Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          1DIjoXLOdLNe60h8j2sGhw66eoViHIJC505w+StVDT8=
Subject key identifier:   6E:37:3A:7B:57:0E:19:AC:61:D3:8C:DF:46:EE:C0:84:56:39:53:C5
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       019674F9CC26B2DF5E3750F7C98AECD5774F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          0AE3
Signing time:             Sun 27 Apr 2025 02:00:49 +0000
Manifest this update:     Sun 27 Apr 2025 02:00:49 +0000
Manifest next update:     Mon 28 Apr 2025 02:00:49 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: rfEhLCmsHLuuuMkNRT+Xrf7unZYoddYD7bjfU7nH39c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:f9:cc:26:b2:df:5e:37:50:f7:c9:8a:ec:d5:77:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Apr 27 02:00:49 2025 GMT
            Not After : Apr 28 02:00:49 2025 GMT
        Subject: CN=6e373a7b570e19ac61d38cdf46eec084563953c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ca:bb:39:b6:e0:0b:24:32:f9:ee:52:9d:c6:
                    d2:ef:be:c2:19:e7:15:d7:d6:fa:0f:a9:c9:8d:62:
                    06:fd:46:66:28:9b:87:f1:20:73:10:c4:af:44:e1:
                    c8:88:a0:1b:b3:ff:ef:73:6e:47:26:69:06:c5:39:
                    c5:9a:0a:4e:43:50:23:b1:fa:33:22:fa:99:f7:c6:
                    06:e7:d8:5a:80:3b:f6:df:aa:e4:f5:b8:4d:09:64:
                    c0:0a:d4:1a:58:03:98:11:21:50:70:c4:e4:fb:8b:
                    23:5f:cc:17:88:53:c3:c5:86:ec:e9:d0:58:e7:10:
                    fe:1e:4c:dc:50:d0:45:f8:c8:76:e9:83:1c:6a:21:
                    06:b1:af:f6:b3:b7:5c:93:ab:b1:f0:5b:58:63:93:
                    cc:70:95:96:b3:58:83:79:99:89:69:0a:88:7a:74:
                    0f:06:41:9b:d7:39:46:ff:52:9e:66:b8:28:53:d0:
                    90:c5:22:b8:3d:fb:ec:19:e6:e9:8b:f2:1f:55:e3:
                    dd:c6:a3:d1:8e:b9:57:87:bd:f8:1b:31:f8:33:f2:
                    43:fa:c2:6f:e6:a9:0f:2e:6a:b1:10:84:56:28:94:
                    58:bd:e5:59:49:3c:84:a0:74:f0:c2:4e:62:27:4e:
                    1e:da:5c:ca:d7:44:23:86:a7:9a:65:96:d1:ac:fc:
                    4d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:37:3A:7B:57:0E:19:AC:61:D3:8C:DF:46:EE:C0:84:56:39:53:C5
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:9b:d4:9e:3e:2c:e2:94:7f:cc:a6:6c:5e:2b:97:da:39:6f:
         ad:c2:ad:2f:92:52:69:63:da:20:b2:dc:c7:84:dd:70:84:e9:
         30:c5:21:6d:5b:60:0d:65:6f:8d:a0:3c:84:83:b2:5a:be:98:
         cb:e1:fd:87:8e:88:07:27:65:b3:0e:cc:dd:6d:ce:8d:e4:93:
         c3:6d:27:99:35:4c:48:b9:b3:3a:23:82:f5:7d:31:02:ac:d6:
         1f:57:99:2e:25:5f:83:dc:1f:cd:bf:67:04:e2:82:24:87:9b:
         91:ae:25:8e:22:8b:da:ec:2a:41:66:9d:e8:c2:2d:9f:3f:41:
         d1:03:1c:23:48:ca:5f:83:11:c0:3e:a7:89:3e:d0:a5:a1:18:
         a6:ff:59:78:b3:f8:2e:73:41:d4:66:a7:86:b1:fb:c6:a8:c6:
         c8:38:9c:00:d7:db:66:19:a1:43:0e:d2:89:f9:94:fe:f2:80:
         0f:34:56:aa:98:5b:65:51:3e:3b:ca:89:bc:e8:0e:c7:b8:3f:
         5c:b2:70:ae:a7:12:2c:7a:48:dd:aa:43:b4:df:de:d8:dc:bb:
         44:7f:54:50:b6:d1:66:c3:f6:d5:8b:21:f2:94:88:2f:0f:1f:
         32:b1:7d:34:62:8e:cc:9d:07:dd:59:88:82:70:c2:5c:41:0e:
         98:97:a5:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0+cwmst9eN1D3yYrs1XdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwNDI3MDIwMDQ5WhcNMjUwNDI4MDIwMDQ5WjAzMTEwLwYDVQQD
Eyg2ZTM3M2E3YjU3MGUxOWFjNjFkMzhjZGY0NmVlYzA4NDU2Mzk1M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMq7ObbgCyQy+e5SncbS777CGecV
19b6D6nJjWIG/UZmKJuH8SBzEMSvROHIiKAbs//vc25HJmkGxTnFmgpOQ1Ajsfoz
IvqZ98YG59hagDv236rk9bhNCWTACtQaWAOYESFQcMTk+4sjX8wXiFPDxYbs6dBY
5xD+HkzcUNBF+Mh26YMcaiEGsa/2s7dck6ux8FtYY5PMcJWWs1iDeZmJaQqIenQP
BkGb1zlG/1KeZrgoU9CQxSK4PfvsGebpi/IfVePdxqPRjrlXh734GzH4M/JD+sJv
5qkPLmqxEIRWKJRYveVZSTyEoHTwwk5iJ04e2lzK10QjhqeaZZbRrPxNgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG43OntXDhmsYdOM30buwIRWOVPFMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5vUnj4s
4pR/zKZsXiuX2jlvrcKtL5JSaWPaILLcx4TdcITpMMUhbVtgDWVvjaA8hIOyWr6Y
y+H9h46IBydlsw7M3W3OjeSTw20nmTVMSLmzOiOC9X0xAqzWH1eZLiVfg9wfzb9n
BOKCJIebka4ljiKL2uwqQWad6MItnz9B0QMcI0jKX4MRwD6niT7QpaEYpv9ZeLP4
LnNB1GanhrH7xqjGyDicANfbZhmhQw7SifmU/vKADzRWqphbZVE+O8qJvOgOx7g/
XLJwrqcSLHpI3apDtN/e2Ny7RH9UULbRZsP21Ysh8pSILw8fMrF9NGKOzJ0H3VmI
gnDCXEEOmJeluw==
-----END CERTIFICATE-----