Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          gQJ87Hr6WcFWacbJ1HbtKr7xv4ZN+zAxmjfF+QDaOBA=
Subject key identifier:   66:A7:3D:9A:3D:AC:C2:3D:8C:81:6A:57:4A:EB:45:DA:68:46:FA:F3
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       019783C5746D993328BD6192950372B59B93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          0EBA
Signing time:             Wed 18 Jun 2025 16:00:45 +0000
Manifest this update:     Wed 18 Jun 2025 16:00:45 +0000
Manifest next update:     Thu 19 Jun 2025 16:00:45 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: ueqBNKvUkanmrV6bNJkP0w8aCJhLKAer8f/UWRS/gNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:83:c5:74:6d:99:33:28:bd:61:92:95:03:72:b5:9b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Jun 18 16:00:45 2025 GMT
            Not After : Jun 19 16:00:45 2025 GMT
        Subject: CN=66a73d9a3dacc23d8c816a574aeb45da6846faf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4f:de:5f:af:57:ee:b2:22:48:97:ce:f3:e4:
                    5b:09:59:67:d7:d9:33:d9:d3:6c:ec:9d:0c:f8:aa:
                    e5:4b:6b:d5:0a:9d:3f:79:a1:26:e6:6d:f5:13:c5:
                    56:0f:62:9c:ac:2c:40:cc:05:dd:a8:8e:d0:f2:a9:
                    d2:57:fe:dc:3d:1a:05:54:fb:77:9d:a9:d0:2d:83:
                    37:01:aa:11:d4:17:37:1e:ec:bb:df:59:38:b7:85:
                    02:57:d2:14:4c:40:2b:b3:cd:86:c7:a3:52:62:04:
                    6e:75:7f:21:61:bf:60:bd:fb:56:96:72:29:ab:55:
                    d8:b0:37:e3:c3:09:e7:80:e7:48:34:91:38:f5:d4:
                    a8:6f:3e:73:89:ce:28:1e:9d:e8:91:75:0d:34:c1:
                    53:28:f0:15:a7:d9:db:e2:3e:61:04:43:54:ff:a9:
                    cc:fc:5a:c9:6e:93:a7:6a:0c:ce:3e:d0:6c:b6:a0:
                    a9:9f:06:d9:a9:f4:77:aa:6b:93:c0:76:ee:d3:3e:
                    a2:60:2e:d9:cd:cb:a6:ff:d1:11:07:c6:7b:c8:f8:
                    83:99:32:01:3b:37:02:ed:6e:00:9e:f9:66:34:00:
                    f9:fb:90:c5:91:94:4a:a3:2d:a1:16:8e:86:8a:9c:
                    ce:4c:35:fb:55:1b:2e:5a:34:fb:12:22:4c:32:c3:
                    af:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:A7:3D:9A:3D:AC:C2:3D:8C:81:6A:57:4A:EB:45:DA:68:46:FA:F3
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:10:23:e3:2a:ad:a5:92:7b:df:bc:c6:7a:9b:87:b9:c1:1e:
         30:8e:e3:82:8a:58:8c:c0:3f:f8:d8:6a:de:7f:68:40:dc:5d:
         b7:69:e4:c8:e2:15:d2:d5:5a:c8:96:d8:18:3f:86:12:a2:d4:
         1f:f3:55:0e:17:82:c8:d6:21:80:a4:bf:de:34:34:28:9e:77:
         9d:7d:9b:1d:07:a7:14:bf:df:e3:9f:11:db:7a:00:e1:2b:d5:
         28:65:2d:a7:ce:ca:0f:76:78:80:d2:4c:82:6c:c3:b4:ce:29:
         d6:c7:93:39:53:0d:d4:92:d7:d7:fd:42:02:92:8e:48:51:e5:
         8d:44:69:23:4e:a6:67:c4:46:1a:ac:50:fb:58:52:fe:5a:70:
         d0:9e:e0:ad:bf:c1:0a:5a:09:af:8f:1d:d1:02:ed:b1:25:13:
         fd:a7:a0:74:88:4a:26:56:0e:8e:c4:fc:25:bd:db:09:b7:8b:
         1e:b7:db:e5:01:ba:86:85:51:04:e8:08:b5:e6:62:e1:d4:7b:
         4a:aa:cc:f4:5c:a9:92:54:dd:d5:5d:5c:70:6b:5b:05:0a:98:
         a4:1f:0e:ee:5b:c6:e5:68:90:a7:f4:9a:80:5d:5d:b2:b3:9d:
         78:01:35:9c:50:4b:83:66:de:51:10:5c:5a:ec:8c:80:41:d4:
         dd:50:6f:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeDxXRtmTMovWGSlQNytZuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUwNjE4MTYwMDQ1WhcNMjUwNjE5MTYwMDQ1WjAzMTEwLwYDVQQD
Eyg2NmE3M2Q5YTNkYWNjMjNkOGM4MTZhNTc0YWViNDVkYTY4NDZmYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk/eX69X7rIiSJfO8+RbCVln19kz
2dNs7J0M+KrlS2vVCp0/eaEm5m31E8VWD2KcrCxAzAXdqI7Q8qnSV/7cPRoFVPt3
nanQLYM3AaoR1Bc3Huy731k4t4UCV9IUTEArs82Gx6NSYgRudX8hYb9gvftWlnIp
q1XYsDfjwwnngOdINJE49dSobz5zic4oHp3okXUNNMFTKPAVp9nb4j5hBENU/6nM
/FrJbpOnagzOPtBstqCpnwbZqfR3qmuTwHbu0z6iYC7Zzcum/9ERB8Z7yPiDmTIB
OzcC7W4AnvlmNAD5+5DFkZRKoy2hFo6GipzOTDX7VRsuWjT7EiJMMsOv5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGanPZo9rMI9jIFqV0rrRdpoRvrzMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxRAj4yqt
pZJ737zGepuHucEeMI7jgopYjMA/+Nhq3n9oQNxdt2nkyOIV0tVayJbYGD+GEqLU
H/NVDheCyNYhgKS/3jQ0KJ53nX2bHQenFL/f458R23oA4SvVKGUtp87KD3Z4gNJM
gmzDtM4p1seTOVMN1JLX1/1CApKOSFHljURpI06mZ8RGGqxQ+1hS/lpw0J7grb/B
CloJr48d0QLtsSUT/aegdIhKJlYOjsT8Jb3bCbeLHrfb5QG6hoVRBOgIteZi4dR7
SqrM9FypklTd1V1ccGtbBQqYpB8O7lvG5WiQp/SagF1dsrOdeAE1nFBLg2beURBc
WuyMgEHU3VBv2w==
-----END CERTIFICATE-----