Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.mft
File:                     9xPX34BXC8z7JzeT8ApdRshT5Jo.mft (raw, json)
Hash identifier:          cHZCH0cswVXMOmXFnrylA2Tqbb+AWK+0/7e9LK/o4/0=
Subject key identifier:   C3:E3:09:B6:78:68:83:61:E5:19:4F:12:CB:8F:92:06:98:C3:26:9A
Authority key identifier: F7:13:D7:DF:80:57:0B:CC:FB:27:37:93:F0:0A:5D:46:C8:53:E4:9A
Certificate issuer:       /CN=f713d7df80570bccfb273793f00a5d46c853e49a
Certificate serial:       0196827EAFA88F44D0FA6C4DDCF86951EC87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9xPX34BXC8z7JzeT8ApdRshT5Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.mft
Manifest number:          0438
Signing time:             Tue 29 Apr 2025 17:01:02 +0000
Manifest this update:     Tue 29 Apr 2025 17:01:02 +0000
Manifest next update:     Wed 30 Apr 2025 17:01:02 +0000
Files and hashes:         1: 9xPX34BXC8z7JzeT8ApdRshT5Jo.crl (hash: fsZ/SZfIZF6VeMcNxuO1xYf+piYfrQue0yXI+ifIXHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9xPX34BXC8z7JzeT8ApdRshT5Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:7e:af:a8:8f:44:d0:fa:6c:4d:dc:f8:69:51:ec:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f713d7df80570bccfb273793f00a5d46c853e49a
        Validity
            Not Before: Apr 29 17:01:02 2025 GMT
            Not After : Apr 30 17:01:02 2025 GMT
        Subject: CN=c3e309b678688361e5194f12cb8f920698c3269a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8f:61:db:78:2e:2a:39:c6:a0:b9:6c:30:8f:
                    67:97:6d:b5:4d:91:78:3e:cd:e8:4b:9c:3a:bb:4c:
                    33:5e:70:03:2e:bc:7c:97:a6:b7:28:3c:9e:41:18:
                    81:b3:0d:e4:80:3a:0b:23:90:42:92:d0:44:1f:f0:
                    f6:61:a7:d1:d1:49:e6:9b:a9:23:dc:bb:52:64:68:
                    24:ac:88:45:e1:83:c8:01:24:de:6f:93:32:3d:6f:
                    19:c7:ed:0f:3d:ed:5a:25:fd:8b:af:ad:e4:4e:f9:
                    a3:9a:c5:d2:87:37:47:45:2a:12:75:b3:e0:1f:7c:
                    57:c2:23:66:b6:86:5d:83:be:98:a5:3e:a1:a3:e9:
                    26:f1:c3:45:cd:76:8f:1e:87:44:de:88:a9:78:e8:
                    80:cd:f0:68:d5:96:6c:3a:64:43:d6:3b:ac:c2:36:
                    4e:36:d9:88:f2:ac:3b:f2:a5:1c:d8:20:ff:d3:e6:
                    c1:c8:04:c5:c3:ad:47:07:7b:c1:b4:34:94:73:83:
                    f0:70:46:d5:53:98:a4:25:15:fe:c4:a7:ac:78:de:
                    f8:cc:e3:c3:65:fa:4f:1b:77:15:c5:ad:90:c2:f6:
                    58:1b:cd:29:a2:92:ad:28:e9:13:95:48:d0:b6:50:
                    f3:c2:6b:c5:28:92:e7:ed:72:ac:b3:ec:7f:18:26:
                    58:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:E3:09:B6:78:68:83:61:E5:19:4F:12:CB:8F:92:06:98:C3:26:9A
            X509v3 Authority Key Identifier:
                keyid:F7:13:D7:DF:80:57:0B:CC:FB:27:37:93:F0:0A:5D:46:C8:53:E4:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9xPX34BXC8z7JzeT8ApdRshT5Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/23a19a-30db-4872-ab73-5287afc10e68/1/9xPX34BXC8z7JzeT8ApdRshT5Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:56:9f:ec:ee:5c:8e:62:97:18:67:91:e9:ab:23:1c:ad:ba:
         5f:2a:e9:83:76:85:d4:74:8c:ed:e9:0c:7a:c9:08:a6:52:6b:
         1d:17:4e:4b:e2:91:6c:fc:6c:a5:50:b4:a0:9f:a0:0c:c9:cf:
         12:a3:c9:35:85:1f:2f:5b:5d:7d:5a:8a:9f:29:a3:2e:5f:e8:
         34:c7:08:bb:e1:3f:b1:71:c1:2b:dc:a0:7e:c7:61:a8:fe:3f:
         94:85:61:8d:95:80:e3:f6:60:c1:d7:f3:4e:e0:c0:b6:57:e4:
         fd:e9:25:2e:de:da:7a:00:d6:1c:1a:d0:53:57:a9:be:22:03:
         57:44:80:6c:0c:06:a6:a0:b1:24:3b:73:40:25:2c:0b:3c:a4:
         86:bb:e0:89:83:c6:fb:a0:73:48:d3:19:6c:ef:35:bf:a4:f0:
         23:b9:48:ff:d5:36:78:fd:a8:68:ce:86:46:49:4f:0c:a3:93:
         cf:78:5c:02:31:45:11:bb:ff:48:d6:0c:4f:cf:6e:44:ed:1d:
         45:9f:bf:0d:3c:10:8a:dd:0d:ec:49:c3:83:1b:48:a5:b2:10:
         33:cb:ab:4e:60:00:b8:66:0e:fe:a4:97:b2:e5:57:72:11:9a:
         de:f0:55:33:c3:30:68:a0:c5:8a:2a:23:04:0a:15:19:3e:4c:
         e3:f0:07:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCfq+oj0TQ+mxN3PhpUeyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MTNkN2RmODA1NzBiY2NmYjI3Mzc5M2YwMGE1ZDQ2Yzg1
M2U0OWEwHhcNMjUwNDI5MTcwMTAyWhcNMjUwNDMwMTcwMTAyWjAzMTEwLwYDVQQD
EyhjM2UzMDliNjc4Njg4MzYxZTUxOTRmMTJjYjhmOTIwNjk4YzMyNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY9h23guKjnGoLlsMI9nl221TZF4
Ps3oS5w6u0wzXnADLrx8l6a3KDyeQRiBsw3kgDoLI5BCktBEH/D2YafR0Unmm6kj
3LtSZGgkrIhF4YPIASTeb5MyPW8Zx+0PPe1aJf2Lr63kTvmjmsXShzdHRSoSdbPg
H3xXwiNmtoZdg76YpT6ho+km8cNFzXaPHodE3oipeOiAzfBo1ZZsOmRD1juswjZO
NtmI8qw78qUc2CD/0+bByATFw61HB3vBtDSUc4PwcEbVU5ikJRX+xKeseN74zOPD
ZfpPG3cVxa2QwvZYG80popKtKOkTlUjQtlDzwmvFKJLn7XKss+x/GCZYIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPjCbZ4aINh5RlPEsuPkgaYwyaaMB8GA1UdIwQY
MBaAFPcT19+AVwvM+yc3k/AKXUbIU+SaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXhQWDM0QlhDOHo3SnplVDhBcGRSc2hUNUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yM2ExOWEtMzBkYi00ODcyLWFiNzMt
NTI4N2FmYzEwZTY4LzEvOXhQWDM0QlhDOHo3SnplVDhBcGRSc2hUNUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yM2ExOWEtMzBkYi00ODcyLWFiNzMtNTI4N2FmYzEwZTY4
LzEvOXhQWDM0QlhDOHo3SnplVDhBcGRSc2hUNUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANlaf7O5c
jmKXGGeR6asjHK26Xyrpg3aF1HSM7ekMeskIplJrHRdOS+KRbPxspVC0oJ+gDMnP
EqPJNYUfL1tdfVqKnymjLl/oNMcIu+E/sXHBK9ygfsdhqP4/lIVhjZWA4/Zgwdfz
TuDAtlfk/eklLt7aegDWHBrQU1epviIDV0SAbAwGpqCxJDtzQCUsCzykhrvgiYPG
+6BzSNMZbO81v6TwI7lI/9U2eP2oaM6GRklPDKOTz3hcAjFFEbv/SNYMT89uRO0d
RZ+/DTwQit0N7EnDgxtIpbIQM8urTmAAuGYO/qSXsuVXchGa3vBVM8MwaKDFiioj
BAoVGT5M4/AH1w==
-----END CERTIFICATE-----