Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
File:                     XbomMhShFwVRmA7pFxn42Ixia14.mft (raw, json)
Hash identifier:          4My0Gn+AZX5j3zakYUzhE76VKxuMNzvywSrtpoRHBy0=
Subject key identifier:   5A:96:9D:31:5B:4A:DC:4A:FF:85:3C:EF:CB:34:C0:C4:93:02:AE:E8
Authority key identifier: 5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E
Certificate issuer:       /CN=5dba263214a1170551980ee91719f8d88c626b5e
Certificate serial:       01974D452D411BAE13A152CA49BFBE299E95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
Manifest number:          10E9
Signing time:             Sun 08 Jun 2025 02:01:08 +0000
Manifest this update:     Sun 08 Jun 2025 02:01:08 +0000
Manifest next update:     Mon 09 Jun 2025 02:01:08 +0000
Files and hashes:         1: XbomMhShFwVRmA7pFxn42Ixia14.crl (hash: 9TE8yQn0qVDyfWxK1Wl5KJmnpZchLdmx8m7GHk2HCCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:45:2d:41:1b:ae:13:a1:52:ca:49:bf:be:29:9e:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dba263214a1170551980ee91719f8d88c626b5e
        Validity
            Not Before: Jun  8 02:01:08 2025 GMT
            Not After : Jun  9 02:01:08 2025 GMT
        Subject: CN=5a969d315b4adc4aff853cefcb34c0c49302aee8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ea:93:d9:1a:f7:39:fa:37:a5:a8:cb:da:33:
                    24:3a:88:5c:62:b1:42:dc:fd:78:ad:69:85:39:ac:
                    99:71:5b:d0:55:58:82:72:57:b8:57:0d:a3:64:74:
                    a3:f7:24:23:87:c7:f2:c0:ea:62:50:ad:6b:a8:cc:
                    ce:73:c3:7a:32:6f:1c:df:33:ed:19:62:5b:f7:ac:
                    1e:a3:cc:8b:21:62:ca:7f:9a:04:e7:2e:33:27:80:
                    56:fc:1d:24:9c:5b:3b:b6:3e:b6:68:f3:ba:30:f1:
                    29:3d:b3:76:12:80:98:24:d7:79:7d:61:9e:2d:a2:
                    42:09:fe:72:62:ba:8b:ae:e1:8d:87:18:bc:87:7a:
                    43:59:95:d2:03:6a:3e:e3:cd:39:98:7c:09:91:1d:
                    05:10:57:30:7d:8c:e6:3f:69:67:06:4a:45:44:07:
                    9a:9e:eb:be:85:f0:1a:59:10:42:a5:c8:00:0d:17:
                    bf:b7:fd:43:e1:d9:a3:0b:d6:f8:54:54:7a:e8:71:
                    f5:ab:0c:66:26:5d:39:a1:2e:67:f7:de:92:78:58:
                    3d:84:10:a6:07:a6:4b:55:55:66:64:01:58:f0:63:
                    04:e7:5a:11:ae:b8:b1:87:00:4f:cd:78:4c:ad:fd:
                    63:58:dd:82:4a:ef:0f:49:95:dd:54:c7:5a:5e:22:
                    47:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:96:9D:31:5B:4A:DC:4A:FF:85:3C:EF:CB:34:C0:C4:93:02:AE:E8
            X509v3 Authority Key Identifier:
                keyid:5D:BA:26:32:14:A1:17:05:51:98:0E:E9:17:19:F8:D8:8C:62:6B:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbomMhShFwVRmA7pFxn42Ixia14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4e414f-0a76-4fe9-8b7b-135a93982931/1/XbomMhShFwVRmA7pFxn42Ixia14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:b8:57:58:52:19:2b:62:1f:15:da:04:f4:47:66:ea:fc:c8:
         d8:ef:a5:90:9c:71:31:ae:e9:f8:1f:93:f3:47:78:cd:71:3a:
         cd:e6:08:c2:10:53:fc:27:2a:75:eb:4b:0d:6c:8e:23:e1:81:
         9f:66:a5:66:e5:7f:e4:26:8c:fe:fe:6d:18:97:e8:ec:55:02:
         83:9e:c1:7f:e6:d9:52:1b:14:d3:45:33:2a:5c:63:5e:ec:47:
         6b:8a:35:a1:f8:fc:64:dc:d4:41:a1:cd:2a:58:41:16:71:f4:
         16:41:f3:d6:f1:72:86:74:77:f3:87:49:d4:6d:9e:94:a2:3a:
         ea:de:15:60:a4:57:95:06:db:c6:de:55:82:76:71:b8:2e:89:
         29:47:c2:ae:45:d9:d8:31:d8:66:23:ed:79:33:71:df:b7:b6:
         dc:d0:99:47:d3:c3:e7:55:a5:4b:ee:29:89:7a:69:70:a1:47:
         6c:a8:a9:db:ee:60:3a:b9:25:a1:ea:2a:07:90:f3:2f:d4:56:
         c9:61:cc:a6:58:1d:45:e1:82:24:8f:e8:99:eb:e9:3e:db:e1:
         a4:82:66:86:05:f5:0a:bc:27:13:cf:cc:8d:6a:36:9e:3a:62:
         e0:8a:6a:84:92:3d:26:6f:30:34:81:8c:bb:4e:02:4c:de:a3:
         8e:49:d6:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRS1BG64ToVLKSb++KZ6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYmEyNjMyMTRhMTE3MDU1MTk4MGVlOTE3MTlmOGQ4OGM2
MjZiNWUwHhcNMjUwNjA4MDIwMTA4WhcNMjUwNjA5MDIwMTA4WjAzMTEwLwYDVQQD
Eyg1YTk2OWQzMTViNGFkYzRhZmY4NTNjZWZjYjM0YzBjNDkzMDJhZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOqT2Rr3Ofo3pajL2jMkOohcYrFC
3P14rWmFOayZcVvQVViCcle4Vw2jZHSj9yQjh8fywOpiUK1rqMzOc8N6Mm8c3zPt
GWJb96weo8yLIWLKf5oE5y4zJ4BW/B0knFs7tj62aPO6MPEpPbN2EoCYJNd5fWGe
LaJCCf5yYrqLruGNhxi8h3pDWZXSA2o+4805mHwJkR0FEFcwfYzmP2lnBkpFRAea
nuu+hfAaWRBCpcgADRe/t/1D4dmjC9b4VFR66HH1qwxmJl05oS5n996SeFg9hBCm
B6ZLVVVmZAFY8GME51oRrrixhwBPzXhMrf1jWN2CSu8PSZXdVMdaXiJHfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqWnTFbStxK/4U878s0wMSTAq7oMB8GA1UdIwQY
MBaAFF26JjIUoRcFUZgO6RcZ+NiMYmteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2It
MTM1YTkzOTgyOTMxLzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80ZTQxNGYtMGE3Ni00ZmU5LThiN2ItMTM1YTkzOTgyOTMx
LzEvWGJvbU1oU2hGd1ZSbUE3cEZ4bjQySXhpYTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOLhXWFIZ
K2IfFdoE9Edm6vzI2O+lkJxxMa7p+B+T80d4zXE6zeYIwhBT/CcqdetLDWyOI+GB
n2alZuV/5CaM/v5tGJfo7FUCg57Bf+bZUhsU00UzKlxjXuxHa4o1ofj8ZNzUQaHN
KlhBFnH0FkHz1vFyhnR384dJ1G2elKI66t4VYKRXlQbbxt5VgnZxuC6JKUfCrkXZ
2DHYZiPteTNx37e23NCZR9PD51WlS+4piXppcKFHbKip2+5gOrkloeoqB5DzL9RW
yWHMplgdReGCJI/omevpPtvhpIJmhgX1CrwnE8/MjWo2njpi4IpqhJI9Jm8wNIGM
u04CTN6jjknWXw==
-----END CERTIFICATE-----