Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
File:                     xrjeVShQrOhfyMDhaFLMc98QFp0.mft (raw, json)
Hash identifier:          ck+rNf9AMbvS62+UQexiCUgghRXNwDR0Bh9IhEy9NRY=
Subject key identifier:   42:1F:58:07:EB:71:59:51:E0:B4:C9:2E:F5:69:42:9A:B0:77:8C:D6
Authority key identifier: C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D
Certificate issuer:       /CN=c6b8de552850ace85fc8c0e16852cc73df10169d
Certificate serial:       019676B11C7E4142114467A4EF598F220CF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
Manifest number:          06E5
Signing time:             Sun 27 Apr 2025 10:00:40 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:40 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:40 +0000
Files and hashes:         1: xrjeVShQrOhfyMDhaFLMc98QFp0.crl (hash: u9TlfHmFxP7Z30h59ekmsG8D5zXAf9Z1vsfa3bRs+SM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b1:1c:7e:41:42:11:44:67:a4:ef:59:8f:22:0c:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6b8de552850ace85fc8c0e16852cc73df10169d
        Validity
            Not Before: Apr 27 10:00:40 2025 GMT
            Not After : Apr 28 10:00:40 2025 GMT
        Subject: CN=421f5807eb715951e0b4c92ef569429ab0778cd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9c:07:c3:d0:53:af:95:90:2b:98:b4:85:2c:
                    f9:cd:66:a6:3f:2e:18:23:4f:ac:4e:1c:2b:09:22:
                    27:ae:ed:86:54:c7:e5:f4:1e:f6:9f:1a:5a:e3:ef:
                    17:52:00:8d:4a:44:2f:0d:77:4a:54:60:9e:19:48:
                    ae:cf:88:25:b4:c6:90:8d:6c:59:44:b2:59:81:7c:
                    db:7c:93:92:96:eb:7d:86:36:6e:35:0f:66:a3:31:
                    29:27:c4:21:e1:46:50:7d:8f:e6:87:b2:81:71:41:
                    b8:f0:59:74:b4:b9:91:2d:c3:f7:3b:40:7a:be:34:
                    9f:ec:82:74:5b:0d:db:e0:35:73:5b:14:f6:05:11:
                    41:a3:ec:ce:4a:66:fb:b1:ab:31:d1:70:a1:04:25:
                    a6:0e:0d:8d:20:e0:c4:6a:6b:7b:23:73:5b:91:ad:
                    48:69:9a:25:a0:a4:e4:14:31:6c:b2:66:3f:2c:55:
                    f8:a9:90:2b:c5:00:0c:b4:49:0d:84:37:96:75:bd:
                    cc:6a:e2:91:ce:af:10:d9:ac:6d:4d:e1:86:51:c5:
                    a4:d9:7e:59:b3:ee:68:98:82:bf:d6:2e:cb:85:02:
                    e4:ba:e0:b3:b7:ab:01:7c:95:f5:02:17:bd:67:65:
                    98:d8:1e:60:84:79:d7:9d:db:2d:89:e6:61:02:b0:
                    06:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:1F:58:07:EB:71:59:51:E0:B4:C9:2E:F5:69:42:9A:B0:77:8C:D6
            X509v3 Authority Key Identifier:
                keyid:C6:B8:DE:55:28:50:AC:E8:5F:C8:C0:E1:68:52:CC:73:DF:10:16:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrjeVShQrOhfyMDhaFLMc98QFp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2f5d91-92ba-402e-be1c-d240d3611058/1/xrjeVShQrOhfyMDhaFLMc98QFp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:b1:5e:8f:26:cd:b0:97:f4:bd:0c:8d:12:41:09:e8:72:08:
         96:4e:f8:4c:0b:b3:1e:7b:e4:cf:00:eb:45:70:0d:e9:73:71:
         45:a4:b6:d5:83:4c:17:2a:3b:28:8d:10:09:28:09:17:99:bb:
         ef:0e:19:c3:6d:88:c5:57:40:04:b1:f9:d4:ed:b9:b3:d0:1e:
         bc:e6:38:6e:c6:67:91:39:a4:57:4d:bc:b3:e3:01:e7:51:d8:
         ae:c6:6c:5a:dc:63:85:ce:65:be:b7:0b:61:f1:cd:91:25:c7:
         eb:1b:0e:18:66:26:46:86:57:07:0d:f9:04:2d:20:54:86:b6:
         6d:36:0e:f9:79:d5:64:64:77:fe:0b:54:cb:13:ba:39:8d:d7:
         55:de:4f:fd:49:25:ee:d0:12:38:eb:5b:fa:20:94:b2:b2:3f:
         74:40:90:c6:58:90:f9:8b:69:f8:4f:aa:9b:14:1d:01:95:bd:
         ea:15:03:e5:e2:90:d8:22:39:d3:11:9e:43:a2:72:45:28:22:
         cd:f6:ae:c4:b4:a0:a5:5e:ff:bc:52:c5:79:3a:37:b5:1c:8f:
         06:41:50:0a:37:d9:9a:c0:df:3b:b4:48:c1:1d:5d:a7:58:e7:
         66:be:2c:ad:00:0c:eb:48:f6:89:5d:89:1b:1b:40:a1:97:6a:
         8e:4e:20:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sRx+QUIRRGek71mPIgz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YjhkZTU1Mjg1MGFjZTg1ZmM4YzBlMTY4NTJjYzczZGYx
MDE2OWQwHhcNMjUwNDI3MTAwMDQwWhcNMjUwNDI4MTAwMDQwWjAzMTEwLwYDVQQD
Eyg0MjFmNTgwN2ViNzE1OTUxZTBiNGM5MmVmNTY5NDI5YWIwNzc4Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZwHw9BTr5WQK5i0hSz5zWamPy4Y
I0+sThwrCSInru2GVMfl9B72nxpa4+8XUgCNSkQvDXdKVGCeGUiuz4gltMaQjWxZ
RLJZgXzbfJOSlut9hjZuNQ9mozEpJ8Qh4UZQfY/mh7KBcUG48Fl0tLmRLcP3O0B6
vjSf7IJ0Ww3b4DVzWxT2BRFBo+zOSmb7sasx0XChBCWmDg2NIODEamt7I3Nbka1I
aZoloKTkFDFssmY/LFX4qZArxQAMtEkNhDeWdb3MauKRzq8Q2axtTeGGUcWk2X5Z
s+5omIK/1i7LhQLkuuCzt6sBfJX1Ahe9Z2WY2B5ghHnXndstieZhArAGzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIfWAfrcVlR4LTJLvVpQpqwd4zWMB8GA1UdIwQY
MBaAFMa43lUoUKzoX8jA4WhSzHPfEBadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMt
ZDI0MGQzNjExMDU4LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZjVkOTEtOTJiYS00MDJlLWJlMWMtZDI0MGQzNjExMDU4
LzEveHJqZVZTaFFyT2hmeU1EaGFGTE1jOThRRnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLFejybN
sJf0vQyNEkEJ6HIIlk74TAuzHnvkzwDrRXAN6XNxRaS21YNMFyo7KI0QCSgJF5m7
7w4Zw22IxVdABLH51O25s9AevOY4bsZnkTmkV028s+MB51HYrsZsWtxjhc5lvrcL
YfHNkSXH6xsOGGYmRoZXBw35BC0gVIa2bTYO+XnVZGR3/gtUyxO6OY3XVd5P/Ukl
7tASOOtb+iCUsrI/dECQxliQ+Ytp+E+qmxQdAZW96hUD5eKQ2CI50xGeQ6JyRSgi
zfauxLSgpV7/vFLFeTo3tRyPBkFQCjfZmsDfO7RIwR1dp1jnZr4srQAM60j2iV2J
GxtAoZdqjk4gdQ==
-----END CERTIFICATE-----