Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          tt9MtZW+aku5qTOlnBDSXjpDy3jinAsY3iwANTCWc1U=
Subject key identifier:   A9:BB:C5:EF:C6:CC:22:D1:DE:CF:D2:64:5C:BC:20:42:69:36:81:38
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       01976FD1509234B165309CED49BDB185DB9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          033A
Signing time:             Sat 14 Jun 2025 19:01:17 +0000
Manifest this update:     Sat 14 Jun 2025 19:01:17 +0000
Manifest next update:     Sun 15 Jun 2025 19:01:17 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: tWuuFrEYiKgCffoC75I8ZVhGI9rpwirtVv9ebxmIPDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d1:50:92:34:b1:65:30:9c:ed:49:bd:b1:85:db:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Jun 14 19:01:17 2025 GMT
            Not After : Jun 15 19:01:17 2025 GMT
        Subject: CN=a9bbc5efc6cc22d1decfd2645cbc204269368138
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:48:9c:a0:cb:2e:d9:c7:e4:e9:9b:98:3e:48:
                    b2:7c:02:da:32:bf:76:0e:06:c8:9e:e3:49:78:19:
                    87:45:fe:0f:7b:08:67:ad:15:90:95:68:e5:53:0f:
                    86:7f:bf:ff:cf:30:a1:f1:7f:0d:b9:dd:5f:2e:0d:
                    83:c2:1d:40:b5:e3:ff:1a:e8:bf:0f:13:9a:25:0c:
                    2b:88:44:8c:18:ea:2e:f2:c0:3d:f4:8a:ac:47:9c:
                    71:1c:6d:f7:f5:dc:a9:c2:9d:78:6c:3d:76:03:25:
                    19:6c:01:5c:bb:95:f5:f4:49:3c:6d:53:00:7d:12:
                    c5:e2:37:42:e7:d4:57:17:a0:6c:f2:16:ea:4d:d4:
                    b3:d9:c2:ae:2c:3a:af:f6:e5:29:ab:b2:17:ba:02:
                    e3:fc:57:2b:85:d4:dc:b1:82:29:c9:ff:df:72:ed:
                    50:f3:da:3e:f1:d3:0b:ee:0b:d0:84:28:54:d1:fc:
                    ff:73:3f:d6:3e:47:0a:c3:8a:50:2d:88:b3:5f:cd:
                    cb:5b:06:fd:2d:4b:50:b4:c9:8b:e0:c3:44:b4:eb:
                    d9:cb:c8:27:5c:47:ad:6e:5d:6c:e8:3f:53:e6:8d:
                    07:e8:af:16:76:69:ff:c2:d0:11:6f:bd:7e:63:08:
                    de:bb:d3:5d:06:20:9a:67:80:02:dd:03:8a:4d:20:
                    53:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:BB:C5:EF:C6:CC:22:D1:DE:CF:D2:64:5C:BC:20:42:69:36:81:38
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:b7:48:7a:b2:f0:64:01:ca:ee:91:34:ab:f8:71:6a:f2:0f:
         25:d2:6e:a5:df:5c:89:70:4c:d5:9a:9f:b1:48:8c:77:fc:2b:
         d7:8c:92:a6:11:98:2a:30:20:69:a7:a3:73:2c:3e:7d:7b:4d:
         89:cf:74:4f:fd:9d:10:0e:62:05:d4:58:f5:fc:9d:5c:b9:69:
         b8:4f:fa:43:4b:44:f2:ce:94:92:c6:b8:30:26:8f:a2:a9:3c:
         24:0c:9d:c0:56:f1:42:b7:33:51:67:2a:8c:e0:2a:00:0e:59:
         09:f0:20:ee:f4:be:d6:b2:77:68:57:c4:d6:86:2f:ed:6e:47:
         47:e8:d4:bf:50:e6:3b:b7:22:df:99:81:2e:ac:63:80:a1:e7:
         00:a3:60:2c:55:25:5e:15:75:6d:c9:b7:23:c2:8a:aa:65:5c:
         f9:ca:73:7a:7a:0b:6a:7e:8a:95:e9:a2:ab:d4:d2:cd:fa:44:
         df:ad:34:54:7b:71:23:07:a9:b8:ee:f3:07:3b:22:ab:50:2d:
         d2:8a:70:08:0b:a7:99:5c:c3:62:2d:79:8a:c1:03:c5:eb:c4:
         71:3a:ea:34:a8:44:04:fc:11:bb:cc:4d:a7:06:44:26:93:e1:
         8b:41:1a:73:f2:83:cb:97:d5:19:59:85:13:b0:c2:9d:77:b1:
         b9:e8:45:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0VCSNLFlMJztSb2xhdubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwNjE0MTkwMTE3WhcNMjUwNjE1MTkwMTE3WjAzMTEwLwYDVQQD
EyhhOWJiYzVlZmM2Y2MyMmQxZGVjZmQyNjQ1Y2JjMjA0MjY5MzY4MTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0icoMsu2cfk6ZuYPkiyfALaMr92
DgbInuNJeBmHRf4PewhnrRWQlWjlUw+Gf7//zzCh8X8Nud1fLg2Dwh1AteP/Gui/
DxOaJQwriESMGOou8sA99IqsR5xxHG339dypwp14bD12AyUZbAFcu5X19Ek8bVMA
fRLF4jdC59RXF6Bs8hbqTdSz2cKuLDqv9uUpq7IXugLj/FcrhdTcsYIpyf/fcu1Q
89o+8dML7gvQhChU0fz/cz/WPkcKw4pQLYizX83LWwb9LUtQtMmL4MNEtOvZy8gn
XEetbl1s6D9T5o0H6K8Wdmn/wtARb71+Ywjeu9NdBiCaZ4AC3QOKTSBTpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm7xe/GzCLR3s/SZFy8IEJpNoE4MB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUbdIerLw
ZAHK7pE0q/hxavIPJdJupd9ciXBM1ZqfsUiMd/wr14ySphGYKjAgaaejcyw+fXtN
ic90T/2dEA5iBdRY9fydXLlpuE/6Q0tE8s6Uksa4MCaPoqk8JAydwFbxQrczUWcq
jOAqAA5ZCfAg7vS+1rJ3aFfE1oYv7W5HR+jUv1DmO7ci35mBLqxjgKHnAKNgLFUl
XhV1bcm3I8KKqmVc+cpzenoLan6Klemiq9TSzfpE3600VHtxIwepuO7zBzsiq1At
0opwCAunmVzDYi15isEDxevEcTrqNKhEBPwRu8xNpwZEJpPhi0Eac/KDy5fVGVmF
E7DCnXexuehFkQ==
-----END CERTIFICATE-----