Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
File:                     xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft (raw, json)
Hash identifier:          dobpbU040R7WhNmZetSeiVxYk4+XDeIWKnkBHfdszuo=
Subject key identifier:   20:F1:E4:5A:77:67:DC:FD:40:03:EB:82:44:C7:8A:BC:C8:DE:C0:1A
Authority key identifier: C6:18:F0:3F:98:74:37:06:53:AA:3A:02:6F:67:07:C2:E0:E7:47:64
Certificate issuer:       /CN=c618f03f9874370653aa3a026f6707c2e0e74764
Certificate serial:       019676E7F557EDE328228850919DABFE5869
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
Manifest number:          05F4
Signing time:             Sun 27 Apr 2025 11:00:35 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:35 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:35 +0000
Files and hashes:         1: xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl (hash: CFJdb1svG9On+ypZPlWWNB9DN7HS7r3Tzvqy6eWT5y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 11:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e7:f5:57:ed:e3:28:22:88:50:91:9d:ab:fe:58:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c618f03f9874370653aa3a026f6707c2e0e74764
        Validity
            Not Before: Apr 27 11:00:35 2025 GMT
            Not After : Apr 28 11:00:35 2025 GMT
        Subject: CN=20f1e45a7767dcfd4003eb8244c78abcc8dec01a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5e:a6:b3:d7:08:bd:eb:56:13:3c:78:0d:46:
                    ac:e8:fe:ae:18:de:00:93:64:1d:a0:2b:ef:20:d4:
                    00:11:e3:30:f7:8e:ed:ce:2e:89:57:f2:a2:9c:00:
                    2f:93:e6:70:8e:bd:b2:91:13:22:e6:8a:01:50:6d:
                    0c:a1:f2:9e:99:3f:4b:2e:8d:22:80:d3:f5:3f:9e:
                    5e:1a:8d:ad:73:c3:92:d3:14:98:f2:9a:cc:bd:8e:
                    fa:6f:90:47:0c:56:20:15:dc:31:5f:1a:39:72:6d:
                    66:b7:aa:44:7b:49:ee:50:b6:a3:5d:f8:5c:30:1d:
                    74:98:63:28:17:f3:96:4d:79:d9:e5:e3:aa:d9:04:
                    d1:33:67:fb:84:6d:74:00:80:33:35:bc:49:97:6b:
                    00:0b:b1:eb:bb:c7:fc:52:5b:c0:70:13:47:1c:07:
                    29:b5:5a:65:e9:d1:a5:03:fd:3f:e8:ba:df:01:f3:
                    0d:5f:00:69:17:5d:a8:5d:cf:25:31:c2:05:db:89:
                    22:9e:5c:5d:1d:24:16:2d:eb:f2:ac:5f:c9:30:5e:
                    5f:45:d9:45:37:33:b9:f5:78:da:bd:15:4f:7a:fc:
                    88:41:8e:60:af:14:50:da:d6:38:1e:ad:fa:a6:98:
                    15:fe:68:23:d6:24:5f:6f:43:f9:55:a7:1f:9f:fd:
                    30:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F1:E4:5A:77:67:DC:FD:40:03:EB:82:44:C7:8A:BC:C8:DE:C0:1A
            X509v3 Authority Key Identifier:
                keyid:C6:18:F0:3F:98:74:37:06:53:AA:3A:02:6F:67:07:C2:E0:E7:47:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/16fdee-d397-41fd-888f-51de4964a913/1/xhjwP5h0NwZTqjoCb2cHwuDnR2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:d6:b2:9e:05:20:00:49:46:03:b7:c8:0c:ce:11:9b:9a:24:
         a0:32:a3:17:b3:1d:44:70:ce:e3:6e:5c:1c:55:6e:de:ae:da:
         03:73:d6:49:5b:da:7b:3d:72:f5:e8:1b:72:00:c2:49:c0:f0:
         a9:15:fc:f2:ac:8d:2e:10:d8:69:b4:89:ee:70:23:77:ce:3a:
         06:48:44:e2:bb:36:fa:4e:e9:8c:04:e2:24:75:16:66:04:1e:
         f4:03:f7:ec:42:0e:f7:e9:24:3b:62:03:ac:ab:e2:46:a0:4d:
         0f:dc:fe:2b:14:33:f8:9e:ff:72:d8:29:f6:45:3f:a1:73:85:
         d7:7c:ad:84:ef:09:05:27:86:60:f5:96:ba:a6:88:32:66:42:
         ca:41:5d:74:89:ba:22:42:f9:10:58:66:61:49:ff:26:46:ee:
         d3:b7:9a:28:c0:8d:88:48:f5:9a:12:22:9c:8c:2f:ee:98:0e:
         7f:92:bc:07:bd:bb:92:72:0b:7c:ea:49:b2:a0:61:8b:b2:19:
         88:64:b8:2d:d5:94:14:31:d3:d7:19:27:5b:86:42:6e:d4:11:
         2f:d1:b2:81:ae:f3:f5:fb:d8:80:57:9d:b4:c9:af:d2:10:bd:
         fe:3c:c4:54:df:99:2e:10:89:81:d1:e1:71:02:7e:84:2d:6c:
         af:e1:95:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ25/VX7eMoIohQkZ2r/lhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MThmMDNmOTg3NDM3MDY1M2FhM2EwMjZmNjcwN2MyZTBl
NzQ3NjQwHhcNMjUwNDI3MTEwMDM1WhcNMjUwNDI4MTEwMDM1WjAzMTEwLwYDVQQD
EygyMGYxZTQ1YTc3NjdkY2ZkNDAwM2ViODI0NGM3OGFiY2M4ZGVjMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA516ms9cIvetWEzx4DUas6P6uGN4A
k2QdoCvvINQAEeMw947tzi6JV/KinAAvk+Zwjr2ykRMi5ooBUG0MofKemT9LLo0i
gNP1P55eGo2tc8OS0xSY8prMvY76b5BHDFYgFdwxXxo5cm1mt6pEe0nuULajXfhc
MB10mGMoF/OWTXnZ5eOq2QTRM2f7hG10AIAzNbxJl2sAC7Hru8f8UlvAcBNHHAcp
tVpl6dGlA/0/6LrfAfMNXwBpF12oXc8lMcIF24kinlxdHSQWLevyrF/JMF5fRdlF
NzO59XjavRVPevyIQY5grxRQ2tY4Hq36ppgV/mgj1iRfb0P5Vacfn/0wvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDx5Fp3Z9z9QAPrgkTHirzI3sAaMB8GA1UdIwQY
MBaAFMYY8D+YdDcGU6o6Am9nB8Lg50dkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xNmZkZWUtZDM5Ny00MWZkLTg4OGYt
NTFkZTQ5NjRhOTEzLzEveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xNmZkZWUtZDM5Ny00MWZkLTg4OGYtNTFkZTQ5NjRhOTEz
LzEveGhqd1A1aDBOd1pUcWpvQ2IyY0h3dURuUjJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa9ayngUg
AElGA7fIDM4Rm5okoDKjF7MdRHDO425cHFVu3q7aA3PWSVvaez1y9egbcgDCScDw
qRX88qyNLhDYabSJ7nAjd846BkhE4rs2+k7pjATiJHUWZgQe9AP37EIO9+kkO2ID
rKviRqBND9z+KxQz+J7/ctgp9kU/oXOF13ythO8JBSeGYPWWuqaIMmZCykFddIm6
IkL5EFhmYUn/Jkbu07eaKMCNiEj1mhIinIwv7pgOf5K8B727knILfOpJsqBhi7IZ
iGS4LdWUFDHT1xknW4ZCbtQRL9Gyga7z9fvYgFedtMmv0hC9/jzEVN+ZLhCJgdHh
cQJ+hC1sr+GVCQ==
-----END CERTIFICATE-----