Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
File:                     gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json)
Hash identifier:          23X7O8ofrmXDuamDUWzMhGQlB38yYvPOJ8ULHQ1wH00=
Subject key identifier:   96:36:E5:CD:C4:83:26:4B:8D:2D:03:20:C7:22:A2:37:F3:04:D8:B3
Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B
Certificate issuer:       /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
Certificate serial:       01965793A85400067CD1C4C61CBE94033673
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
Manifest number:          0C1A
Signing time:             Mon 21 Apr 2025 09:00:16 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:16 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:16 +0000
Files and hashes:         1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: zCsdTMLW0iT6fVMrRIVaN56L5sRcX3CbDIa0ErrHoNE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 09:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:a8:54:00:06:7c:d1:c4:c6:1c:be:94:03:36:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b
        Validity
            Not Before: Apr 21 09:00:16 2025 GMT
            Not After : Apr 22 09:00:16 2025 GMT
        Subject: CN=9636e5cdc483264b8d2d0320c722a237f304d8b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:9e:9f:89:df:f1:50:15:db:0e:94:5f:f4:2a:
                    3f:00:35:4b:7a:af:de:3e:d0:1c:51:fc:69:a6:f9:
                    a4:36:5b:9a:fd:2b:4a:ec:e6:6b:51:28:1b:45:c5:
                    3a:66:07:50:5c:8c:c4:f7:ff:45:d1:d8:70:6d:db:
                    08:79:1f:c8:12:25:a0:32:8f:6b:8e:99:8b:3a:3d:
                    f2:91:5c:e7:0f:0d:a4:b6:2f:d6:5d:64:b1:eb:2e:
                    8a:e3:99:2a:57:c8:2c:dc:d4:86:c9:7a:2b:28:9d:
                    87:e1:76:1b:1f:b2:58:8e:f9:52:a9:e1:f4:53:f8:
                    b9:56:c3:e8:0e:b2:76:50:7b:da:50:56:4a:a4:d7:
                    ee:b3:0f:ac:88:f1:cf:1d:33:d1:ad:2b:a1:fa:05:
                    a9:4a:a8:1d:1d:f2:5e:74:17:83:85:9e:8a:5d:56:
                    dc:26:14:50:c1:3d:78:b6:75:dd:35:5c:8f:76:83:
                    51:8e:a1:75:78:72:ea:28:db:95:c6:9f:82:c9:52:
                    c2:5d:dc:f4:ec:80:3b:4a:6d:a7:91:cc:f6:28:85:
                    fa:45:bf:ac:c8:3d:4e:db:ad:03:91:00:65:a8:5a:
                    ec:5c:d8:4a:39:c7:c2:95:31:cf:40:37:86:d1:32:
                    83:f6:3e:8b:3f:0a:56:77:61:1a:bd:3c:a3:3f:29:
                    da:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:36:E5:CD:C4:83:26:4B:8D:2D:03:20:C7:22:A2:37:F3:04:D8:B3
            X509v3 Authority Key Identifier:
                keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:12:6a:6d:af:f1:be:83:77:6b:76:d0:2e:b9:1c:1f:83:38:
         3d:c6:e0:4b:cc:e1:4d:f2:0c:d7:af:5e:6e:6b:90:8c:5c:83:
         7e:aa:b3:74:99:38:be:46:05:a3:7c:c0:6c:36:d8:e3:e7:a7:
         2f:31:ce:8d:62:51:08:0c:b1:e6:8c:8a:15:39:f3:cd:dd:31:
         bd:7c:d7:91:d7:f7:c3:9c:61:c7:7d:e0:85:6e:32:b5:8a:72:
         76:0e:e0:70:bc:40:82:89:82:0e:5d:dd:a6:5d:2a:c9:e5:e6:
         10:63:06:7b:44:18:0b:9a:f3:83:f2:55:12:61:24:c2:43:3f:
         ed:b0:51:37:64:d5:da:21:4f:a9:be:31:dd:b6:db:fe:bc:95:
         42:e2:54:00:ba:b0:a0:9b:fb:2e:67:24:34:86:5c:14:95:63:
         e4:25:43:8b:d0:65:73:9a:72:24:6e:8f:e6:a0:cf:dd:e0:3b:
         ea:b9:85:48:cf:c2:75:97:7c:43:a6:bf:03:ed:c4:98:e3:f9:
         cd:46:b2:12:e8:d3:1b:8e:bc:f8:f9:6e:8b:be:6b:25:a7:55:
         45:46:d5:d0:4a:17:44:f5:9b:ee:99:c5:e6:2e:ce:04:5b:02:
         8e:0f:b6:46:e0:00:94:2b:94:49:bf:3d:b0:94:07:db:fe:31:
         a7:d6:bc:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk6hUAAZ80cTGHL6UAzZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm
MDIxM2IwHhcNMjUwNDIxMDkwMDE2WhcNMjUwNDIyMDkwMDE2WjAzMTEwLwYDVQQD
Eyg5NjM2ZTVjZGM0ODMyNjRiOGQyZDAzMjBjNzIyYTIzN2YzMDRkOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+p6fid/xUBXbDpRf9Co/ADVLeq/e
PtAcUfxppvmkNlua/StK7OZrUSgbRcU6ZgdQXIzE9/9F0dhwbdsIeR/IEiWgMo9r
jpmLOj3ykVznDw2kti/WXWSx6y6K45kqV8gs3NSGyXorKJ2H4XYbH7JYjvlSqeH0
U/i5VsPoDrJ2UHvaUFZKpNfusw+siPHPHTPRrSuh+gWpSqgdHfJedBeDhZ6KXVbc
JhRQwT14tnXdNVyPdoNRjqF1eHLqKNuVxp+CyVLCXdz07IA7Sm2nkcz2KIX6Rb+s
yD1O260DkQBlqFrsXNhKOcfClTHPQDeG0TKD9j6LPwpWd2EavTyjPynavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJY25c3EgyZLjS0DIMciojfzBNizMB8GA1UdIwQY
MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et
NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx
LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATRJqba/x
voN3a3bQLrkcH4M4PcbgS8zhTfIM169ebmuQjFyDfqqzdJk4vkYFo3zAbDbY4+en
LzHOjWJRCAyx5oyKFTnzzd0xvXzXkdf3w5xhx33ghW4ytYpydg7gcLxAgomCDl3d
pl0qyeXmEGMGe0QYC5rzg/JVEmEkwkM/7bBRN2TV2iFPqb4x3bbb/ryVQuJUALqw
oJv7LmckNIZcFJVj5CVDi9Blc5pyJG6P5qDP3eA76rmFSM/CdZd8Q6a/A+3EmOP5
zUayEujTG468+Plui75rJadVRUbV0EoXRPWb7pnF5i7OBFsCjg+2RuAAlCuUSb89
sJQH2/4xp9a81w==
-----END CERTIFICATE-----