Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
File:                     xVRM5A0R1h07gKfRAyMBI_t9aKU.mft (raw, json)
Hash identifier:          +Zwk9swDmP3HkvFMneUnseUwuGgwvEtK3GHSr4Xhuq8=
Subject key identifier:   2D:82:FB:8A:FB:E1:33:88:A6:09:BC:81:FF:20:D7:50:9F:1B:3D:D4
Authority key identifier: C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5
Certificate issuer:       /CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
Certificate serial:       01965C4C7FE5C83A6C9EBBD5C378F4652999
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
Manifest number:          0E21
Signing time:             Tue 22 Apr 2025 07:00:39 +0000
Manifest this update:     Tue 22 Apr 2025 07:00:39 +0000
Manifest next update:     Wed 23 Apr 2025 07:00:39 +0000
Files and hashes:         1: xVRM5A0R1h07gKfRAyMBI_t9aKU.crl (hash: wV0+CyzFuIWa+OXcFjePbS1PcUaXrrCUy/SLuI4m5iI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5c:4c:7f:e5:c8:3a:6c:9e:bb:d5:c3:78:f4:65:29:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5544ce40d11d61d3b80a7d103230123fb7d68a5
        Validity
            Not Before: Apr 22 07:00:39 2025 GMT
            Not After : Apr 23 07:00:39 2025 GMT
        Subject: CN=2d82fb8afbe13388a609bc81ff20d7509f1b3dd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:35:91:15:2f:b6:ec:6e:78:d7:d1:0f:2f:bc:
                    ab:3b:77:34:9d:73:95:09:bb:72:fc:92:b2:09:2c:
                    88:fc:df:c6:f7:61:77:eb:33:38:15:a8:12:f4:de:
                    1f:d6:7d:45:17:1e:50:1c:af:74:50:2b:9d:ee:78:
                    b6:86:26:9f:cc:72:f3:4c:55:b4:03:c2:e5:c0:e3:
                    55:be:49:d3:26:85:0e:fd:c5:24:0b:59:ea:c3:6d:
                    8e:71:e8:bf:8b:29:53:70:d1:2d:98:75:70:55:29:
                    36:79:2e:68:73:32:1f:41:16:5a:77:9d:08:55:21:
                    eb:19:71:b0:92:cf:72:43:69:47:f2:7c:5e:3b:1e:
                    2e:35:cf:3f:98:b7:3e:b3:7a:bb:bb:ce:d2:ea:81:
                    34:10:7e:df:83:d4:03:cd:20:55:cf:35:b5:52:3d:
                    30:1f:48:4b:a1:c2:21:94:f5:b5:1a:60:31:bc:f9:
                    cf:42:27:09:ab:03:4f:e1:c8:2d:38:3b:60:b4:d4:
                    67:22:97:11:73:00:b8:71:bd:35:69:e0:cd:46:7c:
                    45:a9:86:0d:bc:c6:ec:bb:ed:57:5c:46:55:0a:55:
                    95:85:1c:07:01:95:e2:a5:63:66:1c:04:b6:d2:3c:
                    ff:88:b8:33:83:a7:f0:79:0b:02:4e:84:93:79:13:
                    f0:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:82:FB:8A:FB:E1:33:88:A6:09:BC:81:FF:20:D7:50:9F:1B:3D:D4
            X509v3 Authority Key Identifier:
                keyid:C5:54:4C:E4:0D:11:D6:1D:3B:80:A7:D1:03:23:01:23:FB:7D:68:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVRM5A0R1h07gKfRAyMBI_t9aKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/646296-e4bd-4feb-9f9d-527cb24dbd40/1/xVRM5A0R1h07gKfRAyMBI_t9aKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:8e:c4:ea:76:74:54:0b:59:7f:b5:ac:67:83:62:cd:67:2b:
         53:1a:ff:b6:9f:a8:db:4b:46:c7:3a:f2:da:14:63:47:6a:e5:
         f5:89:c7:0a:99:7c:62:49:8f:30:25:eb:0d:57:9f:6d:e4:cb:
         23:a2:7b:9c:c0:df:9c:39:eb:d0:8b:fc:fb:88:a6:37:15:44:
         77:0f:4d:69:b5:04:e2:7d:33:66:11:cb:55:75:45:da:f7:75:
         3c:50:16:01:a7:84:53:df:a9:1a:8a:12:c5:8e:b8:69:3d:e2:
         6e:56:a1:87:6b:a4:5f:c0:d4:69:ba:64:de:d9:a9:fa:98:5c:
         02:62:91:77:84:97:d9:bd:8b:3f:23:25:23:f0:c6:3b:f0:13:
         9a:f0:3c:1c:e5:0d:95:65:bd:d2:07:32:e2:fb:7d:02:c9:88:
         b0:b3:4f:40:55:ca:c9:3c:84:14:87:94:80:2a:e4:7f:d2:ca:
         fb:2f:5a:0b:fc:26:c2:36:53:4e:6b:df:f1:f4:6e:56:25:b2:
         e0:4b:30:9d:58:3d:a5:f6:46:be:06:ba:04:84:be:62:62:57:
         dc:9a:67:a6:1b:2f:71:91:32:d1:5d:bf:10:d0:1c:cf:cd:b2:
         ea:bf:e8:69:90:d0:bf:ae:07:b5:76:16:38:3b:fa:91:a3:96:
         6c:52:e0:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZcTH/lyDpsnrvVw3j0ZSmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTQ0Y2U0MGQxMWQ2MWQzYjgwYTdkMTAzMjMwMTIzZmI3
ZDY4YTUwHhcNMjUwNDIyMDcwMDM5WhcNMjUwNDIzMDcwMDM5WjAzMTEwLwYDVQQD
EygyZDgyZmI4YWZiZTEzMzg4YTYwOWJjODFmZjIwZDc1MDlmMWIzZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTWRFS+27G5419EPL7yrO3c0nXOV
Cbty/JKyCSyI/N/G92F36zM4FagS9N4f1n1FFx5QHK90UCud7ni2hiafzHLzTFW0
A8LlwONVvknTJoUO/cUkC1nqw22Ocei/iylTcNEtmHVwVSk2eS5oczIfQRZad50I
VSHrGXGwks9yQ2lH8nxeOx4uNc8/mLc+s3q7u87S6oE0EH7fg9QDzSBVzzW1Uj0w
H0hLocIhlPW1GmAxvPnPQicJqwNP4cgtODtgtNRnIpcRcwC4cb01aeDNRnxFqYYN
vMbsu+1XXEZVClWVhRwHAZXipWNmHAS20jz/iLgzg6fweQsCToSTeRPwbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2C+4r74TOIpgm8gf8g11CfGz3UMB8GA1UdIwQY
MBaAFMVUTOQNEdYdO4Cn0QMjASP7fWilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQt
NTI3Y2IyNGRiZDQwLzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NDYyOTYtZTRiZC00ZmViLTlmOWQtNTI3Y2IyNGRiZDQw
LzEveFZSTTVBMFIxaDA3Z0tmUkF5TUJJX3Q5YUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACI7E6nZ0
VAtZf7WsZ4NizWcrUxr/tp+o20tGxzry2hRjR2rl9YnHCpl8YkmPMCXrDVefbeTL
I6J7nMDfnDnr0Iv8+4imNxVEdw9NabUE4n0zZhHLVXVF2vd1PFAWAaeEU9+pGooS
xY64aT3iblahh2ukX8DUabpk3tmp+phcAmKRd4SX2b2LPyMlI/DGO/ATmvA8HOUN
lWW90gcy4vt9AsmIsLNPQFXKyTyEFIeUgCrkf9LK+y9aC/wmwjZTTmvf8fRuViWy
4EswnVg9pfZGvga6BIS+YmJX3JpnphsvcZEy0V2/ENAcz82y6r/oaZDQv64HtXYW
ODv6kaOWbFLgyg==
-----END CERTIFICATE-----