Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          L3v1oSG8/eA5ZnICG0SbGAJ2TkAu4D12TMhgoxX4jI8=
Subject key identifier:   AB:8B:14:D9:FB:7F:36:BA:10:61:71:54:FE:2B:59:95:45:39:FF:F5
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       019684DA5E9984F83954ECD60C240019CD59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          0E36
Signing time:             Wed 30 Apr 2025 04:00:25 +0000
Manifest this update:     Wed 30 Apr 2025 04:00:25 +0000
Manifest next update:     Thu 01 May 2025 04:00:25 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: w9mrT2kGYpoFC8vjG7QIGbQNQ6/D+TsQDq9oYjyDy98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:da:5e:99:84:f8:39:54:ec:d6:0c:24:00:19:cd:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Apr 30 04:00:25 2025 GMT
            Not After : May  1 04:00:25 2025 GMT
        Subject: CN=ab8b14d9fb7f36ba10617154fe2b59954539fff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2f:bb:83:9e:98:dd:41:69:06:de:60:d0:40:
                    47:3c:43:c5:65:c9:f0:b6:01:4c:04:fa:53:99:b0:
                    52:01:f1:4f:69:db:b6:65:f5:58:12:bc:04:a3:85:
                    0f:f9:99:a8:3a:eb:ac:7c:0f:67:ce:71:b6:7d:d3:
                    3a:69:15:60:23:fa:68:e2:2e:ba:f4:e4:a0:e7:d1:
                    24:72:66:75:35:91:1b:d0:20:50:dc:5d:d2:9b:2b:
                    8d:b8:b8:02:2c:60:14:ba:53:bd:1a:29:d3:8b:f0:
                    6e:49:b5:c2:db:ca:78:95:20:6c:04:64:15:2a:82:
                    2b:55:ac:09:fb:38:3f:39:6b:9c:a2:c2:64:d5:02:
                    7d:f7:1e:84:83:83:ce:f2:9c:ab:13:51:41:c9:32:
                    79:d2:85:05:c0:9d:99:46:ee:d2:36:d5:e2:40:ae:
                    ec:c9:2a:cc:0e:4d:fa:ca:60:ff:8e:44:fd:93:d4:
                    20:7f:b7:b1:0a:f0:bf:7c:65:30:26:15:17:b0:29:
                    11:69:5a:a4:69:0c:ee:db:82:08:b4:fb:f2:91:42:
                    72:cd:c2:68:4f:13:88:93:a7:eb:3d:24:d2:a0:e1:
                    20:7f:eb:2a:ef:ed:c8:ae:6a:b2:ee:8f:61:8b:82:
                    92:ea:e3:d2:2b:b8:bf:df:7b:0a:92:b8:ce:74:6f:
                    9e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:8B:14:D9:FB:7F:36:BA:10:61:71:54:FE:2B:59:95:45:39:FF:F5
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:dc:e4:ac:ff:72:aa:5e:1e:a7:9f:d5:e9:3d:0f:f7:b1:4b:
         93:70:53:2a:8d:e9:46:19:b7:ed:8b:7e:e7:3a:d4:31:0c:4c:
         be:42:a4:4f:a9:54:02:4c:c4:f6:42:00:0a:ee:3e:d3:9b:15:
         e7:20:ed:34:3d:38:58:17:19:dd:6b:09:eb:7c:ba:d6:d3:0f:
         84:28:09:70:5e:0d:2f:fc:af:74:96:55:21:9b:fc:24:54:a0:
         37:50:2e:1f:b4:92:bd:0b:b1:1d:ef:d5:0d:d5:d9:91:1a:ee:
         94:97:4e:d0:85:a9:b4:9b:50:23:6e:3a:23:97:df:d0:ee:81:
         b7:bb:3e:ea:cd:ac:6d:3d:7b:a3:70:f9:86:cd:9e:59:c9:3c:
         74:63:91:9f:91:a1:9a:d1:e7:3c:26:63:7b:39:2a:0f:e4:69:
         a3:c5:ed:ef:0f:b4:de:93:a5:1e:e7:7a:d2:f8:62:28:2c:b6:
         33:d4:84:59:ab:88:12:d8:bc:13:ca:ee:01:34:73:54:37:71:
         a3:17:0e:8d:6c:e4:a5:53:2e:a9:00:5f:b2:65:db:7e:a3:4b:
         30:42:25:8d:a2:f1:a3:24:8d:d6:46:e6:05:d4:84:cf:39:42:
         d7:ae:80:8f:9b:38:d5:7a:5a:94:6b:3f:6a:47:c7:ee:92:64:
         ac:44:5f:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaE2l6ZhPg5VOzWDCQAGc1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUwNDMwMDQwMDI1WhcNMjUwNTAxMDQwMDI1WjAzMTEwLwYDVQQD
EyhhYjhiMTRkOWZiN2YzNmJhMTA2MTcxNTRmZTJiNTk5NTQ1MzlmZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC+7g56Y3UFpBt5g0EBHPEPFZcnw
tgFMBPpTmbBSAfFPadu2ZfVYErwEo4UP+ZmoOuusfA9nznG2fdM6aRVgI/po4i66
9OSg59EkcmZ1NZEb0CBQ3F3SmyuNuLgCLGAUulO9GinTi/BuSbXC28p4lSBsBGQV
KoIrVawJ+zg/OWucosJk1QJ99x6Eg4PO8pyrE1FByTJ50oUFwJ2ZRu7SNtXiQK7s
ySrMDk36ymD/jkT9k9Qgf7exCvC/fGUwJhUXsCkRaVqkaQzu24IItPvykUJyzcJo
TxOIk6frPSTSoOEgf+sq7+3Irmqy7o9hi4KS6uPSK7i/33sKkrjOdG+exwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuLFNn7fza6EGFxVP4rWZVFOf/1MB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv9zkrP9y
ql4ep5/V6T0P97FLk3BTKo3pRhm37Yt+5zrUMQxMvkKkT6lUAkzE9kIACu4+05sV
5yDtND04WBcZ3WsJ63y61tMPhCgJcF4NL/yvdJZVIZv8JFSgN1AuH7SSvQuxHe/V
DdXZkRrulJdO0IWptJtQI246I5ff0O6Bt7s+6s2sbT17o3D5hs2eWck8dGORn5Gh
mtHnPCZjezkqD+Rpo8Xt7w+03pOlHud60vhiKCy2M9SEWauIEti8E8ruATRzVDdx
oxcOjWzkpVMuqQBfsmXbfqNLMEIljaLxoySN1kbmBdSEzzlC166Aj5s41XpalGs/
akfH7pJkrERfiA==
-----END CERTIFICATE-----