Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
File:                     XHkaG6CbnU01jvBare1_DoXogbY.mft (raw, json)
Hash identifier:          Y16WTnleGD+BH2p/X/EmpvDm+BWouQqzFGFY9kw3twQ=
Subject key identifier:   A1:DE:D1:C3:EB:45:37:8C:C4:3B:D9:45:31:AE:61:38:11:3F:A8:27
Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
Certificate issuer:       /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Certificate serial:       01967F4603636390652CD57FD86E85CFB366
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
Manifest number:          0A50
Signing time:             Tue 29 Apr 2025 02:00:16 +0000
Manifest this update:     Tue 29 Apr 2025 02:00:16 +0000
Manifest next update:     Wed 30 Apr 2025 02:00:16 +0000
Files and hashes:         1: XHkaG6CbnU01jvBare1_DoXogbY.crl (hash: J8DkRzw/D6oRJyfS6ParW8DjDStqUb6Cc8pUsR8mjuU=)
                          2: _GYD1AJUDNposAkJpRDfG9xq6dk.roa (hash: afY5Qh0XccEeUiEofkFyRBQd+JnAG3mTgUzmW0se7YQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 02:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:46:03:63:63:90:65:2c:d5:7f:d8:6e:85:cf:b3:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
        Validity
            Not Before: Apr 29 02:00:16 2025 GMT
            Not After : Apr 30 02:00:16 2025 GMT
        Subject: CN=a1ded1c3eb45378cc43bd94531ae6138113fa827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:33:76:ba:b2:e0:10:5d:d4:45:ea:92:ca:13:
                    8d:13:b1:39:c6:65:27:25:dc:b8:12:d9:18:75:e5:
                    8e:da:70:6f:09:70:bf:4f:9c:66:6b:29:a3:d0:fe:
                    39:f7:5e:57:f5:8d:09:f3:e6:ef:0a:26:73:ab:25:
                    9b:7c:51:5a:f4:0f:05:aa:73:c2:4e:58:11:11:67:
                    49:f4:21:69:1d:5e:2b:c7:cb:7e:bb:1f:c5:63:f8:
                    e0:29:a6:fa:03:54:e9:af:76:88:98:a5:f0:e1:dd:
                    ee:ea:db:ed:d1:fb:68:48:f8:88:06:e9:20:ff:d7:
                    69:f8:e9:79:5a:24:1e:0d:f6:af:15:4e:29:03:85:
                    2d:0e:4a:ef:23:72:be:9d:86:2b:84:71:33:56:bd:
                    39:c9:c0:f2:27:ee:79:d9:0e:a8:bb:84:11:e2:74:
                    d4:44:63:58:99:0a:b3:5f:f9:13:d6:5a:20:2a:82:
                    16:67:76:62:e7:43:a1:ac:77:f0:75:c4:c8:c8:3b:
                    d9:b2:f4:6a:8f:f6:de:a9:3d:08:24:50:ba:5e:9c:
                    e1:5c:f9:24:66:c1:08:55:cb:72:3a:73:9a:23:8f:
                    c2:da:c8:7f:54:62:60:89:11:86:bb:22:47:8b:74:
                    d6:6d:50:b8:36:ce:b5:2c:bb:ba:1f:0f:6e:b4:e7:
                    7f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:DE:D1:C3:EB:45:37:8C:C4:3B:D9:45:31:AE:61:38:11:3F:A8:27
            X509v3 Authority Key Identifier:
                keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:42:d4:d7:8b:75:5b:4b:b2:70:21:d3:92:ec:04:67:55:bc:
         8e:eb:d9:01:c6:50:0e:ec:e5:ab:b4:22:2a:dc:fa:6f:20:51:
         06:da:cc:17:5f:50:08:52:2c:72:f0:35:63:2f:b3:3f:04:bd:
         c7:3d:9c:85:1e:60:60:24:c0:ce:76:41:31:26:e5:32:98:8b:
         e9:22:05:c6:81:0b:ee:56:0a:32:59:05:1a:99:a5:83:20:2d:
         fc:b5:3f:31:ad:ec:6e:09:a5:cb:d3:14:16:cc:f4:ea:51:a8:
         b8:26:d2:f3:87:ae:37:26:b8:59:ad:1d:6d:a4:fb:a3:47:8b:
         da:21:31:0c:8f:3b:fa:32:89:e8:72:22:9a:1e:7c:b5:45:b0:
         83:23:d4:f0:e9:99:aa:f9:da:a5:4d:e3:f5:39:e5:e0:8d:91:
         46:aa:2b:13:47:42:7b:5c:a6:4b:bf:50:27:4d:31:ae:bd:c2:
         ff:5c:9d:df:6b:58:87:95:c9:32:02:c4:39:c1:ad:c6:e9:ea:
         f5:2f:d1:c6:ff:59:34:5e:bd:a4:e8:5e:f4:1e:04:7c:81:ea:
         15:38:0e:2d:93:f5:7f:da:96:fc:c4:20:5a:e1:9f:4c:16:81:
         ab:ad:e1:2a:50:89:59:c7:53:2a:57:82:f3:bc:b7:6b:52:81:
         49:c0:9d:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/RgNjY5BlLNV/2G6Fz7NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl
ODgxYjYwHhcNMjUwNDI5MDIwMDE2WhcNMjUwNDMwMDIwMDE2WjAzMTEwLwYDVQQD
EyhhMWRlZDFjM2ViNDUzNzhjYzQzYmQ5NDUzMWFlNjEzODExM2ZhODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TN2urLgEF3UReqSyhONE7E5xmUn
Jdy4EtkYdeWO2nBvCXC/T5xmaymj0P45915X9Y0J8+bvCiZzqyWbfFFa9A8FqnPC
TlgREWdJ9CFpHV4rx8t+ux/FY/jgKab6A1Tpr3aImKXw4d3u6tvt0ftoSPiIBukg
/9dp+Ol5WiQeDfavFU4pA4UtDkrvI3K+nYYrhHEzVr05ycDyJ+552Q6ou4QR4nTU
RGNYmQqzX/kT1logKoIWZ3Zi50OhrHfwdcTIyDvZsvRqj/beqT0IJFC6XpzhXPkk
ZsEIVctyOnOaI4/C2sh/VGJgiRGGuyJHi3TWbVC4Ns61LLu6Hw9utOd/QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHe0cPrRTeMxDvZRTGuYTgRP6gnMB8GA1UdIwQY
MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct
NjZjNWFlOGEzNmI0LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0
LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHELU14t1
W0uycCHTkuwEZ1W8juvZAcZQDuzlq7QiKtz6byBRBtrMF19QCFIscvA1Yy+zPwS9
xz2chR5gYCTAznZBMSblMpiL6SIFxoEL7lYKMlkFGpmlgyAt/LU/Ma3sbgmly9MU
Fsz06lGouCbS84euNya4Wa0dbaT7o0eL2iExDI87+jKJ6HIimh58tUWwgyPU8OmZ
qvnapU3j9Tnl4I2RRqorE0dCe1ymS79QJ00xrr3C/1yd32tYh5XJMgLEOcGtxunq
9S/Rxv9ZNF69pOhe9B4EfIHqFTgOLZP1f9qW/MQgWuGfTBaBq63hKlCJWcdTKleC
87y3a1KBScCdwg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:46:38 2025 by rpki-client