Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          yQdx1cct0ZWsTakaBX5ofYSjNoj6m0tQwPEE4WyuCAI=
Subject key identifier:   50:16:F4:A1:77:B8:9B:03:E4:13:3C:CC:45:35:A5:BA:5B:2F:3F:7E
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       019652A49EAACFAF4B0491AEA3DFD2153F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 10:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 10:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 10:00:42 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: 5NtQ6G8NUY3L5ATWGNRS915F6IbhCg5XT/FrU3fanlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:9e:aa:cf:af:4b:04:91:ae:a3:df:d2:15:3f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Apr 20 10:00:42 2025 GMT
            Not After : Apr 21 10:00:42 2025 GMT
        Subject: CN=5016f4a177b89b03e4133ccc4535a5ba5b2f3f7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:3b:39:9b:87:55:8d:84:1a:f0:23:5a:ac:38:
                    15:3e:c0:a3:c8:12:7e:a5:c9:55:a1:a8:0c:82:52:
                    8e:46:30:1a:f5:64:6f:5c:44:1a:33:af:96:3b:41:
                    37:1f:75:70:d9:ae:59:ca:0f:20:1f:e9:0e:d5:90:
                    28:c1:96:75:22:74:31:3e:94:94:36:18:01:93:81:
                    dc:eb:60:da:56:dd:75:73:e7:a8:9d:2a:db:0e:19:
                    1f:c6:0e:cf:22:81:8b:9c:e2:70:a2:0a:1a:80:75:
                    31:15:07:16:d5:08:32:6f:1d:d9:ba:5b:aa:82:f4:
                    a6:2d:fc:be:93:aa:72:9c:ab:4f:f1:9c:17:f7:1b:
                    be:a4:04:dd:66:1a:7a:b9:ba:cd:8f:b9:72:2e:b9:
                    7a:06:8e:e3:17:2c:a1:c6:33:71:06:dc:b9:c6:49:
                    78:3f:49:32:b1:bd:2e:91:2e:62:af:4a:18:12:8d:
                    92:a5:27:92:6e:1c:3c:9f:6d:5c:20:5a:7a:a3:73:
                    0b:dd:ae:51:31:cf:d7:d5:05:9a:52:64:7a:0a:f2:
                    8d:6d:7d:a5:d5:ed:44:72:3b:cd:ad:a7:ed:02:80:
                    dc:16:51:ee:ca:fd:13:3b:03:49:ea:6a:b1:75:d3:
                    f7:f2:5b:01:12:d7:1a:39:f9:5f:c2:90:9a:73:15:
                    94:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:16:F4:A1:77:B8:9B:03:E4:13:3C:CC:45:35:A5:BA:5B:2F:3F:7E
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:b3:9a:5b:d7:9d:99:e8:85:74:e9:98:db:fe:8c:cf:04:d0:
         ac:e0:85:ec:b2:be:e2:df:eb:97:40:b8:fc:42:f3:ce:b3:13:
         47:9b:bc:b0:f3:91:7b:e6:50:92:45:c7:21:9d:66:ea:4e:05:
         0e:0c:a4:20:92:90:c6:2d:2b:95:65:c2:74:40:cb:a6:64:5e:
         53:9a:b2:b1:e4:70:d2:f0:20:46:28:17:97:dd:e6:ed:86:2c:
         75:a1:ca:67:aa:2a:eb:c3:9c:9d:bb:3e:a5:6e:a4:b7:05:5c:
         77:28:67:8e:ce:37:7e:20:d6:a9:f6:dc:de:9c:af:8b:46:f4:
         bf:4b:04:70:d6:e7:28:0a:31:14:ce:6c:80:f7:09:ba:58:11:
         9f:4c:6e:cf:7d:42:cf:08:7f:74:cd:62:04:8f:fe:df:d8:a6:
         20:d9:d6:0d:2c:f5:1c:a5:74:60:f9:db:7a:e0:5b:23:8d:df:
         70:13:38:18:59:8e:28:5b:3d:e8:fc:06:f5:74:0e:50:b8:c6:
         08:2a:2e:d0:dd:b0:62:42:c1:d3:4b:e1:e4:05:8c:73:35:1c:
         3f:c0:15:07:44:89:a9:c9:80:d5:77:f5:d6:7e:ba:28:32:8f:
         86:7a:b6:99:3a:be:78:54:90:7f:f4:4a:c1:56:cf:1a:ba:2f:
         8e:7b:8f:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpJ6qz69LBJGuo9/SFT84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjUwNDIwMTAwMDQyWhcNMjUwNDIxMTAwMDQyWjAzMTEwLwYDVQQD
Eyg1MDE2ZjRhMTc3Yjg5YjAzZTQxMzNjY2M0NTM1YTViYTViMmYzZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijs5m4dVjYQa8CNarDgVPsCjyBJ+
pclVoagMglKORjAa9WRvXEQaM6+WO0E3H3Vw2a5Zyg8gH+kO1ZAowZZ1InQxPpSU
NhgBk4Hc62DaVt11c+eonSrbDhkfxg7PIoGLnOJwogoagHUxFQcW1Qgybx3Zuluq
gvSmLfy+k6pynKtP8ZwX9xu+pATdZhp6ubrNj7lyLrl6Bo7jFyyhxjNxBty5xkl4
P0kysb0ukS5ir0oYEo2SpSeSbhw8n21cIFp6o3ML3a5RMc/X1QWaUmR6CvKNbX2l
1e1EcjvNraftAoDcFlHuyv0TOwNJ6mqxddP38lsBEtcaOflfwpCacxWUdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAW9KF3uJsD5BM8zEU1pbpbLz9+MB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb7OaW9ed
meiFdOmY2/6MzwTQrOCF7LK+4t/rl0C4/ELzzrMTR5u8sPORe+ZQkkXHIZ1m6k4F
DgykIJKQxi0rlWXCdEDLpmReU5qyseRw0vAgRigXl93m7YYsdaHKZ6oq68Ocnbs+
pW6ktwVcdyhnjs43fiDWqfbc3pyvi0b0v0sEcNbnKAoxFM5sgPcJulgRn0xuz31C
zwh/dM1iBI/+39imINnWDSz1HKV0YPnbeuBbI43fcBM4GFmOKFs96PwG9XQOULjG
CCou0N2wYkLB00vh5AWMczUcP8AVB0SJqcmA1Xf11n66KDKPhnq2mTq+eFSQf/RK
wVbPGrovjnuP3A==
-----END CERTIFICATE-----