Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.mft
File:                     xcymnU3Y7tz2A-NjKVsZtpAp71w.mft (raw, json)
Hash identifier:          1oiTvA0e6cgg/bIZ9mqOFtHdxynj97+cKDWhQrKT/VU=
Subject key identifier:   7A:38:F3:20:ED:F2:B8:4E:87:A2:43:57:C1:0B:07:9D:8E:E9:AB:F5
Authority key identifier: C5:CC:A6:9D:4D:D8:EE:DC:F6:03:E3:63:29:5B:19:B6:90:29:EF:5C
Certificate issuer:       /CN=c5cca69d4dd8eedcf603e363295b19b69029ef5c
Certificate serial:       01965B02889A666B6C37DEDBB638861D7327
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xcymnU3Y7tz2A-NjKVsZtpAp71w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.mft
Manifest number:          14FE
Signing time:             Tue 22 Apr 2025 01:00:14 +0000
Manifest this update:     Tue 22 Apr 2025 01:00:14 +0000
Manifest next update:     Wed 23 Apr 2025 01:00:14 +0000
Files and hashes:         1: xcymnU3Y7tz2A-NjKVsZtpAp71w.crl (hash: 16J46rBJs13eQWHB7faz0R8Q23+RibabnAbglTtFROE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xcymnU3Y7tz2A-NjKVsZtpAp71w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:02:88:9a:66:6b:6c:37:de:db:b6:38:86:1d:73:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5cca69d4dd8eedcf603e363295b19b69029ef5c
        Validity
            Not Before: Apr 22 01:00:14 2025 GMT
            Not After : Apr 23 01:00:14 2025 GMT
        Subject: CN=7a38f320edf2b84e87a24357c10b079d8ee9abf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:1c:30:01:57:45:1b:63:80:2d:f9:31:98:03:
                    31:72:5e:39:6e:ea:cd:22:5d:99:0d:6f:21:63:ec:
                    74:2e:7f:41:69:dc:fa:51:0b:04:cc:f6:0f:99:0a:
                    c0:86:ab:3d:36:4d:4c:31:15:3e:b9:dc:61:55:d9:
                    82:00:ab:f1:10:c0:67:2e:be:a9:37:b5:95:ba:0a:
                    4f:62:7d:c1:8e:8d:37:ae:e1:a2:eb:71:62:70:8b:
                    89:e4:92:8d:59:0b:36:f4:10:bf:81:3d:2c:02:9d:
                    4f:8c:19:2d:d5:83:3f:43:9b:25:7c:2b:cf:f8:3d:
                    b7:56:93:a5:50:6b:77:44:32:f0:eb:8d:46:82:b8:
                    b7:0c:ae:f1:bb:d5:66:fe:b8:a3:35:cc:ee:a2:ed:
                    78:f0:fc:f9:24:f5:e7:35:87:77:0a:9a:f2:a7:d9:
                    79:00:1d:34:d0:f5:93:45:48:b2:0c:d2:46:a9:d6:
                    0b:70:e9:2b:a9:6c:90:8e:0d:f4:d3:7f:97:ed:33:
                    03:74:ff:6d:00:26:8e:71:4b:3c:3a:b9:fe:f4:50:
                    d4:38:33:ab:48:1a:2c:97:8a:64:df:f5:bd:6e:68:
                    67:78:b6:bf:21:a0:31:cd:38:f8:28:5c:c9:7d:5b:
                    d7:d6:f2:83:ef:ae:5b:f2:22:a4:f4:ac:ad:23:bc:
                    a6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:38:F3:20:ED:F2:B8:4E:87:A2:43:57:C1:0B:07:9D:8E:E9:AB:F5
            X509v3 Authority Key Identifier:
                keyid:C5:CC:A6:9D:4D:D8:EE:DC:F6:03:E3:63:29:5B:19:B6:90:29:EF:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcymnU3Y7tz2A-NjKVsZtpAp71w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/38e121-a8ee-4112-8c4a-76f70d833dd4/1/xcymnU3Y7tz2A-NjKVsZtpAp71w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:12:d0:d2:5c:c0:42:62:c2:21:89:43:48:1a:95:81:d7:52:
         ed:94:91:96:73:56:ef:d4:d4:1e:e9:10:4c:f0:87:0e:77:73:
         6e:89:95:e0:b5:0a:41:2e:41:6f:bc:ef:38:35:15:e6:7e:c3:
         c1:bb:1d:cb:16:c8:f0:91:d0:e5:48:eb:45:b2:e6:9c:b2:e8:
         0a:8f:02:87:b1:c9:ad:ce:a9:14:eb:b8:51:61:de:af:67:e7:
         a4:46:cf:bd:f0:72:f8:4d:ab:50:18:06:b1:dc:12:f4:89:e6:
         6d:75:95:4f:ed:47:26:ab:61:bb:52:39:33:11:70:a9:54:78:
         0a:79:9d:d9:ed:6e:bc:5b:0c:60:16:96:90:50:c0:67:7f:1a:
         d0:dd:fe:8d:ff:47:3e:a8:4a:c6:a5:50:bb:44:e0:00:04:70:
         de:52:52:72:78:a1:7a:5e:75:75:a5:f6:17:2f:b1:10:cf:eb:
         8d:8b:a3:56:21:fc:dd:08:16:82:21:f4:fd:09:41:a2:79:db:
         cc:c4:1b:4b:69:68:fd:cf:72:fd:32:37:2e:b5:2f:c4:40:6c:
         b3:27:1b:27:a1:10:aa:1f:73:ba:f8:bd:b4:29:fc:43:03:a3:
         ea:47:67:e9:4a:c7:6f:13:f4:5d:85:5e:fe:da:89:cb:b2:1c:
         84:cf:43:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbAoiaZmtsN97btjiGHXMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Y2NhNjlkNGRkOGVlZGNmNjAzZTM2MzI5NWIxOWI2OTAy
OWVmNWMwHhcNMjUwNDIyMDEwMDE0WhcNMjUwNDIzMDEwMDE0WjAzMTEwLwYDVQQD
Eyg3YTM4ZjMyMGVkZjJiODRlODdhMjQzNTdjMTBiMDc5ZDhlZTlhYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RwwAVdFG2OALfkxmAMxcl45burN
Il2ZDW8hY+x0Ln9Badz6UQsEzPYPmQrAhqs9Nk1MMRU+udxhVdmCAKvxEMBnLr6p
N7WVugpPYn3Bjo03ruGi63FicIuJ5JKNWQs29BC/gT0sAp1PjBkt1YM/Q5slfCvP
+D23VpOlUGt3RDLw641Ggri3DK7xu9Vm/rijNczuou148Pz5JPXnNYd3Cpryp9l5
AB000PWTRUiyDNJGqdYLcOkrqWyQjg3003+X7TMDdP9tACaOcUs8Orn+9FDUODOr
SBosl4pk3/W9bmhneLa/IaAxzTj4KFzJfVvX1vKD765b8iKk9KytI7ymXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHo48yDt8rhOh6JDV8ELB52O6av1MB8GA1UdIwQY
MBaAFMXMpp1N2O7c9gPjYylbGbaQKe9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGN5bW5VM1k3dHoyQS1OaktWc1p0cEFwNzF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zOGUxMjEtYThlZS00MTEyLThjNGEt
NzZmNzBkODMzZGQ0LzEveGN5bW5VM1k3dHoyQS1OaktWc1p0cEFwNzF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zOGUxMjEtYThlZS00MTEyLThjNGEtNzZmNzBkODMzZGQ0
LzEveGN5bW5VM1k3dHoyQS1OaktWc1p0cEFwNzF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAahLQ0lzA
QmLCIYlDSBqVgddS7ZSRlnNW79TUHukQTPCHDndzbomV4LUKQS5Bb7zvODUV5n7D
wbsdyxbI8JHQ5UjrRbLmnLLoCo8Ch7HJrc6pFOu4UWHer2fnpEbPvfBy+E2rUBgG
sdwS9InmbXWVT+1HJqthu1I5MxFwqVR4Cnmd2e1uvFsMYBaWkFDAZ38a0N3+jf9H
PqhKxqVQu0TgAARw3lJScnihel51daX2Fy+xEM/rjYujViH83QgWgiH0/QlBonnb
zMQbS2lo/c9y/TI3LrUvxEBssycbJ6EQqh9zuvi9tCn8QwOj6kdn6UrHbxP0XYVe
/tqJy7IchM9DVA==
-----END CERTIFICATE-----