Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          9B8BKvOLZoEQd/rPa6q8A6KziIglKzZ/Wcf7FGwRz8M=
Subject key identifier:   B4:8A:5B:29:5C:4E:E7:98:4E:11:BF:6A:04:A0:93:5E:78:21:B1:57
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       019680227BA5BC42E8A21076269246CD19B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          150F
Signing time:             Tue 29 Apr 2025 06:01:05 +0000
Manifest this update:     Tue 29 Apr 2025 06:01:05 +0000
Manifest next update:     Wed 30 Apr 2025 06:01:05 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: S1Z2kL3vWiHwBPlIlxlVBXeICrvy1VQ/4FCHybrtyFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:80:22:7b:a5:bc:42:e8:a2:10:76:26:92:46:cd:19:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Apr 29 06:01:05 2025 GMT
            Not After : Apr 30 06:01:05 2025 GMT
        Subject: CN=b48a5b295c4ee7984e11bf6a04a0935e7821b157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:50:2a:38:ea:3c:ee:3c:46:f7:8c:1d:5d:be:
                    f7:5f:e8:4d:63:c0:0a:57:80:5e:80:91:b0:08:37:
                    55:68:8a:8e:47:b2:04:96:e1:11:e5:9b:1d:b2:bc:
                    a7:aa:45:c4:67:4d:21:8a:b4:00:21:04:c2:94:bb:
                    4b:ca:2d:f9:1e:42:d6:a9:39:f8:27:39:ff:27:58:
                    65:37:9a:37:ac:9b:81:77:e5:55:0b:36:e3:48:eb:
                    8f:e5:91:1f:76:29:63:04:9e:c7:ef:7f:94:30:9e:
                    1f:c8:4d:cc:d6:e0:9f:4e:63:13:6a:8e:5b:c3:e3:
                    9a:7c:c5:89:5f:2c:bc:71:20:cc:44:13:e4:6b:02:
                    88:c8:32:eb:e4:d2:a5:d2:20:40:e5:d0:1c:cb:0c:
                    62:e0:f7:0a:52:e8:e3:fc:22:fc:82:73:d6:5e:ae:
                    27:19:88:34:2e:90:0e:57:60:d4:a5:ec:13:28:32:
                    2b:a4:4d:0c:71:25:9a:a7:da:d6:d1:54:b7:0e:5c:
                    8f:f5:13:ca:91:be:ea:10:fb:30:af:db:de:d9:27:
                    a4:13:46:54:c4:2c:b2:bb:4f:b8:e8:4e:fa:57:9b:
                    43:c6:4a:02:82:40:07:48:ab:b9:7c:12:42:6b:da:
                    b3:2c:c4:70:1c:19:4e:9d:48:fc:81:53:97:2e:d2:
                    80:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:8A:5B:29:5C:4E:E7:98:4E:11:BF:6A:04:A0:93:5E:78:21:B1:57
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:78:64:ab:6c:d9:73:b8:dd:c0:aa:0a:a8:3e:ff:c4:a6:45:
         32:71:c2:d3:64:61:d9:a6:85:c2:5b:32:47:16:55:e3:d6:c4:
         7b:2d:a8:10:9e:5d:c9:6a:ba:fc:25:03:31:da:ec:55:32:50:
         43:5a:c8:06:21:ba:5e:c8:01:8e:e6:77:ba:6d:c5:01:45:79:
         ca:74:93:63:be:fa:59:22:14:a4:39:df:31:db:dc:63:f4:59:
         09:97:2b:5f:a6:c1:8a:4a:09:30:23:44:1f:bb:18:ca:cf:b3:
         0a:69:69:64:e0:cf:eb:a6:fa:c9:7b:3a:25:f3:9e:43:33:74:
         09:03:b0:ef:30:d6:ce:bd:a3:f8:8e:e1:d2:3f:c6:3f:52:2e:
         e4:20:05:13:9b:b6:2b:41:cd:34:bf:ba:16:5a:5b:43:96:40:
         54:65:3a:6c:1f:7f:5d:0c:d0:f8:6f:6f:34:dd:2c:ec:82:79:
         d0:bf:76:95:23:8d:e5:6c:f7:7c:0d:9a:4a:3e:3d:f8:c2:7c:
         54:4e:c3:ad:99:e5:d2:c0:a7:a9:c2:57:94:4e:02:50:4e:4d:
         5d:3e:79:7d:fa:c3:38:b8:b1:80:7c:8a:af:f7:f1:5c:9d:d6:
         2f:72:95:e4:31:a6:4d:36:40:7f:b4:55:08:8d:7e:de:cb:c3:
         63:45:20:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaAInulvELoohB2JpJGzRmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwNDI5MDYwMTA1WhcNMjUwNDMwMDYwMTA1WjAzMTEwLwYDVQQD
EyhiNDhhNWIyOTVjNGVlNzk4NGUxMWJmNmEwNGEwOTM1ZTc4MjFiMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1AqOOo87jxG94wdXb73X+hNY8AK
V4BegJGwCDdVaIqOR7IEluER5ZsdsrynqkXEZ00hirQAIQTClLtLyi35HkLWqTn4
Jzn/J1hlN5o3rJuBd+VVCzbjSOuP5ZEfdiljBJ7H73+UMJ4fyE3M1uCfTmMTao5b
w+OafMWJXyy8cSDMRBPkawKIyDLr5NKl0iBA5dAcywxi4PcKUujj/CL8gnPWXq4n
GYg0LpAOV2DUpewTKDIrpE0McSWap9rW0VS3DlyP9RPKkb7qEPswr9ve2SekE0ZU
xCyyu0+46E76V5tDxkoCgkAHSKu5fBJCa9qzLMRwHBlOnUj8gVOXLtKAkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSKWylcTueYThG/agSgk154IbFXMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAenhkq2zZ
c7jdwKoKqD7/xKZFMnHC02Rh2aaFwlsyRxZV49bEey2oEJ5dyWq6/CUDMdrsVTJQ
Q1rIBiG6XsgBjuZ3um3FAUV5ynSTY776WSIUpDnfMdvcY/RZCZcrX6bBikoJMCNE
H7sYys+zCmlpZODP66b6yXs6JfOeQzN0CQOw7zDWzr2j+I7h0j/GP1Iu5CAFE5u2
K0HNNL+6FlpbQ5ZAVGU6bB9/XQzQ+G9vNN0s7IJ50L92lSON5Wz3fA2aSj49+MJ8
VE7DrZnl0sCnqcJXlE4CUE5NXT55ffrDOLixgHyKr/fxXJ3WL3KV5DGmTTZAf7RV
CI1+3svDY0Ugqg==
-----END CERTIFICATE-----