Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          GRtMRAhvtZFchBIp3qL9ANey4ski/mPcjyOlUxhZ/HI=
Subject key identifier:   1C:8F:0D:EF:B1:A2:42:0E:2C:81:42:42:DA:BA:C5:F6:4B:DD:C8:71
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       01967D20E033059BD0AF572A2171313D3585
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          09F5
Signing time:             Mon 28 Apr 2025 16:00:28 +0000
Manifest this update:     Mon 28 Apr 2025 16:00:28 +0000
Manifest next update:     Tue 29 Apr 2025 16:00:28 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: 3eVWey+TyEsQ8Qz24Z+IHH6dj3NAvJ/oX4PDUiS3J5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:20:e0:33:05:9b:d0:af:57:2a:21:71:31:3d:35:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Apr 28 16:00:28 2025 GMT
            Not After : Apr 29 16:00:28 2025 GMT
        Subject: CN=1c8f0defb1a2420e2c814242dabac5f64bddc871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d7:1c:4e:c6:2d:bf:f0:3c:f9:e0:1a:d5:0f:
                    fb:d3:21:f7:fc:e1:ba:95:ae:6b:97:cb:33:b5:a8:
                    ab:0d:66:d3:5b:6d:41:e0:a0:8f:96:74:1c:30:58:
                    c9:cd:d8:7b:20:dc:56:bf:e3:c1:e2:5e:87:2d:90:
                    d0:c7:a2:ec:a6:80:a6:5b:62:4c:10:af:f1:4f:ff:
                    ef:47:0f:63:a2:7d:d1:1a:68:e4:e6:bf:de:f6:55:
                    db:fa:5d:e4:1d:d1:de:4e:8e:ca:a5:86:e0:c6:5e:
                    ec:93:94:f0:d8:25:a4:41:09:23:21:87:55:d0:ed:
                    5b:3e:23:6c:9a:eb:f8:73:46:21:2e:fc:db:d2:f1:
                    ca:5e:2f:ba:ca:ac:40:7e:6a:9d:fc:6e:64:d3:72:
                    4f:ec:f8:03:23:5b:3e:79:d5:61:9b:5e:6e:a9:99:
                    32:64:91:31:bc:c7:96:77:50:ed:45:ef:c4:d1:07:
                    41:16:a8:64:0c:17:a8:86:b8:74:68:2a:79:81:e6:
                    d5:5d:30:bd:50:81:d2:eb:98:fd:89:0e:c3:6d:9a:
                    3f:07:4a:f6:db:e9:87:f7:d5:3b:91:68:fb:d8:72:
                    3b:92:79:18:2f:23:e0:ce:b6:08:26:5d:0b:e7:61:
                    88:67:e2:98:ee:cc:0f:d5:6f:a2:2f:2b:64:a4:06:
                    23:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:8F:0D:EF:B1:A2:42:0E:2C:81:42:42:DA:BA:C5:F6:4B:DD:C8:71
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:ac:c3:cb:b7:bd:8e:8d:0c:c1:8d:63:e0:3d:ce:e4:63:de:
         3c:6d:24:37:a9:01:42:06:e8:8d:60:45:60:5d:d0:88:92:d9:
         ab:f4:6c:fd:7a:55:b9:0f:8f:8c:6b:70:33:42:6f:a6:86:ea:
         58:a5:43:14:27:65:21:80:09:69:52:85:86:64:07:d9:4e:88:
         e2:de:43:d7:30:f9:0a:b2:d7:60:63:cf:1f:b2:b8:8c:38:2d:
         55:e8:8b:2f:a6:58:a7:f3:93:be:51:21:52:87:c4:00:0b:1e:
         8d:8f:95:56:fd:88:d0:d1:41:e1:06:7a:50:36:c0:72:75:a9:
         4d:f9:07:c7:8c:7e:06:13:1d:ee:cd:20:e4:be:03:7b:28:c9:
         87:e5:82:e3:53:54:9b:c8:bb:fc:d4:72:6e:0c:75:75:03:ce:
         6e:0b:97:fa:bb:b2:d2:48:2c:76:cb:9d:fe:45:e1:92:78:62:
         c5:d8:cc:57:89:c5:70:6a:f6:de:2a:24:62:7e:9f:98:39:c4:
         2c:2e:d5:78:c0:45:4b:aa:0c:11:97:ca:ae:1a:c2:05:fa:f7:
         a7:3d:12:6a:3f:ea:ed:77:af:28:30:c5:57:b2:0b:7e:9b:71:
         ff:8c:b7:9b:2e:14:90:98:43:61:b7:d9:49:94:6a:b1:9e:85:
         8e:7c:9f:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9IOAzBZvQr1cqIXExPTWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNDI4MTYwMDI4WhcNMjUwNDI5MTYwMDI4WjAzMTEwLwYDVQQD
EygxYzhmMGRlZmIxYTI0MjBlMmM4MTQyNDJkYWJhYzVmNjRiZGRjODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNccTsYtv/A8+eAa1Q/70yH3/OG6
la5rl8sztairDWbTW21B4KCPlnQcMFjJzdh7INxWv+PB4l6HLZDQx6LspoCmW2JM
EK/xT//vRw9jon3RGmjk5r/e9lXb+l3kHdHeTo7KpYbgxl7sk5Tw2CWkQQkjIYdV
0O1bPiNsmuv4c0YhLvzb0vHKXi+6yqxAfmqd/G5k03JP7PgDI1s+edVhm15uqZky
ZJExvMeWd1DtRe/E0QdBFqhkDBeohrh0aCp5gebVXTC9UIHS65j9iQ7DbZo/B0r2
2+mH99U7kWj72HI7knkYLyPgzrYIJl0L52GIZ+KY7swP1W+iLytkpAYjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByPDe+xokIOLIFCQtq6xfZL3chxMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqzDy7e9
jo0MwY1j4D3O5GPePG0kN6kBQgbojWBFYF3QiJLZq/Rs/XpVuQ+PjGtwM0Jvpobq
WKVDFCdlIYAJaVKFhmQH2U6I4t5D1zD5CrLXYGPPH7K4jDgtVeiLL6ZYp/OTvlEh
UofEAAsejY+VVv2I0NFB4QZ6UDbAcnWpTfkHx4x+BhMd7s0g5L4DeyjJh+WC41NU
m8i7/NRybgx1dQPObguX+ruy0kgsdsud/kXhknhixdjMV4nFcGr23iokYn6fmDnE
LC7VeMBFS6oMEZfKrhrCBfr3pz0Saj/q7XevKDDFV7ILfptx/4y3my4UkJhDYbfZ
SZRqsZ6FjnyffQ==
-----END CERTIFICATE-----