Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
File:                     X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft (raw, json)
Hash identifier:          05zk+YsPir22eEjmOOhlFbHgbnDknlt0MQZ1zNQb3e0=
Subject key identifier:   C4:CE:8C:54:48:45:A6:7E:DF:A1:F4:B9:8C:04:2E:AA:FE:76:69:D0
Authority key identifier: 5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6
Certificate issuer:       /CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
Certificate serial:       0196764316E120047CD97F6BA19BC17D55C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
Manifest number:          02E6
Signing time:             Sun 27 Apr 2025 08:00:30 +0000
Manifest this update:     Sun 27 Apr 2025 08:00:30 +0000
Manifest next update:     Mon 28 Apr 2025 08:00:30 +0000
Files and hashes:         1: X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl (hash: eijMDd2+NKBf1pgLNx83ChwmZAeTGPqLlnlJcn4BtJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:43:16:e1:20:04:7c:d9:7f:6b:a1:9b:c1:7d:55:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
        Validity
            Not Before: Apr 27 08:00:30 2025 GMT
            Not After : Apr 28 08:00:30 2025 GMT
        Subject: CN=c4ce8c544845a67edfa1f4b98c042eaafe7669d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:98:02:83:70:c9:36:f6:19:5f:94:d3:e8:38:
                    53:ed:19:f9:41:2c:10:d7:d5:e6:3d:33:50:22:0e:
                    fa:66:e9:20:2b:8b:72:23:00:da:ec:18:38:b5:6d:
                    07:2d:d3:2d:71:ca:0a:2e:2c:1c:18:5e:8a:dd:94:
                    ec:93:0a:28:2f:36:88:26:87:30:cd:da:5a:b6:8f:
                    14:cd:f7:0c:a4:92:e1:b2:cd:ff:b1:9f:56:4c:1e:
                    2e:de:ac:20:68:dc:77:8f:00:58:16:d4:ff:84:68:
                    f3:29:f1:d2:04:f2:c8:7b:e6:e4:fb:1b:e1:54:03:
                    64:5f:46:56:ac:dc:33:fb:e2:42:29:10:5e:8a:24:
                    07:23:29:c1:50:61:23:5e:e7:c1:70:d2:9d:6f:c4:
                    01:c4:28:f1:06:bd:a2:d5:bd:e1:d7:42:99:10:1e:
                    43:49:3c:11:1b:63:9a:de:07:8a:19:f3:3d:d4:75:
                    4d:8b:64:b1:7c:b9:3d:0b:6a:ae:f4:44:6a:ab:0a:
                    01:d6:05:b1:bd:a0:70:e1:70:c8:6c:be:6f:d7:9f:
                    e9:d6:fb:02:f6:48:a3:41:4e:fe:29:33:af:35:66:
                    72:2e:89:c2:a3:2f:e0:a8:c2:89:bd:20:dd:5a:05:
                    85:69:0d:5e:43:dc:29:d8:f8:8e:09:50:78:1b:8a:
                    68:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:CE:8C:54:48:45:A6:7E:DF:A1:F4:B9:8C:04:2E:AA:FE:76:69:D0
            X509v3 Authority Key Identifier:
                keyid:5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:58:1b:ed:c4:df:7d:ef:3a:22:17:ce:44:65:a7:26:e5:59:
         c8:01:71:d2:cd:0f:71:c9:64:04:cb:df:aa:b9:69:a9:21:d0:
         da:58:a0:d0:98:ea:de:2d:06:95:19:87:ff:b1:d1:57:4a:dd:
         01:9f:98:f8:f9:42:43:b3:89:ba:62:6c:47:d0:e1:db:77:00:
         ad:bf:61:cf:26:72:7d:89:a8:84:2a:18:a3:1c:4a:0f:ef:ab:
         5a:b5:71:7f:3e:c2:fd:63:0d:6c:b2:65:ba:6b:f8:2f:31:0e:
         50:97:9a:c9:b4:cc:c2:93:d7:86:c6:48:54:8a:5d:32:5d:c8:
         d3:a6:05:aa:e1:4c:49:4f:46:0a:69:45:33:b6:fa:aa:8f:79:
         d9:f6:51:2e:59:1d:ad:5f:ca:fb:0f:28:e2:7a:3e:3a:10:04:
         56:30:4f:60:a0:9e:f3:a7:52:3d:67:0b:ed:18:40:12:35:41:
         26:42:8f:7c:b3:3c:66:13:d6:51:f6:30:57:3e:f9:71:27:91:
         fc:af:91:6e:f4:ef:0a:92:69:07:fb:47:56:9e:91:b1:aa:d2:
         75:da:8a:34:98:5f:86:27:51:1a:88:17:e6:b8:fa:91:f6:8d:
         fc:1d:e1:63:92:1d:32:7b:25:86:ba:76:6a:af:21:10:30:ec:
         a4:aa:e2:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2QxbhIAR82X9roZvBfVXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2ExMjM1NDZmZTUxYTllNGJlZGY4M2VlZTAzNzUyYmQ5
NjM5ZDYwHhcNMjUwNDI3MDgwMDMwWhcNMjUwNDI4MDgwMDMwWjAzMTEwLwYDVQQD
EyhjNGNlOGM1NDQ4NDVhNjdlZGZhMWY0Yjk4YzA0MmVhYWZlNzY2OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJgCg3DJNvYZX5TT6DhT7Rn5QSwQ
19XmPTNQIg76ZukgK4tyIwDa7Bg4tW0HLdMtccoKLiwcGF6K3ZTskwooLzaIJocw
zdpato8UzfcMpJLhss3/sZ9WTB4u3qwgaNx3jwBYFtT/hGjzKfHSBPLIe+bk+xvh
VANkX0ZWrNwz++JCKRBeiiQHIynBUGEjXufBcNKdb8QBxCjxBr2i1b3h10KZEB5D
STwRG2Oa3geKGfM91HVNi2SxfLk9C2qu9ERqqwoB1gWxvaBw4XDIbL5v15/p1vsC
9kijQU7+KTOvNWZyLonCoy/gqMKJvSDdWgWFaQ1eQ9wp2PiOCVB4G4pozQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTOjFRIRaZ+36H0uYwELqr+dmnQMB8GA1UdIwQY
MBaAFF96EjVG/lGp5L7fg+7gN1K9ljnWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1Njkt
YjJmZjY4MWRhNmJiLzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1NjktYjJmZjY4MWRhNmJi
LzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACVgb7cTf
fe86IhfORGWnJuVZyAFx0s0PcclkBMvfqrlpqSHQ2lig0Jjq3i0GlRmH/7HRV0rd
AZ+Y+PlCQ7OJumJsR9Dh23cArb9hzyZyfYmohCoYoxxKD++rWrVxfz7C/WMNbLJl
umv4LzEOUJeaybTMwpPXhsZIVIpdMl3I06YFquFMSU9GCmlFM7b6qo952fZRLlkd
rV/K+w8o4no+OhAEVjBPYKCe86dSPWcL7RhAEjVBJkKPfLM8ZhPWUfYwVz75cSeR
/K+RbvTvCpJpB/tHVp6RsarSddqKNJhfhidRGogX5rj6kfaN/B3hY5IdMnslhrp2
aq8hEDDspKriEQ==
-----END CERTIFICATE-----