Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          1gSjnbu9wkEWoiEGcNUdTO1sS+gkWRM7nZ1XHlgSIg8=
Subject key identifier:   96:D0:85:FB:9B:6F:7A:90:84:CF:A6:E4:CD:44:E3:95:B6:98:2F:B4
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019768BBDBE15A915C233D690EA96E40EAA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          0741
Signing time:             Fri 13 Jun 2025 10:00:31 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:31 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:31 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: ib0BSa6riGfcjeooM/w93QLDCtIE88O4D0HkNGRyp6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:db:e1:5a:91:5c:23:3d:69:0e:a9:6e:40:ea:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Jun 13 10:00:31 2025 GMT
            Not After : Jun 14 10:00:31 2025 GMT
        Subject: CN=96d085fb9b6f7a9084cfa6e4cd44e395b6982fb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6c:f9:ef:40:ff:e1:82:c2:ba:36:22:bf:bc:
                    6a:94:f4:24:4f:4d:33:d9:59:51:5c:b1:aa:5e:ab:
                    fb:03:dd:36:44:e8:c6:0f:c3:24:12:b4:c5:3c:7d:
                    be:d8:14:9e:26:57:02:6f:1c:04:8d:f2:1a:54:1b:
                    61:e5:2e:11:1a:33:b4:d2:b8:e5:c9:59:c4:cb:ed:
                    20:64:dd:25:a9:92:81:13:de:f3:99:ce:83:bd:e0:
                    01:5a:09:13:15:fe:d2:1e:10:6f:8e:03:37:35:02:
                    28:1e:21:58:38:b7:64:46:d7:62:cc:8b:34:5f:e9:
                    45:47:4c:13:16:12:36:53:ab:48:3a:f7:7f:ae:ef:
                    f7:73:c8:b1:66:c6:f9:fe:e4:75:1f:ad:1c:5f:fb:
                    0f:86:ba:4f:bc:8f:ae:18:c4:8a:9f:36:e6:3b:00:
                    bf:52:03:ca:46:36:aa:46:b9:ea:48:3f:56:b4:7d:
                    a5:6d:ca:87:0a:aa:97:34:c6:5d:55:11:bc:5e:2d:
                    38:c0:e9:d0:f2:f3:3c:86:2a:e9:89:3b:e2:c7:aa:
                    71:5a:12:9c:12:6a:47:50:ed:6f:d3:3f:60:3a:e9:
                    f3:59:d2:53:44:8d:e3:5d:fd:8b:07:9c:84:b8:3e:
                    35:96:39:32:e5:b4:49:ec:78:a5:72:c2:5b:a2:40:
                    1d:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D0:85:FB:9B:6F:7A:90:84:CF:A6:E4:CD:44:E3:95:B6:98:2F:B4
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:f4:77:f1:91:2b:ee:d9:27:8b:a7:52:c2:7e:4d:26:3d:15:
         b5:c2:f3:50:13:95:f1:4c:cf:a2:76:2d:39:3b:fe:df:30:91:
         0e:bd:f7:fc:00:16:12:2b:b4:dd:35:cf:3c:75:f0:c2:fe:a9:
         2f:d6:9a:e9:fe:08:90:a3:08:8e:2e:5c:0a:95:cd:98:d7:03:
         f3:59:68:28:92:b7:75:b1:db:63:8b:20:17:79:e6:bf:03:58:
         f4:52:4f:76:54:96:b6:c1:31:e6:dc:d0:b0:c8:a0:e5:39:2b:
         41:bf:15:91:d3:ae:66:de:3a:82:19:cc:27:33:70:1d:1b:e3:
         9c:6b:2c:e4:8a:02:0e:94:12:37:e8:34:ba:28:4c:77:d8:66:
         f9:94:d9:f3:f6:30:5c:7e:cd:52:f0:aa:72:97:7d:8d:7d:1e:
         1c:c2:8e:e7:0e:32:97:d9:dc:b6:6b:bc:55:ce:6c:96:bc:56:
         a7:2e:60:db:2d:13:08:f3:85:fa:46:22:d3:eb:69:2a:1d:24:
         b2:51:50:65:d5:19:7a:df:53:5c:22:cc:03:7a:51:39:51:13:
         5c:57:07:3e:03:6a:fb:c0:93:9a:49:cc:08:73:77:40:34:9f:
         99:1a:94:34:37:7e:7a:ba:36:1a:95:3c:e0:e7:52:7b:27:5b:
         99:5d:53:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou9vhWpFcIz1pDqluQOqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUwNjEzMTAwMDMxWhcNMjUwNjE0MTAwMDMxWjAzMTEwLwYDVQQD
Eyg5NmQwODVmYjliNmY3YTkwODRjZmE2ZTRjZDQ0ZTM5NWI2OTgyZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2z570D/4YLCujYiv7xqlPQkT00z
2VlRXLGqXqv7A902ROjGD8MkErTFPH2+2BSeJlcCbxwEjfIaVBth5S4RGjO00rjl
yVnEy+0gZN0lqZKBE97zmc6DveABWgkTFf7SHhBvjgM3NQIoHiFYOLdkRtdizIs0
X+lFR0wTFhI2U6tIOvd/ru/3c8ixZsb5/uR1H60cX/sPhrpPvI+uGMSKnzbmOwC/
UgPKRjaqRrnqSD9WtH2lbcqHCqqXNMZdVRG8Xi04wOnQ8vM8hirpiTvix6pxWhKc
EmpHUO1v0z9gOunzWdJTRI3jXf2LB5yEuD41ljky5bRJ7HilcsJbokAdlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbQhfubb3qQhM+m5M1E45W2mC+0MB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfR38ZEr
7tkni6dSwn5NJj0VtcLzUBOV8UzPonYtOTv+3zCRDr33/AAWEiu03TXPPHXwwv6p
L9aa6f4IkKMIji5cCpXNmNcD81loKJK3dbHbY4sgF3nmvwNY9FJPdlSWtsEx5tzQ
sMig5TkrQb8VkdOuZt46ghnMJzNwHRvjnGss5IoCDpQSN+g0uihMd9hm+ZTZ8/Yw
XH7NUvCqcpd9jX0eHMKO5w4yl9nctmu8Vc5slrxWpy5g2y0TCPOF+kYi0+tpKh0k
slFQZdUZet9TXCLMA3pROVETXFcHPgNq+8CTmknMCHN3QDSfmRqUNDd+ero2GpU8
4OdSeydbmV1TBg==
-----END CERTIFICATE-----