Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
File:                     rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json)
Hash identifier:          SVBafXxkbEK6wOomCOwdR/GPwuix9JZLCSQoVU2DQfQ=
Subject key identifier:   58:3F:96:7A:A7:DB:EA:A9:4C:50:F3:FE:27:9C:F6:16:33:47:21:AE
Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9
Certificate issuer:       /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
Certificate serial:       019679E905CB1B8C9F44D19C76D9B3EE4F03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
Manifest number:          0A0E
Signing time:             Mon 28 Apr 2025 01:00:36 +0000
Manifest this update:     Mon 28 Apr 2025 01:00:36 +0000
Manifest next update:     Tue 29 Apr 2025 01:00:36 +0000
Files and hashes:         1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: Z1wyIyTQSkWXYPB3GjZ4QKDQ6oLS/85nqZHrOmeBa5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:05:cb:1b:8c:9f:44:d1:9c:76:d9:b3:ee:4f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9
        Validity
            Not Before: Apr 28 01:00:36 2025 GMT
            Not After : Apr 29 01:00:36 2025 GMT
        Subject: CN=583f967aa7dbeaa94c50f3fe279cf616334721ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2e:85:09:24:75:f1:7a:fe:4a:ad:1e:73:1a:
                    3b:bf:43:67:32:e4:5c:8d:7a:d1:0a:f4:ad:1b:67:
                    b4:27:08:f0:51:c2:bf:bd:2b:c9:9b:80:d6:0b:98:
                    4f:d4:c0:b9:a3:a8:6b:48:c7:5f:1e:44:1e:9b:60:
                    5e:bd:1c:17:c1:a1:98:e9:d4:e0:2a:77:37:e8:e6:
                    82:1d:21:03:70:fb:24:8a:75:d0:1a:a1:a7:10:b8:
                    5f:fc:89:18:96:42:da:cb:fc:92:a9:0e:6f:4e:f2:
                    73:fa:1c:1f:95:d4:87:ff:8f:45:cd:7b:32:b9:e1:
                    a0:4e:1f:e8:42:d2:19:4a:26:e2:98:7c:f8:83:21:
                    45:b3:96:91:32:f0:d9:7c:52:19:a5:8a:cf:b8:ac:
                    f6:17:38:ff:7a:66:f8:d3:dd:6a:19:db:01:0a:a7:
                    08:3f:42:bd:55:67:b5:57:1a:70:d7:cf:33:bc:5d:
                    5a:dc:dd:47:d0:02:76:5b:2e:3b:4d:27:ab:69:67:
                    0b:dc:3e:27:74:ac:1c:7f:48:95:16:8d:d2:48:e8:
                    55:f9:d3:73:80:8d:9c:f5:73:88:fc:bc:25:c5:a4:
                    c4:b7:42:0b:a1:c0:b3:f5:20:45:ff:fe:b2:b3:17:
                    70:61:0b:e7:9f:f4:bc:52:9a:c8:af:47:77:72:fc:
                    6c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:3F:96:7A:A7:DB:EA:A9:4C:50:F3:FE:27:9C:F6:16:33:47:21:AE
            X509v3 Authority Key Identifier:
                keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:e6:50:6d:19:ec:67:b1:67:0b:f9:9b:30:8e:c7:0d:f7:32:
         29:18:92:05:62:25:63:4b:8d:80:4f:f4:f0:04:14:0d:be:02:
         9f:fa:47:fe:6e:25:dd:38:d1:e1:01:54:7a:ad:fd:e1:cc:63:
         d9:66:aa:88:7e:5a:0d:50:c3:33:0e:5d:24:fa:45:d3:e7:b8:
         76:ae:47:e3:dc:80:2e:94:a5:b6:de:b9:68:c5:aa:23:2d:87:
         84:6b:66:6c:82:fd:d1:49:4f:8b:0e:ff:8e:95:db:04:25:1a:
         02:2f:67:ba:38:c1:a6:6a:c7:1a:8d:11:54:d6:84:fd:c8:91:
         4f:26:13:55:b5:bc:90:61:c0:eb:86:cb:79:93:13:1f:89:51:
         87:49:a8:c9:03:a1:f9:29:73:d3:18:e6:b2:f9:89:90:e9:d0:
         5f:16:a8:86:3f:97:e4:37:6e:5f:e6:66:ac:05:d0:4c:96:65:
         59:da:f1:6b:b9:d4:8f:70:24:c6:7e:5b:bf:f8:4f:4f:af:91:
         18:aa:e3:59:fe:48:1d:9a:8d:3e:0c:b1:6f:8b:b4:cc:50:e3:
         30:44:28:70:cc:41:77:33:e2:57:7f:99:41:b1:cd:dd:03:eb:
         f6:8c:c5:c5:04:80:66:39:c9:1c:f3:9d:af:99:69:94:76:60:
         a0:d7:5c:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56QXLG4yfRNGcdtmz7k8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0
OTAwZjkwHhcNMjUwNDI4MDEwMDM2WhcNMjUwNDI5MDEwMDM2WjAzMTEwLwYDVQQD
Eyg1ODNmOTY3YWE3ZGJlYWE5NGM1MGYzZmUyNzljZjYxNjMzNDcyMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC6FCSR18Xr+Sq0ecxo7v0NnMuRc
jXrRCvStG2e0JwjwUcK/vSvJm4DWC5hP1MC5o6hrSMdfHkQem2BevRwXwaGY6dTg
Knc36OaCHSEDcPskinXQGqGnELhf/IkYlkLay/ySqQ5vTvJz+hwfldSH/49FzXsy
ueGgTh/oQtIZSibimHz4gyFFs5aRMvDZfFIZpYrPuKz2Fzj/emb4091qGdsBCqcI
P0K9VWe1Vxpw188zvF1a3N1H0AJ2Wy47TSeraWcL3D4ndKwcf0iVFo3SSOhV+dNz
gI2c9XOI/LwlxaTEt0ILocCz9SBF//6ysxdwYQvnn/S8UprIr0d3cvxsfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg/lnqn2+qpTFDz/iec9hYzRyGuMB8GA1UdIwQY
MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt
MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy
LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABeZQbRns
Z7FnC/mbMI7HDfcyKRiSBWIlY0uNgE/08AQUDb4Cn/pH/m4l3TjR4QFUeq394cxj
2WaqiH5aDVDDMw5dJPpF0+e4dq5H49yALpSltt65aMWqIy2HhGtmbIL90UlPiw7/
jpXbBCUaAi9nujjBpmrHGo0RVNaE/ciRTyYTVbW8kGHA64bLeZMTH4lRh0moyQOh
+Slz0xjmsvmJkOnQXxaohj+X5DduX+ZmrAXQTJZlWdrxa7nUj3Akxn5bv/hPT6+R
GKrjWf5IHZqNPgyxb4u0zFDjMEQocMxBdzPiV3+ZQbHN3QPr9ozFxQSAZjnJHPOd
r5lplHZgoNdcyA==
-----END CERTIFICATE-----