Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File:                     XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier:          vBKX5t9PuBG0bReujzFs/S76VbFAo6QUcMuMhaHz+3s=
Subject key identifier:   1B:D5:98:16:06:14:8A:72:6D:4C:B5:AF:0B:B6:EE:D3:DF:0E:F5:C2
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer:       /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial:       019677C3BCF9722151D6A1BEE3A78DC16EFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number:          144F
Signing time:             Sun 27 Apr 2025 15:00:38 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:38 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:38 +0000
Files and hashes:         1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: 1KbPVWPQMqJ+ULU7oZDGd1I2vDmMgpGKWziQU9pdMIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:bc:f9:72:21:51:d6:a1:be:e3:a7:8d:c1:6e:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
        Validity
            Not Before: Apr 27 15:00:38 2025 GMT
            Not After : Apr 28 15:00:38 2025 GMT
        Subject: CN=1bd5981606148a726d4cb5af0bb6eed3df0ef5c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:a8:8d:61:41:6a:da:d3:6f:3f:72:19:70:39:
                    e0:af:ca:08:92:a1:51:48:c5:fa:ad:58:9d:73:77:
                    1a:94:42:f8:1f:76:c8:52:b6:15:1e:f9:54:3d:da:
                    38:d8:38:dd:f6:e1:2b:6b:fa:b0:67:c3:e8:92:e2:
                    52:e7:2f:95:b9:2d:07:25:0a:6c:cd:80:85:26:32:
                    52:7a:6f:8e:21:74:c2:8b:83:35:85:66:9c:4f:71:
                    33:93:db:cc:c8:e8:4b:7f:b1:16:75:21:4d:ce:a1:
                    3f:4e:c6:7c:d4:c8:97:88:01:46:0f:95:6f:1a:a6:
                    af:b5:55:20:70:53:2c:a6:f1:e8:60:18:33:68:2e:
                    dd:81:6e:9a:1d:d5:22:b8:cb:8e:ab:a9:86:47:1c:
                    69:37:1d:42:fd:0c:41:6d:c0:54:46:0e:42:05:8c:
                    9a:60:63:c9:ca:f5:36:48:b4:ad:6b:64:89:f3:e3:
                    a0:27:15:76:78:5e:f0:35:e1:49:25:bf:a7:fd:d4:
                    54:4b:71:70:66:21:1f:dd:63:c7:30:ac:f7:86:71:
                    28:5a:d7:22:2c:8c:bb:7e:a5:da:78:69:be:1f:ec:
                    f2:92:0d:be:8d:6c:80:b3:dd:dd:86:5b:1d:59:30:
                    92:3e:09:76:1c:32:ce:36:f0:37:a7:cb:e7:a0:4a:
                    ec:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:D5:98:16:06:14:8A:72:6D:4C:B5:AF:0B:B6:EE:D3:DF:0E:F5:C2
            X509v3 Authority Key Identifier:
                keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:f8:9b:a8:18:56:85:5b:75:4e:49:e9:a4:aa:8d:d8:d2:a6:
         b9:8f:18:3d:3f:6c:62:ac:6d:2c:c7:18:a6:5d:be:19:72:4d:
         16:54:39:ce:df:b9:88:fd:e9:49:ce:c4:63:6d:02:43:7c:34:
         32:de:97:1d:6f:35:bd:30:13:b9:05:b5:3e:ec:f7:ec:93:38:
         af:d4:f4:dc:80:66:12:3d:82:2d:ae:a2:85:57:7f:22:2b:00:
         a7:0f:9b:f5:9d:9d:4f:04:72:eb:38:12:43:3d:25:da:d4:17:
         34:f1:1b:11:32:02:0a:7c:58:8a:44:13:5a:90:a1:cc:52:71:
         94:0b:f6:92:3e:a0:28:a7:3c:da:4b:3d:bd:cf:bb:71:31:f8:
         f2:a3:0e:e4:bc:7b:15:b9:27:1c:b8:a8:34:1e:80:aa:d3:52:
         0e:d6:6e:de:eb:fe:94:5d:12:c4:49:30:a5:26:e9:0e:9e:4c:
         27:e4:8a:a1:74:88:d5:b9:33:88:a1:e9:f5:55:cc:21:11:cd:
         0b:84:58:ef:52:d7:aa:55:14:63:02:c6:74:da:f2:96:30:1e:
         1c:35:53:73:58:b8:56:5b:bd:50:4d:c2:e4:ce:d8:2b:5c:28:
         4c:9c:b9:01:0f:54:b8:c8:6b:d0:da:96:a3:64:29:b5:39:03:
         84:81:30:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w7z5ciFR1qG+46eNwW7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUwNDI3MTUwMDM4WhcNMjUwNDI4MTUwMDM4WjAzMTEwLwYDVQQD
EygxYmQ1OTgxNjA2MTQ4YTcyNmQ0Y2I1YWYwYmI2ZWVkM2RmMGVmNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qiNYUFq2tNvP3IZcDngr8oIkqFR
SMX6rVidc3calEL4H3bIUrYVHvlUPdo42Djd9uEra/qwZ8PokuJS5y+VuS0HJQps
zYCFJjJSem+OIXTCi4M1hWacT3Ezk9vMyOhLf7EWdSFNzqE/TsZ81MiXiAFGD5Vv
GqavtVUgcFMspvHoYBgzaC7dgW6aHdUiuMuOq6mGRxxpNx1C/QxBbcBURg5CBYya
YGPJyvU2SLSta2SJ8+OgJxV2eF7wNeFJJb+n/dRUS3FwZiEf3WPHMKz3hnEoWtci
LIy7fqXaeGm+H+zykg2+jWyAs93dhlsdWTCSPgl2HDLONvA3p8vnoErs8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvVmBYGFIpybUy1rwu27tPfDvXCMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfibqBhW
hVt1TknppKqN2NKmuY8YPT9sYqxtLMcYpl2+GXJNFlQ5zt+5iP3pSc7EY20CQ3w0
Mt6XHW81vTATuQW1Puz37JM4r9T03IBmEj2CLa6ihVd/IisApw+b9Z2dTwRy6zgS
Qz0l2tQXNPEbETICCnxYikQTWpChzFJxlAv2kj6gKKc82ks9vc+7cTH48qMO5Lx7
FbknHLioNB6AqtNSDtZu3uv+lF0SxEkwpSbpDp5MJ+SKoXSI1bkziKHp9VXMIRHN
C4RY71LXqlUUYwLGdNryljAeHDVTc1i4Vlu9UE3C5M7YK1woTJy5AQ9UuMhr0NqW
o2QptTkDhIEwBg==
-----END CERTIFICATE-----