fc:a3:69:d3:7a:40:7c:ef:72:62:
                    9f:f2:12:9c:38:54:08:89:80:43:94:b3:76:da:c6:
                    b5:3d:6e:65:c3:ed:00:19:5a:e9:99:38:0d:ec:50:
                    d5:25:52:f3:e1:58:ae:47:12:0e:c7:cc:00:4c:d3:
                    de:ea:1f:e3:23:b2:79:9e:ea:bb:9a:6f:91:0c:da:
                    59:7f:70:3f:9f:4f:0e:38:80:f6:86:4c:26:38:22:
                    46:39:36:04:84:d5:91:35:22:3a:ef:5c:d6:3d:16:
                    9a:43:5e:85:4b:15:d2:7d:f4:23:99:3d:0d:06:92:
                    ed:ee:28:ee:78:52:fc:c9:f9:24:63:29:b9:0d:de:
                    c6:86:80:93:a0:05:06:9d:10:e0:58:ac:8e:20:71:
                    11:6c:ef:fb:2a:b1:46:f9:a7:8e:e2:c1:ef:92:b8:
                    9f:fc:f3:20:3d:8e:81:f3:cb:66:f4:af:f4:aa:86:
                    2a:fb:a2:37:49:b3:a0:50:60:c6:3d:dc:b3:59:6a:
                    b4:30:99:ca:79:61:b3:31:8e:41:84:93:f3:49:6b:
                    75:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:36:86:2E:C7:85:B7:5C:0D:90:5C:07:23:B1:61:4D:C0:8F:42:4B
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:73:d5:18:c1:c6:f6:00:cb:9e:bd:ca:a1:20:de:5c:da:0f:
         c6:ed:e3:7a:97:df:bb:e2:1b:c7:aa:62:5a:aa:2b:13:7c:5c:
         51:ac:bc:9d:14:65:3e:b4:99:a7:0f:b1:53:64:75:da:b3:e4:
         fe:a3:4c:0e:17:12:c7:3a:a1:03:30:a4:3d:75:2d:46:8d:cf:
         d8:51:3f:9b:47:b1:71:77:63:72:9a:cf:5e:d6:56:ab:5c:87:
         d8:8f:df:38:66:cb:2b:60:9e:f9:6e:ce:8c:55:57:b0:d6:cb:
         3f:bf:6f:4b:93:c2:c8:c4:45:e1:c8:67:69:65:bf:3e:79:86:
         4f:d8:47:d4:e5:54:e2:8f:c6:1b:99:f0:20:d9:d7:63:e8:5d:
         40:1c:2a:ec:a0:45:ea:5e:13:81:8d:ca:bf:f6:52:53:d0:20:
         75:af:54:67:19:1f:11:51:3b:59:37:c6:86:a5:44:4c:c6:99:
         3d:26:03:10:12:1e:33:e0:ce:bb:1b:65:fc:1a:fc:86:c9:3f:
         94:86:a6:f2:3f:13:4d:62:70:d4:6e:8b:d1:20:9a:51:63:00:
         fd:64:d1:c8:57:79:4b:dd:a0:4b:01:fe:02:f6:38:b6:2d:e6:
         57:40:ab:1d:0c:6e:9f:84:44:38:d9:56:86:b6:2d:8d:32:fd:
         20:53:4c:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeEaehY3p1lUIs7vBWXhdx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjUwNjE4MTkwMDIyWhcNMjUwNjE5MTkwMDIyWjAzMTEwLwYDVQQD
EyhjODM2ODYyZWM3ODViNzVjMGQ5MDVjMDcyM2IxNjE0ZGMwOGY0MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2SkSBbiF92omiR+1dUsoG2LtkEr
EV9wBWjKSmww/fn/FR7Q3mZlQvwnOZODrhSJbfyjadN6QHzvcmKf8hKcOFQIiYBD
lLN22sa1PW5lw+0AGVrpmTgN7FDVJVLz4ViuRxIOx8wATNPe6h/jI7J5nuq7mm+R
DNpZf3A/n08OOID2hkwmOCJGOTYEhNWRNSI671zWPRaaQ16FSxXSffQjmT0NBpLt
7ijueFL8yfkkYym5Dd7GhoCToAUGnRDgWKyOIHERbO/7KrFG+aeO4sHvkrif/PMg
PY6B88tm9K/0qoYq+6I3SbOgUGDGPdyzWWq0MJnKeWGzMY5BhJPzSWt1/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMg2hi7HhbdcDZBcByOxYU3Aj0JLMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPnPVGMHG
9gDLnr3KoSDeXNoPxu3jepffu+Ibx6piWqorE3xcUay8nRRlPrSZpw+xU2R12rPk
/qNMDhcSxzqhAzCkPXUtRo3P2FE/m0excXdjcprPXtZWq1yH2I/fOGbLK2Ce+W7O
jFVXsNbLP79vS5PCyMRF4chnaWW/PnmGT9hH1OVU4o/GG5nwINnXY+hdQBwq7KBF
6l4TgY3Kv/ZSU9Agda9UZxkfEVE7WTfGhqVETMaZPSYDEBIeM+DOuxtl/Br8hsk/
lIam8j8TTWJw1G6L0SCaUWMA/WTRyFd5S92gSwH+AvY4ti3mV0CrHQxun4REONlW
hrYtjTL9IFNMmQ==
-----END CERTIFICATE-----