Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          A2Ll990vW9S8dS5rk5rd1yb6cvYX1B/js7ryKSXjMFQ=
Subject key identifier:   A3:DF:82:12:45:9A:F3:30:E4:9C:D3:70:26:71:CD:74:4B:0A:B2:43
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       01968623E6C8F159492978FA7D2AD3F61CFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          1326
Signing time:             Wed 30 Apr 2025 10:00:21 +0000
Manifest this update:     Wed 30 Apr 2025 10:00:21 +0000
Manifest next update:     Thu 01 May 2025 10:00:21 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: b9dCfsltBYpJjewe8HH915eB8ZOagN3FV7oo/HANN3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 10:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:23:e6:c8:f1:59:49:29:78:fa:7d:2a:d3:f6:1c:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: Apr 30 10:00:21 2025 GMT
            Not After : May  1 10:00:21 2025 GMT
        Subject: CN=a3df8212459af330e49cd3702671cd744b0ab243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:78:aa:f5:8e:59:33:02:43:87:ab:fb:e3:3e:
                    53:0b:06:e1:3b:a9:5b:bb:53:eb:20:7c:86:84:46:
                    df:72:a3:8f:dc:ec:d1:e6:f9:cd:97:73:c9:44:aa:
                    47:9f:7a:2b:d6:95:fe:ff:32:60:04:b3:55:df:23:
                    04:db:82:1c:44:8e:df:c0:c4:f9:62:38:8e:a0:7a:
                    e3:e6:d8:57:86:cf:a1:4b:2e:b1:59:94:66:68:03:
                    9e:df:63:3b:f4:ad:f7:09:bb:73:db:c9:47:89:90:
                    d7:13:ea:2c:80:e6:93:63:36:a1:32:db:d2:52:e5:
                    65:14:81:f1:70:2b:79:0e:13:25:92:6a:7e:2e:62:
                    b7:3a:92:7d:a5:b9:fb:90:44:59:0f:3e:32:bb:92:
                    a2:64:1d:68:ff:30:5b:c5:b1:1a:0d:fc:67:98:f7:
                    04:66:bc:8b:62:99:4a:61:77:fa:0d:9e:a5:ce:13:
                    c8:07:02:94:a0:98:16:49:15:05:8c:3b:05:50:b1:
                    ca:65:10:2b:ee:49:08:6a:a1:f4:f3:b6:d1:84:09:
                    54:79:03:30:28:43:52:86:8b:23:70:85:56:04:ee:
                    f7:e0:77:95:23:2a:03:da:44:3f:77:6d:d4:9b:5c:
                    d4:04:7d:83:10:69:0d:c6:bd:f8:92:fb:c7:1c:41:
                    43:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:DF:82:12:45:9A:F3:30:E4:9C:D3:70:26:71:CD:74:4B:0A:B2:43
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:0e:50:a5:07:b7:ad:6d:6f:b0:99:a6:12:62:26:0f:d6:60:
         01:34:9b:f8:3a:d5:a5:13:dc:96:f2:d7:4e:4e:bc:f0:8a:ea:
         55:0d:12:b0:b0:0b:e4:ef:8d:ac:fa:ae:e6:c1:75:7e:b3:94:
         bf:4b:f6:48:41:37:38:a5:af:01:54:39:20:64:2c:29:5e:2b:
         81:7b:82:c7:ac:d4:72:02:30:f4:47:b7:bf:0b:bb:0b:05:6b:
         12:c7:68:42:6f:ef:ff:a9:d8:59:38:8d:50:19:e5:53:56:02:
         33:38:ae:c2:27:aa:c7:dc:33:4d:d1:92:bd:3e:4a:3d:79:64:
         a2:86:94:e9:16:da:ce:00:15:d1:1e:c6:c6:8c:9a:23:13:08:
         1e:03:70:e2:ed:7d:2d:c4:22:53:d1:9b:fc:2b:ba:7d:c4:0a:
         e1:7c:7c:fc:b3:ce:b5:0e:47:65:d6:64:a4:d0:d8:fe:90:af:
         99:76:a4:71:1e:a7:b8:b9:9f:9f:68:09:09:94:56:45:e0:43:
         73:3c:54:af:1b:33:5d:b1:8a:57:ce:aa:ea:63:1d:89:84:f2:
         dc:0e:26:fc:3a:a7:68:94:32:ef:a7:03:4d:fb:dc:0e:85:c9:
         ac:7b:f2:60:76:6b:9d:09:38:21:28:bf:53:2b:5e:48:d2:b0:
         2a:63:4f:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGI+bI8VlJKXj6fSrT9hz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjUwNDMwMTAwMDIxWhcNMjUwNTAxMTAwMDIxWjAzMTEwLwYDVQQD
EyhhM2RmODIxMjQ1OWFmMzMwZTQ5Y2QzNzAyNjcxY2Q3NDRiMGFiMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHiq9Y5ZMwJDh6v74z5TCwbhO6lb
u1PrIHyGhEbfcqOP3OzR5vnNl3PJRKpHn3or1pX+/zJgBLNV3yME24IcRI7fwMT5
YjiOoHrj5thXhs+hSy6xWZRmaAOe32M79K33Cbtz28lHiZDXE+osgOaTYzahMtvS
UuVlFIHxcCt5DhMlkmp+LmK3OpJ9pbn7kERZDz4yu5KiZB1o/zBbxbEaDfxnmPcE
ZryLYplKYXf6DZ6lzhPIBwKUoJgWSRUFjDsFULHKZRAr7kkIaqH087bRhAlUeQMw
KENShosjcIVWBO734HeVIyoD2kQ/d23Um1zUBH2DEGkNxr34kvvHHEFDzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPfghJFmvMw5JzTcCZxzXRLCrJDMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZA5QpQe3
rW1vsJmmEmImD9ZgATSb+DrVpRPclvLXTk688IrqVQ0SsLAL5O+NrPqu5sF1frOU
v0v2SEE3OKWvAVQ5IGQsKV4rgXuCx6zUcgIw9Ee3vwu7CwVrEsdoQm/v/6nYWTiN
UBnlU1YCMziuwieqx9wzTdGSvT5KPXlkooaU6RbazgAV0R7GxoyaIxMIHgNw4u19
LcQiU9Gb/Cu6fcQK4Xx8/LPOtQ5HZdZkpNDY/pCvmXakcR6nuLmfn2gJCZRWReBD
czxUrxszXbGKV86q6mMdiYTy3A4m/DqnaJQy76cDTfvcDoXJrHvyYHZrnQk4ISi/
UyteSNKwKmNPtQ==
-----END CERTIFICATE-----