Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
File:                     XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft (raw, json)
Hash identifier:          P0LHf3KenZ7J/4oBP5YH46CqOXBKtWQeeNZbG5C8eRo=
Subject key identifier:   F3:32:55:98:60:05:75:C2:B4:81:51:C5:1D:51:3D:1E:D7:45:05:49
Authority key identifier: 5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47
Certificate issuer:       /CN=5e55afde34211bcee6a7fd992488a24927b46947
Certificate serial:       0194C4D18479DAAE66CCCA60895663606405
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
Manifest number:          78
Signing time:             Sun 02 Feb 2025 04:00:52 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:52 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:52 +0000
Files and hashes:         1: XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl (hash: pCJjpwAm6/FfyqbY67ONx+33m6TGjuLLt5oTYOaxk+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:84:79:da:ae:66:cc:ca:60:89:56:63:60:64:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e55afde34211bcee6a7fd992488a24927b46947
        Validity
            Not Before: Feb  2 04:00:52 2025 GMT
            Not After : Feb  3 04:00:52 2025 GMT
        Subject: CN=f3325598600575c2b48151c51d513d1ed7450549
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:18:6a:3e:20:f8:e7:73:e7:a0:fb:d2:60:c0:
                    f3:73:05:cf:d4:fe:72:b9:ab:b2:ba:aa:2e:2d:79:
                    6e:25:8b:c7:98:3f:36:9c:85:08:f0:1c:be:30:b5:
                    35:6e:c9:78:28:20:88:38:1d:45:01:91:b8:19:c5:
                    79:fa:0b:0e:d8:5c:bd:34:55:64:1e:b7:a8:01:4a:
                    d5:76:09:2e:6f:60:58:f2:18:1c:c6:65:a4:f3:04:
                    e4:c0:6a:df:16:43:02:33:b7:c2:08:fd:23:d3:61:
                    c7:98:dd:c3:51:b4:cb:85:5a:bb:95:78:8f:81:26:
                    b0:5f:36:bc:ab:2d:27:81:83:ba:0f:2c:e3:04:52:
                    8d:3a:59:b0:dd:34:95:6c:4a:94:93:2c:6d:30:b3:
                    31:f7:13:c0:65:ef:b2:d0:34:cd:d5:ca:ee:a4:ac:
                    9a:42:7c:60:cc:9c:50:1c:2e:d6:d6:c8:4f:bd:cf:
                    46:80:77:ea:5e:61:1b:ac:4c:6b:c9:a6:7c:35:1e:
                    53:57:77:a0:dd:40:bf:cb:ae:a3:02:32:dd:42:22:
                    7a:aa:eb:63:43:20:d6:d4:d5:90:86:8e:a6:7f:f1:
                    fc:5d:0e:5e:e8:b4:82:11:ba:aa:55:75:cc:9e:37:
                    19:d6:89:9e:71:5a:77:85:8d:eb:8f:79:dc:4f:66:
                    f2:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:32:55:98:60:05:75:C2:B4:81:51:C5:1D:51:3D:1E:D7:45:05:49
            X509v3 Authority Key Identifier:
                keyid:5E:55:AF:DE:34:21:1B:CE:E6:A7:FD:99:24:88:A2:49:27:B4:69:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlWv3jQhG87mp_2ZJIiiSSe0aUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d28ac8-f6b8-4b47-ba93-de7b41678b6f/1/XlWv3jQhG87mp_2ZJIiiSSe0aUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:27:28:44:fc:e9:c4:6f:69:9e:c2:bb:01:d1:af:45:ae:08:
         b5:82:79:d3:5a:ce:10:86:0f:04:85:28:4e:66:26:8d:ee:54:
         65:48:23:30:e6:22:61:fe:c0:bb:a1:66:72:de:6c:96:72:1f:
         24:af:c1:6e:89:51:21:99:c0:2c:da:4b:69:5b:a8:ef:a5:82:
         e6:ec:4b:4d:63:ba:49:eb:4d:fe:e6:31:fc:39:0a:67:d6:33:
         22:12:86:79:f6:29:81:24:39:a9:6e:f3:f0:de:e2:5a:f9:52:
         ad:e2:be:6d:a0:30:76:57:43:75:f3:55:6e:af:3a:d3:fa:fb:
         b2:dc:6f:ea:95:62:c5:df:8c:57:ea:69:92:7c:c7:8d:af:9b:
         da:72:e9:a9:20:bc:d8:8f:dd:5e:b8:02:ab:5e:28:ee:43:4d:
         9d:74:fc:43:5e:bd:da:8d:f1:f7:b2:c0:48:b7:5c:ac:da:38:
         22:d2:6f:48:6d:b2:62:33:4b:13:ec:67:88:ae:6e:3a:fe:e4:
         ec:5f:20:1a:af:54:ca:c2:19:a3:3f:22:ed:dc:db:e0:95:e5:
         ec:da:e4:b7:67:b6:8e:d3:f6:c0:24:40:64:fc:c1:25:f5:8e:
         21:9d:f4:05:b8:41:35:46:88:aa:6d:af:41:21:31:28:d9:56:
         87:59:38:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0YR52q5mzMpgiVZjYGQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNTVhZmRlMzQyMTFiY2VlNmE3ZmQ5OTI0ODhhMjQ5Mjdi
NDY5NDcwHhcNMjUwMjAyMDQwMDUyWhcNMjUwMjAzMDQwMDUyWjAzMTEwLwYDVQQD
EyhmMzMyNTU5ODYwMDU3NWMyYjQ4MTUxYzUxZDUxM2QxZWQ3NDUwNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixhqPiD453PnoPvSYMDzcwXP1P5y
uauyuqouLXluJYvHmD82nIUI8By+MLU1bsl4KCCIOB1FAZG4GcV5+gsO2Fy9NFVk
HreoAUrVdgkub2BY8hgcxmWk8wTkwGrfFkMCM7fCCP0j02HHmN3DUbTLhVq7lXiP
gSawXza8qy0ngYO6DyzjBFKNOlmw3TSVbEqUkyxtMLMx9xPAZe+y0DTN1crupKya
QnxgzJxQHC7W1shPvc9GgHfqXmEbrExryaZ8NR5TV3eg3UC/y66jAjLdQiJ6qutj
QyDW1NWQho6mf/H8XQ5e6LSCEbqqVXXMnjcZ1omecVp3hY3rj3ncT2byfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMyVZhgBXXCtIFRxR1RPR7XRQVJMB8GA1UdIwQY
MBaAFF5Vr940IRvO5qf9mSSIokkntGlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMt
ZGU3YjQxNjc4YjZmLzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMjhhYzgtZjZiOC00YjQ3LWJhOTMtZGU3YjQxNjc4YjZm
LzEvWGxXdjNqUWhHODdtcF8yWkpJaWlTU2UwYVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtCcoRPzp
xG9pnsK7AdGvRa4ItYJ501rOEIYPBIUoTmYmje5UZUgjMOYiYf7Au6Fmct5slnIf
JK/BbolRIZnALNpLaVuo76WC5uxLTWO6SetN/uYx/DkKZ9YzIhKGefYpgSQ5qW7z
8N7iWvlSreK+baAwdldDdfNVbq860/r7stxv6pVixd+MV+ppknzHja+b2nLpqSC8
2I/dXrgCq14o7kNNnXT8Q1692o3x97LASLdcrNo4ItJvSG2yYjNLE+xniK5uOv7k
7F8gGq9UysIZoz8i7dzb4JXl7Nrkt2e2jtP2wCRAZPzBJfWOIZ30BbhBNUaIqm2v
QSExKNlWh1k4fA==
-----END CERTIFICATE-----