Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          t5SzWc3YQLi+D+u0ytFnFNdL150dwVwEF8yCPAiuDNU=
Subject key identifier:   95:F7:56:3D:8F:F7:66:0E:D6:B9:92:1A:ED:8A:09:14:63:1F:F1:28
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019674FA39882E4A26535DC419AD5ED2FCCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          05A9
Signing time:             Sun 27 Apr 2025 02:01:17 +0000
Manifest this update:     Sun 27 Apr 2025 02:01:17 +0000
Manifest next update:     Mon 28 Apr 2025 02:01:17 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: CFe9HGl38apNL8LoQj/LCw8axDFAYFNb+8wy45QX9KY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:fa:39:88:2e:4a:26:53:5d:c4:19:ad:5e:d2:fc:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Apr 27 02:01:17 2025 GMT
            Not After : Apr 28 02:01:17 2025 GMT
        Subject: CN=95f7563d8ff7660ed6b9921aed8a0914631ff128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7c:75:58:57:c5:e9:87:47:1a:31:a5:16:e7:
                    ba:de:31:36:35:2a:52:7b:54:94:39:ba:77:8b:23:
                    bd:b2:8e:e8:d9:ca:2d:a8:f9:13:82:35:41:6f:04:
                    b5:bb:99:a9:e2:5e:82:20:47:90:b7:61:f5:7b:f6:
                    e3:d7:8f:7f:e6:09:24:0b:26:da:b5:80:f8:90:c6:
                    9f:4b:3e:02:e8:b6:e9:76:04:c7:73:46:8b:36:4d:
                    c5:8a:4a:d3:49:a6:32:12:4c:ae:ad:d7:db:d7:28:
                    b8:6c:f9:49:0d:24:b7:41:4f:e8:e1:24:8c:7d:b1:
                    dc:b1:22:af:27:35:33:0b:bf:f7:78:f9:c3:ab:f6:
                    72:1b:c7:4a:1c:52:e1:0f:f6:69:50:1d:89:3b:2c:
                    dc:c1:84:32:48:e3:13:13:26:66:0f:f8:2c:c9:70:
                    fa:fd:22:92:34:71:e3:6a:b3:5a:dd:d2:38:36:67:
                    51:fd:d9:30:0f:eb:00:2a:1a:28:2c:87:ea:fa:a4:
                    00:86:59:4d:88:47:d2:a5:97:b7:d3:72:02:ad:c9:
                    c8:83:e8:86:39:a7:eb:35:a3:08:63:1a:77:12:83:
                    a2:ea:f5:80:0b:68:9a:c8:e0:ab:35:59:35:a9:29:
                    4f:e0:6b:a3:b3:3e:b9:a1:24:ff:a6:ef:63:de:dd:
                    59:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:F7:56:3D:8F:F7:66:0E:D6:B9:92:1A:ED:8A:09:14:63:1F:F1:28
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:84:62:59:82:ff:f6:82:ae:00:ff:90:8a:6c:d8:7b:3b:56:
         bf:e0:d5:d5:ae:68:cd:b7:64:34:82:aa:ab:79:df:70:af:21:
         9a:b9:80:17:cc:e0:38:1d:47:4e:53:66:da:a0:89:11:7a:a2:
         f2:26:e4:bb:69:cc:ea:9a:6d:08:17:e1:93:9b:d9:4d:75:ba:
         7d:e8:ed:e2:40:b4:97:56:07:68:3d:11:c8:e2:be:67:a8:68:
         a3:ee:b8:38:15:af:5b:af:0e:f2:04:98:05:b6:86:d0:56:78:
         c2:ce:fc:34:60:3f:8d:88:1e:14:78:99:4f:70:9d:c5:b3:30:
         25:97:56:29:79:38:58:1d:c4:d9:8e:5d:2d:d3:34:20:6b:6a:
         44:8e:09:53:0c:97:fc:38:1c:ae:70:94:a9:bb:8d:30:d0:7c:
         11:04:10:bc:00:f4:6f:b3:19:a5:18:b3:73:8f:98:78:c1:0b:
         2c:62:82:ec:65:fa:e7:fe:fb:5a:06:b9:e0:46:7c:59:00:39:
         d0:f7:5b:18:05:7c:bd:48:08:53:70:04:53:07:f6:94:cc:15:
         ad:cd:a2:af:7b:99:96:ca:a0:d9:50:91:dc:6b:46:29:05:fc:
         7c:a5:18:77:53:f5:cc:0f:45:ad:9a:2a:81:20:65:2e:5a:2a:
         21:9d:c9:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0+jmILkomU13EGa1e0vzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjUwNDI3MDIwMTE3WhcNMjUwNDI4MDIwMTE3WjAzMTEwLwYDVQQD
Eyg5NWY3NTYzZDhmZjc2NjBlZDZiOTkyMWFlZDhhMDkxNDYzMWZmMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHx1WFfF6YdHGjGlFue63jE2NSpS
e1SUObp3iyO9so7o2cotqPkTgjVBbwS1u5mp4l6CIEeQt2H1e/bj149/5gkkCyba
tYD4kMafSz4C6LbpdgTHc0aLNk3FikrTSaYyEkyurdfb1yi4bPlJDSS3QU/o4SSM
fbHcsSKvJzUzC7/3ePnDq/ZyG8dKHFLhD/ZpUB2JOyzcwYQySOMTEyZmD/gsyXD6
/SKSNHHjarNa3dI4NmdR/dkwD+sAKhooLIfq+qQAhllNiEfSpZe303ICrcnIg+iG
OafrNaMIYxp3EoOi6vWAC2iayOCrNVk1qSlP4Gujsz65oST/pu9j3t1ZZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJX3Vj2P92YO1rmSGu2KCRRjH/EoMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqoRiWYL/
9oKuAP+QimzYeztWv+DV1a5ozbdkNIKqq3nfcK8hmrmAF8zgOB1HTlNm2qCJEXqi
8ibku2nM6pptCBfhk5vZTXW6fejt4kC0l1YHaD0RyOK+Z6hoo+64OBWvW68O8gSY
BbaG0FZ4ws78NGA/jYgeFHiZT3CdxbMwJZdWKXk4WB3E2Y5dLdM0IGtqRI4JUwyX
/DgcrnCUqbuNMNB8EQQQvAD0b7MZpRizc4+YeMELLGKC7GX65/77Wga54EZ8WQA5
0PdbGAV8vUgIU3AEUwf2lMwVrc2ir3uZlsqg2VCR3GtGKQX8fKUYd1P1zA9FrZoq
gSBlLloqIZ3JqQ==
-----END CERTIFICATE-----