Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
File:                     xqnvrGfjS7iro4n_jw16HFZUM_0.mft (raw, json)
Hash identifier:          oKN5muaYMfxGaSCVXW7P99i1BjRl1YGifZZwxZcO5oU=
Subject key identifier:   38:A9:2B:ED:14:53:E1:51:C6:30:21:AE:77:04:6E:40:E5:7D:1D:13
Authority key identifier: C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD
Certificate issuer:       /CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
Certificate serial:       019676B109C7A236F230F5A50118C9E70192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
Manifest number:          0C1B
Signing time:             Sun 27 Apr 2025 10:00:35 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:35 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:35 +0000
Files and hashes:         1: xqnvrGfjS7iro4n_jw16HFZUM_0.crl (hash: LKlrpVi/5B4d2OMfBizkxQeZXJnaO11212xcO/x8DHs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b1:09:c7:a2:36:f2:30:f5:a5:01:18:c9:e7:01:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6a9efac67e34bb8aba389ff8f0d7a1c565433fd
        Validity
            Not Before: Apr 27 10:00:35 2025 GMT
            Not After : Apr 28 10:00:35 2025 GMT
        Subject: CN=38a92bed1453e151c63021ae77046e40e57d1d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:cf:4a:a4:48:b6:05:8d:fc:83:10:6a:8f:be:
                    fa:5f:a1:0d:c8:24:9c:c2:bf:d1:b3:e7:77:81:43:
                    99:82:bf:7e:cf:bf:88:f3:98:75:6f:2b:00:53:9c:
                    f3:65:c9:02:7c:72:a9:25:8e:ae:84:d0:ff:d0:6e:
                    a1:70:eb:92:0c:af:73:2b:53:67:44:fa:e4:06:ee:
                    0e:17:06:da:91:a8:2e:52:d1:df:e1:8d:68:41:97:
                    65:12:72:a8:e9:b3:73:f6:ef:e2:9c:81:08:64:8f:
                    ee:60:8c:43:4a:74:dc:00:0f:97:8d:73:9d:bc:2a:
                    bc:0c:64:6d:dd:8e:a1:d3:73:f6:56:21:72:d3:90:
                    a1:08:16:8b:2e:94:97:6a:fa:4a:3a:e6:af:c4:e1:
                    06:0f:cd:0f:22:04:90:e8:02:10:3c:1d:2b:e5:b7:
                    c7:8f:75:3a:74:5f:3b:0f:6f:d2:0b:be:fa:aa:72:
                    30:02:7c:f9:64:fc:54:64:53:bc:31:c7:3c:fa:26:
                    3d:f5:f7:1c:dd:ef:10:38:e8:3e:d7:fc:d4:42:e1:
                    00:cd:f5:4d:13:d2:fb:9b:45:d2:86:83:be:b2:47:
                    ef:63:88:ed:6a:b1:0e:1e:e5:82:44:fa:8b:fb:51:
                    5a:6c:2b:f5:76:11:a0:0b:12:09:5d:cf:09:2f:d4:
                    cd:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A9:2B:ED:14:53:E1:51:C6:30:21:AE:77:04:6E:40:E5:7D:1D:13
            X509v3 Authority Key Identifier:
                keyid:C6:A9:EF:AC:67:E3:4B:B8:AB:A3:89:FF:8F:0D:7A:1C:56:54:33:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqnvrGfjS7iro4n_jw16HFZUM_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ea71c4-3d5e-4e68-8779-dc33942ca197/1/xqnvrGfjS7iro4n_jw16HFZUM_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:46:02:b5:57:08:b3:e7:fe:f6:78:f6:cf:6a:67:97:b3:f2:
         57:14:61:79:3c:e3:54:70:cb:4b:b9:4e:8a:49:19:ce:8c:83:
         c3:85:e5:92:be:fe:44:bc:83:2e:79:e5:b6:f4:1f:e0:50:59:
         04:ba:20:29:03:d2:7a:e9:9e:0e:6d:58:44:5c:3b:00:b5:54:
         92:5e:fb:2f:9b:60:55:61:6d:ec:50:ed:88:b7:ba:e4:16:2c:
         17:bd:32:df:0b:64:06:66:5f:21:38:21:d8:8f:a1:a1:88:6b:
         26:ab:ec:83:d6:1d:78:79:6d:4b:7b:2e:1d:ac:28:de:41:01:
         0a:b3:f5:60:de:21:94:60:68:b9:d1:77:57:26:68:a0:b1:ac:
         4d:c6:0b:b9:04:e9:01:cc:b1:a6:75:ae:b9:e7:cb:a1:d2:9c:
         bd:d1:78:c2:a8:21:71:c0:45:e6:7b:3f:70:ec:f0:a8:9a:65:
         c4:d5:4c:cc:f7:23:48:33:e7:df:e6:1a:85:8c:0a:97:b2:ec:
         0a:58:17:12:fe:92:6c:96:a4:c7:83:35:39:c0:71:7e:c3:ec:
         f4:dc:18:ee:93:16:69:ca:03:e6:ea:f8:c1:80:d7:f6:5b:87:
         73:23:0c:2b:c2:d6:48:47:63:f3:c7:ba:60:11:27:81:d2:95:
         36:37:2f:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sQnHojbyMPWlARjJ5wGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTllZmFjNjdlMzRiYjhhYmEzODlmZjhmMGQ3YTFjNTY1
NDMzZmQwHhcNMjUwNDI3MTAwMDM1WhcNMjUwNDI4MTAwMDM1WjAzMTEwLwYDVQQD
EygzOGE5MmJlZDE0NTNlMTUxYzYzMDIxYWU3NzA0NmU0MGU1N2QxZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA589KpEi2BY38gxBqj776X6ENyCSc
wr/Rs+d3gUOZgr9+z7+I85h1bysAU5zzZckCfHKpJY6uhND/0G6hcOuSDK9zK1Nn
RPrkBu4OFwbakaguUtHf4Y1oQZdlEnKo6bNz9u/inIEIZI/uYIxDSnTcAA+XjXOd
vCq8DGRt3Y6h03P2ViFy05ChCBaLLpSXavpKOuavxOEGD80PIgSQ6AIQPB0r5bfH
j3U6dF87D2/SC776qnIwAnz5ZPxUZFO8Mcc8+iY99fcc3e8QOOg+1/zUQuEAzfVN
E9L7m0XShoO+skfvY4jtarEOHuWCRPqL+1FabCv1dhGgCxIJXc8JL9TNMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDipK+0UU+FRxjAhrncEbkDlfR0TMB8GA1UdIwQY
MBaAFMap76xn40u4q6OJ/48NehxWVDP9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3Nzkt
ZGMzMzk0MmNhMTk3LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYTcxYzQtM2Q1ZS00ZTY4LTg3NzktZGMzMzk0MmNhMTk3
LzEveHFudnJHZmpTN2lybzRuX2p3MTZIRlpVTV8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPEYCtVcI
s+f+9nj2z2pnl7PyVxRheTzjVHDLS7lOikkZzoyDw4Xlkr7+RLyDLnnltvQf4FBZ
BLogKQPSeumeDm1YRFw7ALVUkl77L5tgVWFt7FDtiLe65BYsF70y3wtkBmZfITgh
2I+hoYhrJqvsg9YdeHltS3suHawo3kEBCrP1YN4hlGBoudF3VyZooLGsTcYLuQTp
AcyxpnWuuefLodKcvdF4wqghccBF5ns/cOzwqJplxNVMzPcjSDPn3+YahYwKl7Ls
ClgXEv6SbJakx4M1OcBxfsPs9NwY7pMWacoD5ur4wYDX9luHcyMMK8LWSEdj88e6
YBEngdKVNjcvZQ==
-----END CERTIFICATE-----