Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          VXKwm3SuZYTJbKl3ZzHViG0SXIQVMUzvmwttUVKHk0E=
Subject key identifier:   76:7E:21:23:63:02:69:66:4C:94:A6:5C:0E:C8:03:7A:B5:BE:FE:E0
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       0194C4D0F6F9889B637993A1B3C1A5EE6DD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          10C0
Signing time:             Sun 02 Feb 2025 04:00:16 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:16 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:16 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: EJNr7Jr8Tv9x5oPfgRO+9ySLQxQ2Cu5TjSNGQ8p+AH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d0:f6:f9:88:9b:63:79:93:a1:b3:c1:a5:ee:6d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Feb  2 04:00:16 2025 GMT
            Not After : Feb  3 04:00:16 2025 GMT
        Subject: CN=767e2123630269664c94a65c0ec8037ab5befee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:59:b9:70:70:5e:34:8c:fc:33:ac:e1:a1:2d:
                    eb:44:40:f1:87:13:af:09:d6:75:df:7a:77:f1:27:
                    77:be:09:26:29:8a:07:8c:54:ed:6f:ea:36:19:f1:
                    80:bb:f6:11:a1:c7:88:83:5a:93:85:69:c7:14:e0:
                    13:a3:8c:cc:01:9a:9f:df:91:e4:35:60:1a:b8:de:
                    7e:83:3d:88:f7:49:7b:64:4b:b7:2f:ad:77:e4:33:
                    5b:11:34:09:a6:fb:da:db:c8:fc:61:15:19:c4:96:
                    41:73:9d:85:7b:7c:7c:9b:d7:e7:f8:78:4f:2e:85:
                    44:d5:12:60:03:f7:40:23:35:91:04:6f:49:6a:5b:
                    bd:fe:82:21:4b:a5:2a:a1:5d:79:a7:17:46:63:3b:
                    01:a7:14:94:d8:f9:92:2e:20:df:39:84:e1:57:b1:
                    36:52:d7:ce:6b:61:4b:ca:e1:d9:05:ad:7a:19:ec:
                    00:e6:e0:0e:cc:5f:a7:ee:32:e4:9c:41:2f:d8:da:
                    a9:3a:6d:77:18:7b:bb:04:3c:24:49:0b:98:f0:53:
                    05:41:92:1b:0a:74:58:6c:44:4d:fe:44:7f:d1:32:
                    0f:df:01:ca:77:f5:cf:2f:dd:32:ec:31:c7:d4:6d:
                    a5:06:09:03:ab:f9:fe:8f:6c:b1:90:cb:0c:26:9e:
                    fe:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:7E:21:23:63:02:69:66:4C:94:A6:5C:0E:C8:03:7A:B5:BE:FE:E0
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ba:31:e3:ec:b2:eb:4c:b3:6d:c1:36:dd:f1:6e:08:cb:c4:
         e8:e7:50:e6:e1:bf:ae:b1:eb:e5:e1:2f:9f:13:50:ad:1f:0c:
         cb:50:96:ea:ba:b4:0c:e4:75:e7:17:9d:ce:fa:1d:14:35:2f:
         11:5c:c3:f2:0e:d7:c4:bf:93:ce:b9:20:cf:ba:7a:4c:b1:a0:
         2d:0e:88:84:52:27:e4:e8:17:e5:89:8b:ad:40:30:86:b8:18:
         85:23:c5:19:bd:f0:e3:20:fa:22:c3:1a:4c:7a:2b:5e:eb:1e:
         af:fc:f8:13:d5:98:fc:28:a2:78:7c:36:81:31:d5:95:9c:5f:
         2f:13:eb:6a:4c:5b:41:c9:76:86:7b:8f:11:3a:dd:d1:a8:e6:
         55:52:d3:a1:8c:4a:fa:1e:cb:5a:36:a4:f5:ba:e9:6a:51:b6:
         15:0c:1f:de:e3:ce:13:ad:73:fc:1e:d4:4f:c1:db:f1:99:0f:
         86:c3:17:6d:63:57:1b:f5:81:c2:92:5f:51:59:fe:9a:7b:cf:
         9f:90:b9:de:02:1c:76:95:4b:6d:a6:85:d3:21:8f:95:b7:a1:
         f3:c5:a2:1c:b1:c6:9f:62:8b:9b:74:1c:34:26:99:21:28:64:
         1c:ef:bf:71:b7:10:f2:55:a7:44:23:62:1b:84:ca:16:df:0c:
         11:85:fc:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0Pb5iJtjeZOhs8Gl7m3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUwMjAyMDQwMDE2WhcNMjUwMjAzMDQwMDE2WjAzMTEwLwYDVQQD
Eyg3NjdlMjEyMzYzMDI2OTY2NGM5NGE2NWMwZWM4MDM3YWI1YmVmZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1m5cHBeNIz8M6zhoS3rREDxhxOv
CdZ133p38Sd3vgkmKYoHjFTtb+o2GfGAu/YRoceIg1qThWnHFOATo4zMAZqf35Hk
NWAauN5+gz2I90l7ZEu3L6135DNbETQJpvva28j8YRUZxJZBc52Fe3x8m9fn+HhP
LoVE1RJgA/dAIzWRBG9Jalu9/oIhS6UqoV15pxdGYzsBpxSU2PmSLiDfOYThV7E2
UtfOa2FLyuHZBa16GewA5uAOzF+n7jLknEEv2NqpOm13GHu7BDwkSQuY8FMFQZIb
CnRYbERN/kR/0TIP3wHKd/XPL90y7DHH1G2lBgkDq/n+j2yxkMsMJp7+qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZ+ISNjAmlmTJSmXA7IA3q1vv7gMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrox4+yy
60yzbcE23fFuCMvE6OdQ5uG/rrHr5eEvnxNQrR8My1CW6rq0DOR15xedzvodFDUv
EVzD8g7XxL+Tzrkgz7p6TLGgLQ6IhFIn5OgX5YmLrUAwhrgYhSPFGb3w4yD6IsMa
THorXuser/z4E9WY/CiieHw2gTHVlZxfLxPrakxbQcl2hnuPETrd0ajmVVLToYxK
+h7LWjak9brpalG2FQwf3uPOE61z/B7UT8Hb8ZkPhsMXbWNXG/WBwpJfUVn+mnvP
n5C53gIcdpVLbaaF0yGPlbeh88WiHLHGn2KLm3QcNCaZIShkHO+/cbcQ8lWnRCNi
G4TKFt8MEYX8Dw==
-----END CERTIFICATE-----