Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          qB4FJ/gLn7zwyz9fZ1uY/JTrvR2BuREtz1wLQ5hZtr8=
Subject key identifier:   46:99:2E:8B:17:FE:AC:8A:08:47:64:88:DC:3D:13:ED:9D:39:EA:39
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019684A39D9AF0299B8B2D576F4C718C73E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          1512
Signing time:             Wed 30 Apr 2025 03:00:37 +0000
Manifest this update:     Wed 30 Apr 2025 03:00:37 +0000
Manifest next update:     Thu 01 May 2025 03:00:37 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: fnqd5XNN5YOHMTssqYjc8JEvFYyW6dusJAkSykgo7cU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:a3:9d:9a:f0:29:9b:8b:2d:57:6f:4c:71:8c:73:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Apr 30 03:00:37 2025 GMT
            Not After : May  1 03:00:37 2025 GMT
        Subject: CN=46992e8b17feac8a08476488dc3d13ed9d39ea39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a8:1c:a7:23:bf:55:c9:7d:c8:aa:e7:35:f8:
                    b2:a6:97:0d:b6:88:f9:c6:0b:77:db:0b:ec:78:a5:
                    b2:c7:3b:7e:c5:b0:d1:7c:c7:f6:82:7a:cd:7b:47:
                    eb:66:b1:53:c1:93:2f:cf:cc:74:b1:e7:3c:78:c0:
                    9b:39:e0:84:07:f4:3d:b8:b3:8e:a4:46:d5:df:04:
                    2a:fa:49:57:67:55:ac:84:63:ba:51:6c:03:59:94:
                    8c:1e:b4:9c:3d:f3:6c:2f:a6:18:82:3c:ac:f2:ab:
                    b3:0e:95:eb:3b:3f:28:4f:b1:b7:62:4a:1b:da:56:
                    ab:88:a4:09:da:db:db:61:d5:87:3f:a7:80:89:d9:
                    7c:bb:a9:73:aa:24:d3:77:73:25:c3:a3:a3:cd:44:
                    cb:c7:c4:1a:3c:1a:36:d1:0c:60:95:9a:a4:3b:5d:
                    96:0b:e0:8b:23:c5:66:9e:77:ec:53:9b:24:35:7c:
                    51:a4:5c:d7:ad:02:87:e8:a1:1c:a9:4f:c7:64:8e:
                    47:24:13:b7:47:fc:76:20:bd:ac:61:2d:cd:1e:71:
                    82:f7:22:a8:e2:5b:33:98:3c:26:ec:40:a8:e9:d6:
                    51:8b:8b:99:d8:b9:41:eb:b3:b0:a3:54:5f:f9:70:
                    24:e4:c1:24:d4:b4:c2:47:24:a2:6f:1c:75:d7:84:
                    6f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:99:2E:8B:17:FE:AC:8A:08:47:64:88:DC:3D:13:ED:9D:39:EA:39
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:e0:c4:b9:58:fb:69:18:34:d7:d1:7a:79:8d:63:dd:38:9b:
         14:6e:67:15:26:91:e0:fb:ee:c7:1b:6c:49:57:19:4e:93:f4:
         36:83:32:51:61:67:1e:8f:6c:df:60:59:83:bf:f3:e0:76:bb:
         b4:55:93:af:10:ac:cc:81:62:db:9d:18:e7:3a:fe:12:ff:bc:
         f9:0d:f2:34:15:59:e9:be:8d:f3:22:0f:37:69:8a:3c:a9:7d:
         9d:d2:79:20:87:bc:b8:9a:7a:32:55:3e:d2:f8:43:12:0c:12:
         54:34:e4:5c:1d:22:eb:11:b3:c4:d4:eb:36:9b:7c:ef:8d:63:
         10:ce:bc:fa:a6:d9:16:79:d2:ac:fa:0a:17:54:04:0a:c7:b3:
         78:b9:c2:2a:47:bc:b1:8a:47:f4:62:7f:33:ea:09:3d:43:05:
         ec:47:2f:fa:db:ef:b7:b8:f4:e9:cf:ce:63:2e:aa:bb:f6:e3:
         25:cd:f1:0d:50:ce:19:a4:ee:21:bb:d6:03:89:13:dc:f4:0d:
         ba:55:df:52:7a:06:2f:33:74:4d:f8:3e:ae:12:9b:7e:51:ca:
         79:fe:07:dc:e8:84:08:a7:08:d2:07:3d:22:5f:dd:68:59:58:
         27:7c:16:04:ad:f8:34:34:72:33:fd:da:64:ca:7a:83:9b:f4:
         c0:b1:bf:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaEo52a8Cmbiy1Xb0xxjHPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUwNDMwMDMwMDM3WhcNMjUwNTAxMDMwMDM3WjAzMTEwLwYDVQQD
Eyg0Njk5MmU4YjE3ZmVhYzhhMDg0NzY0ODhkYzNkMTNlZDlkMzllYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2agcpyO/Vcl9yKrnNfiyppcNtoj5
xgt32wvseKWyxzt+xbDRfMf2gnrNe0frZrFTwZMvz8x0sec8eMCbOeCEB/Q9uLOO
pEbV3wQq+klXZ1WshGO6UWwDWZSMHrScPfNsL6YYgjys8quzDpXrOz8oT7G3Ykob
2lariKQJ2tvbYdWHP6eAidl8u6lzqiTTd3Mlw6OjzUTLx8QaPBo20QxglZqkO12W
C+CLI8VmnnfsU5skNXxRpFzXrQKH6KEcqU/HZI5HJBO3R/x2IL2sYS3NHnGC9yKo
4lszmDwm7ECo6dZRi4uZ2LlB67Owo1Rf+XAk5MEk1LTCRySibxx114RvtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaZLosX/qyKCEdkiNw9E+2dOeo5MB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApeDEuVj7
aRg019F6eY1j3TibFG5nFSaR4PvuxxtsSVcZTpP0NoMyUWFnHo9s32BZg7/z4Ha7
tFWTrxCszIFi250Y5zr+Ev+8+Q3yNBVZ6b6N8yIPN2mKPKl9ndJ5IIe8uJp6MlU+
0vhDEgwSVDTkXB0i6xGzxNTrNpt8741jEM68+qbZFnnSrPoKF1QECsezeLnCKke8
sYpH9GJ/M+oJPUMF7Ecv+tvvt7j06c/OYy6qu/bjJc3xDVDOGaTuIbvWA4kT3PQN
ulXfUnoGLzN0Tfg+rhKbflHKef4H3OiECKcI0gc9Il/daFlYJ3wWBK34NDRyM/3a
ZMp6g5v0wLG/1w==
-----END CERTIFICATE-----