Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
File:                     xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft (raw, json)
Hash identifier:          46nCVDNWpEUwKr5Dt6i53Ck8COvJH0b3djACqqrzSpg=
Subject key identifier:   3D:E2:CB:DF:8A:02:37:56:C7:40:D2:71:66:13:30:8B:ED:39:14:27
Authority key identifier: C4:24:90:E6:98:0B:79:FA:4A:B1:7E:5F:65:73:71:DA:66:C3:6A:F4
Certificate issuer:       /CN=c42490e6980b79fa4ab17e5f657371da66c36af4
Certificate serial:       019653B72DCFA45043ED3987EA558240DC53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
Manifest number:          0217
Signing time:             Sun 20 Apr 2025 15:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 15:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 15:00:35 +0000
Files and hashes:         1: xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl (hash: 9qhsYSq+SRqhaOnpEiV4lun4to/vPRNAqq6unExStVw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 15:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:b7:2d:cf:a4:50:43:ed:39:87:ea:55:82:40:dc:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42490e6980b79fa4ab17e5f657371da66c36af4
        Validity
            Not Before: Apr 20 15:00:35 2025 GMT
            Not After : Apr 21 15:00:35 2025 GMT
        Subject: CN=3de2cbdf8a023756c740d2716613308bed391427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:7e:e7:cf:7d:62:05:92:11:12:00:e7:d7:e6:
                    e5:53:17:45:f0:b9:5e:cd:2c:72:2c:16:05:72:84:
                    31:ed:df:6f:18:15:ed:68:6d:20:a8:d1:a5:eb:26:
                    d2:3c:cb:ec:83:5f:5c:b8:a7:e3:11:9b:e8:29:86:
                    3b:db:cd:cc:8e:da:4d:eb:6d:16:4d:1c:b7:12:20:
                    0e:e2:7f:9e:6c:e4:71:37:bb:72:5c:2d:f4:3d:c4:
                    16:5d:70:37:3f:6c:47:6a:1a:1b:9d:75:5c:d0:d1:
                    2d:2b:5a:5f:09:0f:30:c0:fb:1c:0b:35:e4:07:04:
                    f0:fb:d1:95:05:1e:27:fa:32:fb:ec:8d:bc:2a:50:
                    cc:b6:ce:63:62:0f:f7:99:c0:3a:88:35:1c:6c:f8:
                    c2:32:a4:e8:bd:7a:83:74:ab:bb:8a:f7:1b:c3:cf:
                    c4:5a:94:1b:3f:27:04:e6:d8:de:95:3a:cc:1e:4f:
                    50:9b:88:c4:70:cf:1d:0b:fc:5f:35:e9:58:31:e5:
                    6f:7c:39:2d:c6:37:2b:78:65:6f:a3:f6:58:20:a0:
                    ed:97:ac:bb:08:17:10:a2:ca:8b:8c:26:c5:06:d3:
                    49:11:80:31:9c:d2:94:26:1f:85:55:a9:a3:91:d8:
                    e4:c3:c4:a7:e5:de:0c:c8:f6:32:4d:6f:d9:6c:db:
                    28:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E2:CB:DF:8A:02:37:56:C7:40:D2:71:66:13:30:8B:ED:39:14:27
            X509v3 Authority Key Identifier:
                keyid:C4:24:90:E6:98:0B:79:FA:4A:B1:7E:5F:65:73:71:DA:66:C3:6A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCSQ5pgLefpKsX5fZXNx2mbDavQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/798da8-a0ba-488c-9184-58c189c6efed/1/xCSQ5pgLefpKsX5fZXNx2mbDavQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:64:c7:4a:09:af:c8:31:99:c7:4c:3c:1e:1f:84:3f:71:32:
         1f:c4:e4:bb:89:28:a7:b5:75:47:2f:72:8d:fb:e4:d6:3f:d4:
         23:63:66:f3:66:de:06:cd:ab:49:72:5b:72:bb:20:b6:b3:bb:
         9e:d2:78:7f:90:ff:59:07:9c:2e:74:3a:98:6c:ee:69:89:b5:
         2b:76:9e:18:79:50:cb:ba:94:26:81:8a:61:11:23:b3:40:e5:
         6c:1e:7c:1e:80:68:4d:8f:4c:68:cc:31:3c:c0:82:32:42:a7:
         aa:22:32:fd:03:0f:ec:1d:dd:4c:8a:13:bd:46:b5:32:73:da:
         0d:0e:63:25:24:4f:05:12:96:d4:a3:8c:b5:7a:d9:e3:07:f2:
         49:08:36:41:55:7f:4c:31:52:3f:33:e3:a0:3f:cc:72:f0:5e:
         94:a8:53:5c:05:9d:cd:e8:6b:0f:98:41:78:2a:52:84:5f:f5:
         da:bd:8c:ac:83:56:97:38:ca:4c:37:e6:ee:10:cb:8e:d1:5a:
         0f:93:73:4a:dd:02:0c:29:8a:e7:03:08:9c:07:fb:ec:26:50:
         b6:11:a7:58:c1:31:ed:d8:b1:f3:60:83:d6:ea:09:26:2c:17:
         52:91:df:fa:8d:91:fe:b9:3a:f7:de:8e:b8:b5:68:5e:04:4e:
         af:88:02:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTty3PpFBD7TmH6lWCQNxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjQ5MGU2OTgwYjc5ZmE0YWIxN2U1ZjY1NzM3MWRhNjZj
MzZhZjQwHhcNMjUwNDIwMTUwMDM1WhcNMjUwNDIxMTUwMDM1WjAzMTEwLwYDVQQD
EygzZGUyY2JkZjhhMDIzNzU2Yzc0MGQyNzE2NjEzMzA4YmVkMzkxNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H7nz31iBZIREgDn1+blUxdF8Lle
zSxyLBYFcoQx7d9vGBXtaG0gqNGl6ybSPMvsg19cuKfjEZvoKYY7283MjtpN620W
TRy3EiAO4n+ebORxN7tyXC30PcQWXXA3P2xHahobnXVc0NEtK1pfCQ8wwPscCzXk
BwTw+9GVBR4n+jL77I28KlDMts5jYg/3mcA6iDUcbPjCMqTovXqDdKu7ivcbw8/E
WpQbPycE5tjelTrMHk9Qm4jEcM8dC/xfNelYMeVvfDktxjcreGVvo/ZYIKDtl6y7
CBcQosqLjCbFBtNJEYAxnNKUJh+FVamjkdjkw8Sn5d4MyPYyTW/ZbNsoZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3iy9+KAjdWx0DScWYTMIvtORQnMB8GA1UdIwQY
MBaAFMQkkOaYC3n6SrF+X2Vzcdpmw2r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83OThkYTgtYTBiYS00ODhjLTkxODQt
NThjMTg5YzZlZmVkLzEveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83OThkYTgtYTBiYS00ODhjLTkxODQtNThjMTg5YzZlZmVk
LzEveENTUTVwZ0xlZnBLc1g1ZlpYTngybWJEYXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANmTHSgmv
yDGZx0w8Hh+EP3EyH8Tku4kop7V1Ry9yjfvk1j/UI2Nm82beBs2rSXJbcrsgtrO7
ntJ4f5D/WQecLnQ6mGzuaYm1K3aeGHlQy7qUJoGKYREjs0DlbB58HoBoTY9MaMwx
PMCCMkKnqiIy/QMP7B3dTIoTvUa1MnPaDQ5jJSRPBRKW1KOMtXrZ4wfySQg2QVV/
TDFSPzPjoD/McvBelKhTXAWdzehrD5hBeCpShF/12r2MrINWlzjKTDfm7hDLjtFa
D5NzSt0CDCmK5wMInAf77CZQthGnWMEx7dix82CD1uoJJiwXUpHf+o2R/rk6996O
uLVoXgROr4gC/w==
-----END CERTIFICATE-----