Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          AIaXR9wlwxu1rEHT+XG8JjQ0yaPVlzqBPtEUYwRqS7k=
Subject key identifier:   C9:54:AF:83:E9:63:AE:61:E6:E8:3D:4B:A6:00:81:EE:12:C5:78:93
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019683911430EB09D892EE458455F1E1A56D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          1514
Signing time:             Tue 29 Apr 2025 22:00:45 +0000
Manifest this update:     Tue 29 Apr 2025 22:00:45 +0000
Manifest next update:     Wed 30 Apr 2025 22:00:45 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: D0SfUvtSa/ErJLe6p8VYke5Dj+GLUM6IHu5vSugqA34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:91:14:30:eb:09:d8:92:ee:45:84:55:f1:e1:a5:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Apr 29 22:00:45 2025 GMT
            Not After : Apr 30 22:00:45 2025 GMT
        Subject: CN=c954af83e963ae61e6e83d4ba60081ee12c57893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0b:e7:37:d2:80:5e:22:b6:24:b7:9f:8f:7f:
                    9e:87:a6:91:68:0e:90:91:37:89:3c:11:0e:74:2f:
                    29:8f:d2:d9:ba:18:76:d3:91:70:10:b6:09:fe:3e:
                    b6:89:4a:dc:ff:1c:ae:c1:c4:70:a5:61:2e:9b:c5:
                    ff:51:17:b7:97:bb:9b:46:5d:25:06:a2:a1:e1:1e:
                    2e:c4:54:db:55:d9:52:f7:9b:c2:7c:3c:b2:6c:c7:
                    c4:97:76:06:96:b1:6d:16:25:5f:5b:1e:dc:50:80:
                    1e:84:11:59:39:eb:6f:92:23:dd:c8:5c:29:fc:8e:
                    cf:a9:c8:0d:29:be:58:73:c8:4f:55:8b:4c:04:2f:
                    22:f3:cd:80:e7:d2:63:24:dd:75:dd:ea:1c:dd:62:
                    20:38:30:51:1e:e2:87:b4:ff:95:c7:e6:30:05:b4:
                    b7:07:f3:78:5f:be:ac:c1:d0:9a:b4:fa:da:6b:34:
                    9c:2d:4d:ca:3b:2d:41:97:1d:6b:c2:21:a8:40:99:
                    fc:89:d2:a8:12:f6:19:7b:5c:a0:85:38:2c:7d:7f:
                    30:08:bd:a0:af:c7:6a:ef:d1:b3:0e:17:74:16:b0:
                    e3:f7:17:c2:12:5e:8e:c1:14:db:9b:ee:15:4c:80:
                    0d:c0:5f:d4:6e:a1:fa:08:e2:43:db:90:39:ba:b7:
                    25:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:54:AF:83:E9:63:AE:61:E6:E8:3D:4B:A6:00:81:EE:12:C5:78:93
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:08:5e:72:8e:ee:41:43:6b:b5:d8:ad:03:15:ae:da:f6:41:
         3c:08:c2:63:90:c4:ac:ea:5e:42:c6:b4:f2:a6:6a:6b:9a:93:
         5b:65:10:a6:60:03:e1:81:c8:73:f7:0b:d9:e9:27:fe:6c:8e:
         48:17:c0:8b:98:83:2b:e8:f4:29:fb:5b:af:8f:d9:f6:7b:48:
         34:bf:66:78:9e:6f:a7:9f:63:80:aa:45:c4:d2:31:43:f1:c3:
         2a:ad:cf:ee:df:65:ca:08:29:fb:43:2d:88:f0:f8:36:7c:9a:
         99:6f:bb:27:a5:76:66:aa:19:51:e4:f9:5b:2e:55:8f:b2:87:
         7d:90:74:8a:d8:fd:25:31:44:e7:ca:eb:21:cb:4e:53:43:62:
         ef:c4:13:48:70:64:bb:5d:4b:48:91:5f:47:6f:12:bf:1f:92:
         3a:cf:0e:36:62:58:39:ae:73:6f:ca:81:bb:a1:5f:b7:48:f1:
         a2:96:36:63:f3:b1:15:33:e8:03:55:81:28:19:f7:61:0e:e4:
         17:03:5d:64:09:02:5f:0f:49:c4:fe:55:28:65:fb:b2:1b:ae:
         25:cd:26:ae:0e:41:00:bf:c7:35:ae:3c:76:5c:dd:0e:3e:a2:
         01:39:41:64:31:95:3f:de:cc:10:94:72:57:f0:6e:85:dd:59:
         d0:ff:30:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaDkRQw6wnYku5FhFXx4aVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjUwNDI5MjIwMDQ1WhcNMjUwNDMwMjIwMDQ1WjAzMTEwLwYDVQQD
EyhjOTU0YWY4M2U5NjNhZTYxZTZlODNkNGJhNjAwODFlZTEyYzU3ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAvnN9KAXiK2JLefj3+eh6aRaA6Q
kTeJPBEOdC8pj9LZuhh205FwELYJ/j62iUrc/xyuwcRwpWEum8X/URe3l7ubRl0l
BqKh4R4uxFTbVdlS95vCfDyybMfEl3YGlrFtFiVfWx7cUIAehBFZOetvkiPdyFwp
/I7PqcgNKb5Yc8hPVYtMBC8i882A59JjJN113eoc3WIgODBRHuKHtP+Vx+YwBbS3
B/N4X76swdCatPraazScLU3KOy1Blx1rwiGoQJn8idKoEvYZe1yghTgsfX8wCL2g
r8dq79GzDhd0FrDj9xfCEl6OwRTbm+4VTIANwF/UbqH6COJD25A5urclYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlUr4PpY65h5ug9S6YAge4SxXiTMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZAheco7u
QUNrtditAxWu2vZBPAjCY5DErOpeQsa08qZqa5qTW2UQpmAD4YHIc/cL2ekn/myO
SBfAi5iDK+j0Kftbr4/Z9ntINL9meJ5vp59jgKpFxNIxQ/HDKq3P7t9lyggp+0Mt
iPD4NnyamW+7J6V2ZqoZUeT5Wy5Vj7KHfZB0itj9JTFE58rrIctOU0Ni78QTSHBk
u11LSJFfR28Svx+SOs8ONmJYOa5zb8qBu6Fft0jxopY2Y/OxFTPoA1WBKBn3YQ7k
FwNdZAkCXw9JxP5VKGX7shuuJc0mrg5BAL/HNa48dlzdDj6iATlBZDGVP97MEJRy
V/Buhd1Z0P8w7g==
-----END CERTIFICATE-----