Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          rxY9SrjiEDHB878bbSIwgsNJFiWumrEs5ND43X/4uAA=
Subject key identifier:   F0:C0:BA:FC:F9:E0:6F:31:7F:86:58:44:4A:50:A5:BF:EB:DA:30:FE
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019681A2454D3B6D52C57E14114B5F5777ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          1513
Signing time:             Tue 29 Apr 2025 13:00:17 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:17 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:17 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: nEfoetRgcQfs6b7/pIKjlNwjJjMAq8zAyAa4uU17xno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:45:4d:3b:6d:52:c5:7e:14:11:4b:5f:57:77:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Apr 29 13:00:17 2025 GMT
            Not After : Apr 30 13:00:17 2025 GMT
        Subject: CN=f0c0bafcf9e06f317f8658444a50a5bfebda30fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e5:d2:98:e4:19:11:9a:d0:43:fa:4d:2b:f4:
                    53:4e:c7:68:c0:f0:f6:c2:4b:89:31:0d:e3:0e:b8:
                    77:17:46:02:3f:99:64:79:bb:af:e2:d4:45:94:70:
                    49:0c:5b:0e:b5:94:5e:e2:1e:db:e7:50:a7:f5:1b:
                    11:c3:b0:0e:8c:3a:88:4a:09:3b:87:e2:b1:b7:f7:
                    83:a5:30:b7:e3:60:01:2c:35:6b:08:d5:a5:dc:b2:
                    b1:59:19:df:bd:97:2a:c5:a1:5e:e7:f4:7a:06:20:
                    fc:29:67:b6:3c:1f:36:e9:f5:76:f2:fc:d1:4b:6c:
                    e4:e9:6f:24:0c:48:12:34:6c:4a:dc:be:26:dc:35:
                    93:17:87:8f:53:6b:99:0e:94:a8:0d:e8:b1:b3:f8:
                    9c:62:4d:65:57:c5:e2:5a:7a:0f:10:63:8b:2a:89:
                    ab:1f:ee:fe:2c:b8:f9:8b:28:95:89:2f:11:b7:87:
                    80:97:60:a2:c4:eb:18:c3:3d:0b:9c:21:dc:89:06:
                    a7:41:97:23:91:d1:bb:f6:bd:39:7c:fb:91:ab:1c:
                    0e:05:54:47:b6:a9:a4:b5:40:a8:79:79:ba:bb:d8:
                    73:e8:9a:42:72:95:23:f3:1f:22:0e:31:83:96:b2:
                    93:e1:a2:eb:2d:77:d7:a8:4a:e8:d6:4f:60:13:91:
                    59:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C0:BA:FC:F9:E0:6F:31:7F:86:58:44:4A:50:A5:BF:EB:DA:30:FE
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:a6:6e:be:b2:67:bd:1c:16:62:fc:11:27:3e:99:b1:16:76:
         48:4d:ed:b8:e9:bd:c6:29:84:02:c8:9d:1e:18:ac:90:4b:e7:
         b6:02:c9:52:20:ef:43:82:d5:16:be:e7:3b:11:dc:3b:f9:1e:
         97:54:6e:6c:56:23:3a:ff:48:f0:20:49:a1:c1:9b:ec:df:95:
         1e:5b:62:fb:7a:ac:f6:33:e7:5c:39:23:1d:1d:67:82:bf:f9:
         8d:8c:44:7a:37:32:54:a9:7c:30:0f:1a:dd:f2:3f:0d:40:af:
         03:31:8b:dd:f6:26:f5:ee:c7:de:dd:89:c4:b5:76:ac:09:d2:
         ea:ca:1d:09:5d:b7:10:97:ed:17:c4:1d:11:75:af:f5:2d:3c:
         39:c5:7d:d1:36:f4:31:d6:60:68:17:fa:97:49:04:9f:dd:19:
         f1:4b:c1:35:23:c6:30:d6:51:92:e8:c7:3b:3d:4b:37:d8:7a:
         ea:01:0d:ce:18:ae:ec:ec:b0:dd:63:f2:da:8b:6e:d6:35:ca:
         e7:3b:54:b1:83:47:6d:83:52:41:75:8a:b2:da:18:41:9b:ae:
         00:28:ed:56:b5:29:9c:ef:90:72:33:a2:91:de:8e:5c:5a:20:
         c9:0e:0d:32:8a:32:af:3f:7a:95:5d:d0:fc:e3:fe:30:ce:0a:
         f9:a3:14:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBokVNO21SxX4UEUtfV3ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUwNDI5MTMwMDE3WhcNMjUwNDMwMTMwMDE3WjAzMTEwLwYDVQQD
EyhmMGMwYmFmY2Y5ZTA2ZjMxN2Y4NjU4NDQ0YTUwYTViZmViZGEzMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+XSmOQZEZrQQ/pNK/RTTsdowPD2
wkuJMQ3jDrh3F0YCP5lkebuv4tRFlHBJDFsOtZRe4h7b51Cn9RsRw7AOjDqISgk7
h+Kxt/eDpTC342ABLDVrCNWl3LKxWRnfvZcqxaFe5/R6BiD8KWe2PB826fV28vzR
S2zk6W8kDEgSNGxK3L4m3DWTF4ePU2uZDpSoDeixs/icYk1lV8XiWnoPEGOLKomr
H+7+LLj5iyiViS8Rt4eAl2CixOsYwz0LnCHciQanQZcjkdG79r05fPuRqxwOBVRH
tqmktUCoeXm6u9hz6JpCcpUj8x8iDjGDlrKT4aLrLXfXqEro1k9gE5FZvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDAuvz54G8xf4ZYREpQpb/r2jD+MB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKZuvrJn
vRwWYvwRJz6ZsRZ2SE3tuOm9ximEAsidHhiskEvntgLJUiDvQ4LVFr7nOxHcO/ke
l1RubFYjOv9I8CBJocGb7N+VHlti+3qs9jPnXDkjHR1ngr/5jYxEejcyVKl8MA8a
3fI/DUCvAzGL3fYm9e7H3t2JxLV2rAnS6sodCV23EJftF8QdEXWv9S08OcV90Tb0
MdZgaBf6l0kEn90Z8UvBNSPGMNZRkujHOz1LN9h66gENzhiu7Oyw3WPy2otu1jXK
5ztUsYNHbYNSQXWKstoYQZuuACjtVrUpnO+QcjOikd6OXFogyQ4NMooyrz96lV3Q
/OP+MM4K+aMUag==
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:42:22 2025 by rpki-client