Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          bMKccZEcr9fvLndKtePsIGMZnIT9rHvgfO8df0jrWv0=
Subject key identifier:   5E:E4:DC:50:20:58:28:A4:C5:32:EA:88:FD:DF:B2:FE:C1:C7:93:95
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019645C5C92564F93B59BE48D67F55468E3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          14F1
Signing time:             Thu 17 Apr 2025 22:01:51 +0000
Manifest this update:     Thu 17 Apr 2025 22:01:51 +0000
Manifest next update:     Fri 18 Apr 2025 22:01:51 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: 9Zh+q3LyQjWmD2Cr8LZl7cBFCw1g2amlv9ORwbkp6A8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:45:c5:c9:25:64:f9:3b:59:be:48:d6:7f:55:46:8e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Apr 17 22:01:51 2025 GMT
            Not After : Apr 18 22:01:51 2025 GMT
        Subject: CN=5ee4dc50205828a4c532ea88fddfb2fec1c79395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:22:33:d4:d6:33:95:68:ef:10:19:a8:ac:7f:
                    70:1b:08:f2:a8:19:15:af:07:d5:bb:98:44:81:21:
                    71:51:10:78:6f:0e:a8:4c:ab:ea:58:44:61:8e:21:
                    84:3f:94:cd:a3:cb:d8:9b:ac:d6:f8:30:33:41:b3:
                    11:a8:70:24:d6:f9:6f:41:8e:c5:af:b1:61:ee:97:
                    7e:69:59:aa:e2:ce:2e:23:0f:a9:ee:18:02:94:c6:
                    1d:f0:98:9b:63:58:67:00:14:40:e3:c3:01:5f:f5:
                    17:b1:24:58:73:82:31:72:d6:f6:94:30:b7:b9:a2:
                    7c:18:80:fb:5d:4b:2f:67:5b:33:7e:3b:f8:99:c2:
                    d3:e8:73:d8:60:fb:c5:bf:c6:f2:b8:08:8f:0d:99:
                    17:80:01:0e:4c:6c:e0:f7:29:82:f6:00:7b:5d:1a:
                    c7:78:13:da:67:2f:48:7d:09:f4:6c:b1:be:86:f3:
                    52:25:e4:c0:24:29:5a:fa:df:23:c4:1b:74:04:78:
                    3a:80:f0:5c:7e:5d:c7:30:5f:80:b8:d8:db:72:25:
                    8f:ec:72:c0:1d:25:cb:e1:bf:33:18:96:2e:06:8c:
                    68:bc:31:5e:fb:7c:ef:3a:b7:73:2e:ae:eb:b6:fc:
                    20:ad:23:72:50:11:01:aa:30:8e:ea:e3:04:55:8e:
                    1f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:E4:DC:50:20:58:28:A4:C5:32:EA:88:FD:DF:B2:FE:C1:C7:93:95
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:6b:fa:ee:c2:81:cb:ec:be:02:33:87:b0:cb:33:c0:cb:03:
         58:b8:73:eb:e2:b2:55:17:c4:0a:35:1c:e6:8a:12:7b:aa:96:
         c5:64:fe:0e:f4:69:6a:a1:a5:7c:0f:a3:68:26:fc:54:4c:ee:
         43:0b:80:74:34:dd:d3:0c:50:c7:50:2e:f4:f8:67:97:c9:58:
         d5:68:7d:e5:dc:36:44:1f:ee:35:50:9a:6f:70:d4:02:79:9d:
         0f:ef:e6:f3:e0:25:59:c1:ad:76:dc:67:3a:3d:46:52:e1:dd:
         a8:17:4e:c4:60:34:f7:37:35:2f:0c:bf:75:55:e7:81:ee:9d:
         1b:a7:9b:d1:54:9d:7a:58:50:26:5a:2d:3b:04:c6:74:1f:8d:
         dd:c9:2b:fe:01:6a:e8:97:02:00:27:2f:7c:62:e6:ee:eb:72:
         09:99:f7:89:f1:1f:7e:0a:26:02:f5:2f:bd:44:64:e7:c3:84:
         88:22:cb:c8:09:9b:6a:08:60:65:80:16:12:bc:17:a4:10:3e:
         e7:10:fe:31:c9:a8:17:93:a0:7d:e7:f9:2a:d0:f1:d5:f8:76:
         82:c9:76:43:d6:2f:d6:8d:ff:ff:4f:ba:75:b1:3d:63:38:89:
         e3:f6:d6:0b:82:4f:c1:b4:3d:6a:e8:d4:9a:73:f8:bc:ba:12:
         2a:85:c0:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZFxcklZPk7Wb5I1n9VRo4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjUwNDE3MjIwMTUxWhcNMjUwNDE4MjIwMTUxWjAzMTEwLwYDVQQD
Eyg1ZWU0ZGM1MDIwNTgyOGE0YzUzMmVhODhmZGRmYjJmZWMxYzc5Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iIz1NYzlWjvEBmorH9wGwjyqBkV
rwfVu5hEgSFxURB4bw6oTKvqWERhjiGEP5TNo8vYm6zW+DAzQbMRqHAk1vlvQY7F
r7Fh7pd+aVmq4s4uIw+p7hgClMYd8JibY1hnABRA48MBX/UXsSRYc4Ixctb2lDC3
uaJ8GID7XUsvZ1szfjv4mcLT6HPYYPvFv8byuAiPDZkXgAEOTGzg9ymC9gB7XRrH
eBPaZy9IfQn0bLG+hvNSJeTAJCla+t8jxBt0BHg6gPBcfl3HMF+AuNjbciWP7HLA
HSXL4b8zGJYuBoxovDFe+3zvOrdzLq7rtvwgrSNyUBEBqjCO6uMEVY4f3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7k3FAgWCikxTLqiP3fsv7Bx5OVMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaWv67sKB
y+y+AjOHsMszwMsDWLhz6+KyVRfECjUc5ooSe6qWxWT+DvRpaqGlfA+jaCb8VEzu
QwuAdDTd0wxQx1Au9Phnl8lY1Wh95dw2RB/uNVCab3DUAnmdD+/m8+AlWcGtdtxn
Oj1GUuHdqBdOxGA09zc1Lwy/dVXnge6dG6eb0VSdelhQJlotOwTGdB+N3ckr/gFq
6JcCACcvfGLm7utyCZn3ifEffgomAvUvvURk58OEiCLLyAmbaghgZYAWErwXpBA+
5xD+McmoF5Ogfef5KtDx1fh2gsl2Q9Yv1o3//0+6dbE9YziJ4/bWC4JPwbQ9aujU
mnP4vLoSKoXAhg==
-----END CERTIFICATE-----