Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.mft
File:                     9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.mft (raw, json)
Hash identifier:          IYTOrhq8umDalVuDiXwgNXnJOXOOdnI5PJlPrO0TqHk=
Subject key identifier:   B4:A2:A1:25:60:F3:7D:DF:71:6D:B0:26:A9:27:B6:E2:7A:35:86:02
Authority key identifier: F5:77:66:F0:72:6C:FF:86:18:AF:96:82:58:F5:BB:22:9E:93:7C:6E
Certificate issuer:       /CN=f57766f0726cff8618af968258f5bb229e937c6e
Certificate serial:       01965492F4D66BA6B31E5B4014BEF30FF5E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.mft
Manifest number:          0C2A
Signing time:             Sun 20 Apr 2025 19:00:39 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:39 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:39 +0000
Files and hashes:         1: 9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.crl (hash: 0pyX7Hf2lx2X74UJvm1DnazOBnM6Pmct37gt5IfNQQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:f4:d6:6b:a6:b3:1e:5b:40:14:be:f3:0f:f5:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f57766f0726cff8618af968258f5bb229e937c6e
        Validity
            Not Before: Apr 20 19:00:39 2025 GMT
            Not After : Apr 21 19:00:39 2025 GMT
        Subject: CN=b4a2a12560f37ddf716db026a927b6e27a358602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:03:90:d9:2c:5f:de:89:f2:5e:9c:3f:39:9c:
                    ec:7d:fe:f9:67:39:89:4f:85:71:63:21:0d:7d:77:
                    fd:23:f4:96:39:cc:1d:53:e0:05:db:ee:e4:a9:26:
                    f7:37:25:29:f7:2a:72:d6:5f:4c:1c:0a:bf:07:a7:
                    ea:91:c1:02:ff:ea:b7:92:e7:bb:41:64:ef:76:85:
                    30:9f:3a:f1:34:d5:f6:f5:4f:21:49:44:2e:63:cf:
                    8c:a5:91:d1:42:70:b3:ec:60:51:bf:80:53:8d:b5:
                    89:14:a1:b4:4e:89:42:5a:e6:ce:b2:fd:d7:64:0c:
                    38:4c:7e:fd:89:f4:b3:d8:1d:c2:54:77:39:c7:cc:
                    cd:03:3d:7a:c1:76:b5:f6:5b:a5:40:b3:b2:44:73:
                    5b:4e:5a:46:e5:7f:f9:58:0f:03:09:26:5c:30:5b:
                    34:60:db:78:d7:95:ed:57:66:ad:97:27:ef:35:2b:
                    33:08:f2:24:80:2d:02:fb:55:d5:50:b3:05:31:9e:
                    42:a5:f7:0e:11:c4:7c:7f:ac:6d:47:5f:72:1a:ec:
                    ba:2c:db:43:ea:51:45:39:e1:15:e2:5b:2d:90:52:
                    39:76:58:bd:2c:70:69:f6:06:03:93:c3:a3:d5:ea:
                    44:b5:91:03:6e:ad:a5:36:18:9d:e1:bb:9d:bb:c6:
                    f1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:A2:A1:25:60:F3:7D:DF:71:6D:B0:26:A9:27:B6:E2:7A:35:86:02
            X509v3 Authority Key Identifier:
                keyid:F5:77:66:F0:72:6C:FF:86:18:AF:96:82:58:F5:BB:22:9E:93:7C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/590b7f-bbd2-4666-b8fc-a80224604f25/1/9Xdm8HJs_4YYr5aCWPW7Ip6TfG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:11:bd:54:35:b9:b2:14:42:6e:45:1c:0f:c4:a1:d8:0c:27:
         42:13:6e:8e:74:e0:26:c5:87:e5:56:0f:99:33:e1:aa:c0:d2:
         99:1f:3a:dc:52:a2:ac:64:6e:e1:43:35:17:66:15:46:9f:26:
         3c:f8:76:af:c2:49:a1:c2:8d:df:31:dd:d0:1a:7b:de:4c:b7:
         91:ab:89:cd:83:da:35:cc:92:e2:24:38:a3:18:e9:2c:b3:78:
         b9:e3:7b:23:f5:48:71:83:62:5c:4d:f9:10:7b:61:7e:1b:e1:
         93:9a:a4:2b:73:c0:0a:68:c2:fa:32:5d:51:23:33:66:5b:6e:
         35:af:62:a8:ae:35:52:8d:65:73:71:e4:3f:4f:8e:8e:34:be:
         64:cd:72:c1:69:8e:15:27:27:bf:b8:d5:9c:f7:d9:f3:76:a8:
         f7:e5:58:7d:ba:4f:fa:01:fa:07:5e:63:87:40:bc:05:b7:37:
         51:dd:75:5f:1d:c8:2a:b5:1d:13:52:e5:9a:36:50:c9:95:02:
         e7:4c:bf:d0:97:64:92:8b:14:dd:58:5b:cf:98:83:54:c9:d9:
         00:0c:43:f4:2b:cb:44:7d:1d:16:cf:4e:83:db:11:d1:ae:7c:
         a9:7a:a7:4f:d1:c5:03:da:85:70:43:f6:58:70:cb:37:97:aa:
         e9:0b:46:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkvTWa6azHltAFL7zD/XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1Nzc2NmYwNzI2Y2ZmODYxOGFmOTY4MjU4ZjViYjIyOWU5
MzdjNmUwHhcNMjUwNDIwMTkwMDM5WhcNMjUwNDIxMTkwMDM5WjAzMTEwLwYDVQQD
EyhiNGEyYTEyNTYwZjM3ZGRmNzE2ZGIwMjZhOTI3YjZlMjdhMzU4NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAOQ2Sxf3onyXpw/OZzsff75ZzmJ
T4VxYyENfXf9I/SWOcwdU+AF2+7kqSb3NyUp9ypy1l9MHAq/B6fqkcEC/+q3kue7
QWTvdoUwnzrxNNX29U8hSUQuY8+MpZHRQnCz7GBRv4BTjbWJFKG0TolCWubOsv3X
ZAw4TH79ifSz2B3CVHc5x8zNAz16wXa19lulQLOyRHNbTlpG5X/5WA8DCSZcMFs0
YNt415XtV2atlyfvNSszCPIkgC0C+1XVULMFMZ5CpfcOEcR8f6xtR19yGuy6LNtD
6lFFOeEV4lstkFI5dli9LHBp9gYDk8Oj1epEtZEDbq2lNhid4budu8bxOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSioSVg833fcW2wJqkntuJ6NYYCMB8GA1UdIwQY
MBaAFPV3ZvBybP+GGK+Wglj1uyKek3xuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhkbThISnNfNFlZcjVhQ1dQVzdJcDZUZkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81OTBiN2YtYmJkMi00NjY2LWI4ZmMt
YTgwMjI0NjA0ZjI1LzEvOVhkbThISnNfNFlZcjVhQ1dQVzdJcDZUZkc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81OTBiN2YtYmJkMi00NjY2LWI4ZmMtYTgwMjI0NjA0ZjI1
LzEvOVhkbThISnNfNFlZcjVhQ1dQVzdJcDZUZkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxG9VDW5
shRCbkUcD8Sh2AwnQhNujnTgJsWH5VYPmTPhqsDSmR863FKirGRu4UM1F2YVRp8m
PPh2r8JJocKN3zHd0Bp73ky3kauJzYPaNcyS4iQ4oxjpLLN4ueN7I/VIcYNiXE35
EHthfhvhk5qkK3PACmjC+jJdUSMzZltuNa9iqK41Uo1lc3HkP0+OjjS+ZM1ywWmO
FScnv7jVnPfZ83ao9+VYfbpP+gH6B15jh0C8Bbc3Ud11Xx3IKrUdE1LlmjZQyZUC
50y/0JdkkosU3Vhbz5iDVMnZAAxD9CvLRH0dFs9Og9sR0a58qXqnT9HFA9qFcEP2
WHDLN5eq6QtG6w==
-----END CERTIFICATE-----