Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          VHSPMWt8r9V3Ggb+ryl5ldXgGFCdD1LSL0z6DfVTVHg=
Subject key identifier:   82:22:9C:AB:53:95:CD:E2:B6:F4:7F:9A:B8:98:32:20:8E:16:68:B8
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       01967567753017263735DD56964673A6B89E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          06C3
Signing time:             Sun 27 Apr 2025 04:00:36 +0000
Manifest this update:     Sun 27 Apr 2025 04:00:36 +0000
Manifest next update:     Mon 28 Apr 2025 04:00:36 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: UmskVoG/s8V31eClwlpakyUlMTsvnNLFm9720YraGuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:75:67:75:30:17:26:37:35:dd:56:96:46:73:a6:b8:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Apr 27 04:00:36 2025 GMT
            Not After : Apr 28 04:00:36 2025 GMT
        Subject: CN=82229cab5395cde2b6f47f9ab89832208e1668b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5a:c9:80:a5:9a:82:e6:cb:b3:67:d5:69:1d:
                    35:d8:38:cb:42:f9:c2:10:dc:87:d9:01:f1:eb:0d:
                    87:f1:72:c8:5c:44:ef:c0:f1:60:6d:d7:38:ce:4e:
                    f0:cd:c9:fa:d8:f4:62:dc:37:91:ce:35:74:1b:61:
                    f1:36:86:12:54:4a:c1:d2:b8:c6:1d:df:52:7b:d8:
                    24:40:5e:7a:93:5d:ff:f5:5e:1b:e9:8e:a8:3c:08:
                    d4:e1:8f:91:27:75:7b:f6:64:47:04:f1:37:17:98:
                    95:7b:bb:6a:f8:4b:b8:09:da:a3:7a:d4:d0:8f:fb:
                    34:a0:7d:8f:65:02:66:3c:e7:aa:da:13:15:1f:69:
                    6b:8a:af:a6:09:75:81:68:4a:51:aa:75:59:0a:7e:
                    2f:85:fc:cd:8d:f0:e8:e4:bb:eb:27:c1:f0:40:fe:
                    9c:69:f4:8f:bc:77:c1:e8:05:92:63:3b:9b:b3:33:
                    c6:6b:c0:15:76:bc:59:bd:0e:60:54:71:dc:84:b3:
                    77:87:74:cc:cf:a7:52:9b:3c:d8:b1:d1:0e:91:a0:
                    a3:bd:ea:ec:3d:3b:88:6a:61:95:bc:f2:07:a3:54:
                    7b:cf:1b:f2:48:35:07:38:d5:62:e7:d1:74:86:b3:
                    4a:1d:69:40:02:f3:ba:de:bd:90:cb:75:a4:b9:7f:
                    80:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:22:9C:AB:53:95:CD:E2:B6:F4:7F:9A:B8:98:32:20:8E:16:68:B8
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:6c:14:4b:7c:bd:d7:0b:5c:ba:56:be:b6:cc:ce:75:db:06:
         03:2d:9e:a2:35:e6:ea:8a:e2:de:38:15:f5:44:bf:66:2c:83:
         fe:55:04:f1:31:a1:74:48:e9:f1:eb:9e:24:b1:bf:d0:47:c4:
         45:f7:f4:74:89:4b:bb:5e:85:e9:ba:78:f4:c2:8a:2b:ea:fa:
         de:76:44:d7:f7:cd:1b:3e:92:f4:6d:52:e2:78:9f:a3:f6:8c:
         03:62:a1:54:5d:e4:01:8b:c4:46:09:0b:0f:19:fd:7a:9d:b9:
         8d:43:81:4c:d1:85:1d:a6:79:a6:c0:72:47:16:6a:5b:69:01:
         ee:7f:72:5d:f5:4b:5c:26:0d:5a:90:0f:8e:b2:25:f5:c9:db:
         c4:59:60:e7:84:1f:3a:e8:43:42:db:9b:bb:26:82:40:5c:e9:
         b3:ee:ef:11:f0:ba:23:cd:e6:df:c7:cb:00:27:ef:08:a6:d1:
         62:92:92:4a:1b:e7:2d:07:e6:d2:57:0d:e4:ad:b2:c6:61:4d:
         ba:f9:2c:ff:e5:f5:ca:b7:ca:53:28:0f:17:00:3b:ce:c1:dc:
         74:3b:85:b3:ab:ff:00:43:48:6a:7e:7c:6e:cb:46:fd:f5:a6:
         93:df:f2:a5:0a:0b:a3:b0:ee:69:6f:75:bc:34:50:43:42:34:
         47:8e:4e:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ1Z3UwFyY3Nd1WlkZzprieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUwNDI3MDQwMDM2WhcNMjUwNDI4MDQwMDM2WjAzMTEwLwYDVQQD
Eyg4MjIyOWNhYjUzOTVjZGUyYjZmNDdmOWFiODk4MzIyMDhlMTY2OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFrJgKWagubLs2fVaR012DjLQvnC
ENyH2QHx6w2H8XLIXETvwPFgbdc4zk7wzcn62PRi3DeRzjV0G2HxNoYSVErB0rjG
Hd9Se9gkQF56k13/9V4b6Y6oPAjU4Y+RJ3V79mRHBPE3F5iVe7tq+Eu4CdqjetTQ
j/s0oH2PZQJmPOeq2hMVH2lriq+mCXWBaEpRqnVZCn4vhfzNjfDo5LvrJ8HwQP6c
afSPvHfB6AWSYzubszPGa8AVdrxZvQ5gVHHchLN3h3TMz6dSmzzYsdEOkaCjvers
PTuIamGVvPIHo1R7zxvySDUHONVi59F0hrNKHWlAAvO63r2Qy3WkuX+A9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIinKtTlc3itvR/mriYMiCOFmi4MB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGwUS3y9
1wtcula+tszOddsGAy2eojXm6ori3jgV9US/ZiyD/lUE8TGhdEjp8eueJLG/0EfE
Rff0dIlLu16F6bp49MKKK+r63nZE1/fNGz6S9G1S4nifo/aMA2KhVF3kAYvERgkL
Dxn9ep25jUOBTNGFHaZ5psByRxZqW2kB7n9yXfVLXCYNWpAPjrIl9cnbxFlg54Qf
OuhDQtubuyaCQFzps+7vEfC6I83m38fLACfvCKbRYpKSShvnLQfm0lcN5K2yxmFN
uvks/+X1yrfKUygPFwA7zsHcdDuFs6v/AENIan58bstG/fWmk9/ypQoLo7DuaW91
vDRQQ0I0R45OXQ==
-----END CERTIFICATE-----