Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
File:                     XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft (raw, json)
Hash identifier:          kt+tsidH3s2gvA6nRWrmwjkFwrT6JYorSox5Gzk1ORk=
Subject key identifier:   52:91:83:E2:C4:D9:DF:FC:3F:D7:B1:C9:C4:28:11:54:6F:88:28:DF
Authority key identifier: 5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A
Certificate issuer:       /CN=5e5214158af310ffa9c315298343f4c3e66aec9a
Certificate serial:       01968210142A2842DEA935859DFEB062C175
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
Manifest number:          0561
Signing time:             Tue 29 Apr 2025 15:00:13 +0000
Manifest this update:     Tue 29 Apr 2025 15:00:13 +0000
Manifest next update:     Wed 30 Apr 2025 15:00:13 +0000
Files and hashes:         1: XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl (hash: IdA/Ch+m9pfn9B0vJvRwaBUWa52WjkST6TBfNZVHGaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:14:2a:28:42:de:a9:35:85:9d:fe:b0:62:c1:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5214158af310ffa9c315298343f4c3e66aec9a
        Validity
            Not Before: Apr 29 15:00:13 2025 GMT
            Not After : Apr 30 15:00:13 2025 GMT
        Subject: CN=529183e2c4d9dffc3fd7b1c9c42811546f8828df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:03:df:1d:6b:ce:33:2d:39:35:37:bb:bf:75:
                    3e:d6:7b:df:d7:1b:12:63:c6:b6:36:9c:1a:4c:de:
                    ae:62:1b:07:2d:bb:4e:52:ab:1d:66:fb:d9:44:30:
                    2b:ae:5a:83:53:06:69:21:df:e2:32:1b:ae:6a:62:
                    e7:14:3a:e5:58:cb:50:49:d8:55:c0:27:21:fd:1b:
                    13:16:cd:58:56:ca:d5:ce:b3:e7:87:e7:3f:e5:bf:
                    f0:1c:75:3b:d4:56:58:ce:b2:96:52:94:d6:6a:3c:
                    9f:fb:83:9d:c6:1f:73:5d:af:1c:f8:c7:c8:62:11:
                    5a:b5:a6:c9:17:98:1a:d3:27:08:8e:f2:6b:06:4f:
                    23:bc:37:a2:c1:09:bd:d6:5e:2d:1d:24:22:3b:b5:
                    10:c1:1b:98:d6:f2:05:f9:8b:87:a3:2c:e8:4d:e7:
                    2c:16:e3:b8:08:36:b4:0c:e6:d4:af:5a:ce:0e:a9:
                    e5:04:32:18:87:ed:03:0c:b9:4b:ce:0c:d0:42:c3:
                    d2:e5:32:36:d6:79:06:15:f1:94:4f:af:44:0c:a7:
                    43:1c:4c:55:70:60:ac:16:9f:20:e0:8e:72:a0:e2:
                    7d:0b:d7:24:eb:40:97:b1:2c:64:37:89:c7:33:6b:
                    f0:8d:b2:4e:98:9f:84:31:9c:e2:5f:bd:65:02:8e:
                    9b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:91:83:E2:C4:D9:DF:FC:3F:D7:B1:C9:C4:28:11:54:6F:88:28:DF
            X509v3 Authority Key Identifier:
                keyid:5E:52:14:15:8A:F3:10:FF:A9:C3:15:29:83:43:F4:C3:E6:6A:EC:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a992fe-c1cf-4de8-bbb0-f96f6f769838/1/XlIUFYrzEP-pwxUpg0P0w-Zq7Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:33:65:12:db:e1:e2:17:bb:26:b2:ff:a4:2e:c2:4d:5b:d1:
         8c:eb:da:9f:4b:74:33:b2:57:b9:99:cb:08:02:6b:61:17:1b:
         4f:cb:99:4e:85:8a:82:d2:ad:b2:71:6c:e1:62:07:1e:af:f5:
         fb:88:08:b2:e4:01:ad:e5:1d:fa:75:21:fa:4e:7a:61:86:72:
         b9:56:5d:70:45:02:59:eb:19:aa:35:a4:ab:52:e0:53:08:ff:
         be:93:e9:18:65:1d:da:98:05:c3:d7:d9:fd:b7:73:c3:09:e2:
         79:53:52:12:30:ba:4c:2f:0d:39:97:0a:17:d3:14:9d:b6:70:
         13:63:63:5e:c2:3b:09:39:e0:c3:32:eb:5c:79:c1:a6:fa:7b:
         a4:5f:b4:a1:72:a1:b3:7e:9d:5e:23:3f:be:46:52:f7:3b:d8:
         a3:59:80:95:8e:5e:25:3b:fd:c1:bb:ad:0e:d1:30:5f:12:de:
         b9:f7:13:07:b4:c9:f1:73:d5:c9:47:3c:fa:a8:77:cb:ab:20:
         48:6e:fd:cc:04:67:b8:4a:14:b2:68:35:7e:cd:ee:95:5a:ab:
         cc:17:bb:9d:d0:0c:4c:99:59:9c:3b:3d:43:a5:52:84:9e:83:
         4e:62:d6:37:7d:3b:23:3f:6c:3a:f0:38:a8:b0:0b:c7:b8:85:
         b6:fd:27:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEBQqKELeqTWFnf6wYsF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTIxNDE1OGFmMzEwZmZhOWMzMTUyOTgzNDNmNGMzZTY2
YWVjOWEwHhcNMjUwNDI5MTUwMDEzWhcNMjUwNDMwMTUwMDEzWjAzMTEwLwYDVQQD
Eyg1MjkxODNlMmM0ZDlkZmZjM2ZkN2IxYzljNDI4MTE1NDZmODgyOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QPfHWvOMy05NTe7v3U+1nvf1xsS
Y8a2NpwaTN6uYhsHLbtOUqsdZvvZRDArrlqDUwZpId/iMhuuamLnFDrlWMtQSdhV
wCch/RsTFs1YVsrVzrPnh+c/5b/wHHU71FZYzrKWUpTWajyf+4Odxh9zXa8c+MfI
YhFatabJF5ga0ycIjvJrBk8jvDeiwQm91l4tHSQiO7UQwRuY1vIF+YuHoyzoTecs
FuO4CDa0DObUr1rODqnlBDIYh+0DDLlLzgzQQsPS5TI21nkGFfGUT69EDKdDHExV
cGCsFp8g4I5yoOJ9C9ck60CXsSxkN4nHM2vwjbJOmJ+EMZziX71lAo6bLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKRg+LE2d/8P9exycQoEVRviCjfMB8GA1UdIwQY
MBaAFF5SFBWK8xD/qcMVKYND9MPmauyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAt
Zjk2ZjZmNzY5ODM4LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hOTkyZmUtYzFjZi00ZGU4LWJiYjAtZjk2ZjZmNzY5ODM4
LzEvWGxJVUZZcnpFUC1wd3hVcGcwUDB3LVpxN0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzNlEtvh
4he7JrL/pC7CTVvRjOvan0t0M7JXuZnLCAJrYRcbT8uZToWKgtKtsnFs4WIHHq/1
+4gIsuQBreUd+nUh+k56YYZyuVZdcEUCWesZqjWkq1LgUwj/vpPpGGUd2pgFw9fZ
/bdzwwnieVNSEjC6TC8NOZcKF9MUnbZwE2NjXsI7CTngwzLrXHnBpvp7pF+0oXKh
s36dXiM/vkZS9zvYo1mAlY5eJTv9wbutDtEwXxLeufcTB7TJ8XPVyUc8+qh3y6sg
SG79zARnuEoUsmg1fs3ulVqrzBe7ndAMTJlZnDs9Q6VShJ6DTmLWN307Iz9sOvA4
qLALx7iFtv0naA==
-----END CERTIFICATE-----