Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
File:                     XWU9B97R6Nf08uoEvTaELFsS8V4.mft (raw, json)
Hash identifier:          mlYSYYBrLtDR8Den+p1IO7zXOVPdH5Q2ZNUWVNlZjuA=
Subject key identifier:   A5:95:A6:D0:55:4D:9C:C8:B4:D8:F5:39:04:0A:BF:69:3B:47:A1:F3
Authority key identifier: 5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
Certificate issuer:       /CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Certificate serial:       01964E235C1C5E35F2CBDDC910691163A0AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
Manifest number:          0D22
Signing time:             Sat 19 Apr 2025 13:01:02 +0000
Manifest this update:     Sat 19 Apr 2025 13:01:02 +0000
Manifest next update:     Sun 20 Apr 2025 13:01:02 +0000
Files and hashes:         1: XWU9B97R6Nf08uoEvTaELFsS8V4.crl (hash: EDKqQdWYliU5vkZaFWwo1Tl6nnqPbRp6PH9k/g8laNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:23:5c:1c:5e:35:f2:cb:dd:c9:10:69:11:63:a0:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
        Validity
            Not Before: Apr 19 13:01:02 2025 GMT
            Not After : Apr 20 13:01:02 2025 GMT
        Subject: CN=a595a6d0554d9cc8b4d8f539040abf693b47a1f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:50:9e:06:7f:1c:ed:fc:b0:61:ab:69:a9:fd:
                    73:35:4a:6f:25:a4:59:86:94:7a:82:a3:40:a8:ab:
                    b3:ec:07:a4:8f:fb:28:92:ba:81:8b:db:ec:26:dc:
                    92:0f:46:fe:6a:ad:2f:33:59:80:80:fa:d1:db:33:
                    b2:ae:89:42:4d:55:e0:32:4e:a9:9d:ef:bf:0b:ba:
                    9b:4b:a3:8d:7a:8f:83:49:86:54:1a:2a:b9:32:2a:
                    32:9f:fa:8c:59:c3:aa:41:d0:78:fd:eb:60:47:b2:
                    4d:a1:76:6f:46:96:70:3b:46:53:93:73:64:2c:28:
                    85:7f:11:f6:4a:a0:0a:b0:d5:d5:1a:da:11:39:5a:
                    00:50:15:41:ec:0b:ab:67:3a:8d:ae:dd:5c:49:6d:
                    c0:7a:33:63:1b:c5:0b:5d:8b:4f:1d:4d:b7:e1:59:
                    f6:7b:50:1d:e0:78:f0:0a:ad:ab:23:b4:03:1e:d5:
                    f3:92:22:11:89:ba:51:2c:5a:55:c5:a5:41:70:d1:
                    da:10:6c:f1:81:82:7b:0a:e7:8f:61:0f:13:14:0e:
                    40:55:e8:6a:9d:ac:5e:31:0b:e0:d9:86:88:19:84:
                    ed:3a:aa:b3:07:79:8f:59:74:e5:e8:f4:8f:59:25:
                    4e:02:2d:57:43:cf:c8:a9:53:f8:c1:2d:82:32:ce:
                    f0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:95:A6:D0:55:4D:9C:C8:B4:D8:F5:39:04:0A:BF:69:3B:47:A1:F3
            X509v3 Authority Key Identifier:
                keyid:5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:99:a8:2b:15:80:2c:3f:b4:35:ef:18:63:29:fb:08:60:3a:
         a5:b2:85:fe:0e:9d:97:fb:7d:f3:f7:66:a5:44:3e:3c:74:1c:
         27:63:83:2c:1d:fe:ec:69:76:7d:15:f8:b2:a2:99:3d:f1:51:
         c8:c3:f8:12:8b:67:31:e7:57:c2:a9:d8:27:54:65:a6:62:31:
         a7:a8:11:b9:3b:95:5c:60:f0:6e:60:05:83:07:f6:96:75:cc:
         67:c7:10:17:48:94:ac:68:37:f4:df:9c:87:06:70:c8:0a:a2:
         dd:88:50:c4:35:74:15:93:1c:8d:e6:18:ee:9a:23:df:cc:a8:
         8a:83:58:c9:ae:3b:80:37:35:ec:9b:8e:c4:78:0e:1d:8f:43:
         56:31:78:83:46:b8:26:ef:1b:11:99:19:f9:b1:55:af:42:32:
         89:02:31:0f:4d:bf:c5:99:f4:06:b9:d5:b7:9f:a8:bc:6d:ab:
         a9:45:9e:b4:16:36:bb:14:8c:85:d3:72:35:c0:a0:b2:01:9b:
         e2:70:17:8f:fc:f9:78:37:e8:9d:4d:a4:53:da:70:fe:9c:3f:
         66:b1:89:7f:e5:10:10:10:8b:1d:36:c1:ea:39:80:2e:93:fe:
         35:b0:43:e6:13:95:14:c9:2a:1f:a7:c8:89:88:40:4d:69:d3:
         6e:96:22:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOI1wcXjXyy93JEGkRY6CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjUzZDA3ZGVkMWU4ZDdmNGYyZWEwNGJkMzY4NDJjNWIx
MmYxNWUwHhcNMjUwNDE5MTMwMTAyWhcNMjUwNDIwMTMwMTAyWjAzMTEwLwYDVQQD
EyhhNTk1YTZkMDU1NGQ5Y2M4YjRkOGY1MzkwNDBhYmY2OTNiNDdhMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulCeBn8c7fywYatpqf1zNUpvJaRZ
hpR6gqNAqKuz7Aekj/sokrqBi9vsJtySD0b+aq0vM1mAgPrR2zOyrolCTVXgMk6p
ne+/C7qbS6ONeo+DSYZUGiq5Mioyn/qMWcOqQdB4/etgR7JNoXZvRpZwO0ZTk3Nk
LCiFfxH2SqAKsNXVGtoROVoAUBVB7AurZzqNrt1cSW3AejNjG8ULXYtPHU234Vn2
e1Ad4HjwCq2rI7QDHtXzkiIRibpRLFpVxaVBcNHaEGzxgYJ7CuePYQ8TFA5AVehq
naxeMQvg2YaIGYTtOqqzB3mPWXTl6PSPWSVOAi1XQ8/IqVP4wS2CMs7wJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWVptBVTZzItNj1OQQKv2k7R6HzMB8GA1UdIwQY
MBaAFF1lPQfe0ejX9PLqBL02hCxbEvFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGIt
MjE0NWNhNzVlMzgzLzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGItMjE0NWNhNzVlMzgz
LzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWZmoKxWA
LD+0Ne8YYyn7CGA6pbKF/g6dl/t98/dmpUQ+PHQcJ2ODLB3+7Gl2fRX4sqKZPfFR
yMP4EotnMedXwqnYJ1RlpmIxp6gRuTuVXGDwbmAFgwf2lnXMZ8cQF0iUrGg39N+c
hwZwyAqi3YhQxDV0FZMcjeYY7poj38yoioNYya47gDc17JuOxHgOHY9DVjF4g0a4
Ju8bEZkZ+bFVr0IyiQIxD02/xZn0BrnVt5+ovG2rqUWetBY2uxSMhdNyNcCgsgGb
4nAXj/z5eDfonU2kU9pw/pw/ZrGJf+UQEBCLHTbB6jmALpP+NbBD5hOVFMkqH6fI
iYhATWnTbpYiEg==
-----END CERTIFICATE-----