Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          G0pYKffIYdKKxIgCTqXHQ2Xl3TDIRE/8jcAN/Nw9IN0=
Subject key identifier:   7B:1B:63:DC:77:B4:DE:04:C6:D0:C8:A0:EA:96:3D:CA:1A:57:73:DE
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       01974BC48E822BA0F53F259A86475E919F0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          120F
Signing time:             Sat 07 Jun 2025 19:01:02 +0000
Manifest this update:     Sat 07 Jun 2025 19:01:02 +0000
Manifest next update:     Sun 08 Jun 2025 19:01:02 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: 5eezvNBZCUwLpMq75lFl28ItA9zEiPTMOKpwhsc7kxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:8e:82:2b:a0:f5:3f:25:9a:86:47:5e:91:9f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Jun  7 19:01:02 2025 GMT
            Not After : Jun  8 19:01:02 2025 GMT
        Subject: CN=7b1b63dc77b4de04c6d0c8a0ea963dca1a5773de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:cb:af:b2:d0:a6:a3:0b:0f:3a:00:94:40:3f:
                    11:5c:3f:e4:a7:8e:ec:d3:81:8a:f3:d4:0b:51:85:
                    e1:9c:68:1b:be:69:4d:16:5b:40:fc:bd:51:83:e3:
                    75:df:4c:0d:7b:dc:ba:09:e7:49:51:2c:43:fd:37:
                    ec:95:99:58:00:f7:08:7a:1f:96:8b:1f:c8:de:8a:
                    57:70:06:7e:8b:22:9e:93:b2:69:31:c7:3c:76:39:
                    ae:42:43:db:fe:18:11:69:57:95:79:cf:ec:09:f9:
                    25:a0:fd:dd:42:c4:6f:45:1e:bf:12:12:b1:1d:0e:
                    5e:d6:9b:71:ea:3c:32:70:ed:44:eb:5c:f8:77:48:
                    0f:0e:ca:c7:e8:7d:ac:c2:3d:79:1e:3b:17:0e:06:
                    78:84:52:f4:9e:fc:fd:6d:21:50:15:8d:95:fe:51:
                    79:7f:63:35:9d:88:04:64:ae:f8:51:b3:d6:c4:8d:
                    6a:d9:ac:e6:e3:3f:d2:d4:cc:1e:6c:7e:b1:e7:cd:
                    51:86:7c:19:02:17:62:b6:1b:17:b5:be:b8:76:81:
                    86:41:63:4b:b2:76:8d:ba:5c:97:5e:b4:a0:af:10:
                    ac:2a:83:a2:c9:58:2d:39:e1:d2:ac:d0:98:96:8c:
                    5e:b7:17:43:af:bf:2e:00:6f:9d:f3:7c:0b:a2:49:
                    6b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:1B:63:DC:77:B4:DE:04:C6:D0:C8:A0:EA:96:3D:CA:1A:57:73:DE
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:34:c2:53:85:ee:6a:9d:74:d6:18:8e:1c:6e:87:70:57:a2:
         1b:0e:f6:06:d6:ab:68:36:cb:76:91:4b:24:05:18:d1:6d:3c:
         60:da:48:47:ca:c8:74:9b:33:b1:44:81:98:20:0d:f1:da:ae:
         78:53:c5:3e:df:35:93:ee:dc:a1:68:f2:21:4a:26:62:f4:39:
         e8:3d:9c:12:45:1f:7a:6b:c8:1b:58:55:16:0c:97:ea:ed:1a:
         75:84:3b:39:f2:cc:4e:26:c7:28:a0:b6:66:10:1a:b2:b6:4b:
         7a:c3:38:12:f0:77:84:08:ed:b1:67:c5:12:28:57:c9:83:4d:
         13:1b:71:0a:db:b1:eb:c0:53:83:c4:14:6a:5a:fc:63:bb:44:
         a5:15:a8:d5:22:01:14:bc:a9:d1:ca:b4:c4:5e:a9:f6:60:ae:
         87:a6:ed:4b:6d:da:9b:06:d3:1e:90:8c:04:d3:cc:34:c5:c6:
         44:ac:23:71:ec:d0:be:a3:f3:08:5f:c5:b1:04:5c:50:69:a0:
         8b:ff:a0:b8:58:69:d4:55:a9:15:76:e9:aa:d0:f7:73:c0:58:
         27:74:7a:e1:f7:3d:b5:61:55:f9:7f:d2:d7:85:a3:20:cf:e8:
         87:a0:0b:8e:62:e6:fb:f0:df:cf:5c:30:14:ea:b8:de:3d:fc:
         cb:75:cd:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxI6CK6D1PyWahkdekZ8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUwNjA3MTkwMTAyWhcNMjUwNjA4MTkwMTAyWjAzMTEwLwYDVQQD
Eyg3YjFiNjNkYzc3YjRkZTA0YzZkMGM4YTBlYTk2M2RjYTFhNTc3M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8uvstCmowsPOgCUQD8RXD/kp47s
04GK89QLUYXhnGgbvmlNFltA/L1Rg+N130wNe9y6CedJUSxD/TfslZlYAPcIeh+W
ix/I3opXcAZ+iyKek7JpMcc8djmuQkPb/hgRaVeVec/sCfkloP3dQsRvRR6/EhKx
HQ5e1ptx6jwycO1E61z4d0gPDsrH6H2swj15HjsXDgZ4hFL0nvz9bSFQFY2V/lF5
f2M1nYgEZK74UbPWxI1q2azm4z/S1MwebH6x581RhnwZAhdithsXtb64doGGQWNL
snaNulyXXrSgrxCsKoOiyVgtOeHSrNCYloxetxdDr78uAG+d83wLoklrpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsbY9x3tN4ExtDIoOqWPcoaV3PeMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAazTCU4Xu
ap101hiOHG6HcFeiGw72BtaraDbLdpFLJAUY0W08YNpIR8rIdJszsUSBmCAN8dqu
eFPFPt81k+7coWjyIUomYvQ56D2cEkUfemvIG1hVFgyX6u0adYQ7OfLMTibHKKC2
ZhAasrZLesM4EvB3hAjtsWfFEihXyYNNExtxCtux68BTg8QUalr8Y7tEpRWo1SIB
FLyp0cq0xF6p9mCuh6btS23amwbTHpCMBNPMNMXGRKwjcezQvqPzCF/FsQRcUGmg
i/+guFhp1FWpFXbpqtD3c8BYJ3R64fc9tWFV+X/S14WjIM/oh6ALjmLm+/Dfz1ww
FOq43j38y3XNdQ==
-----END CERTIFICATE-----