Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          oLIVOrcntYDTyiZ7tRQHNDqsXL0sMEMrSTSlMV//G1c=
Subject key identifier:   43:DB:A3:DE:A9:A2:2E:34:85:88:FD:9B:5A:AF:6C:38:8E:02:27:18
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       01964EC80EF13D243BD068B4397382CA2C74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          06AF
Signing time:             Sat 19 Apr 2025 16:00:55 +0000
Manifest this update:     Sat 19 Apr 2025 16:00:55 +0000
Manifest next update:     Sun 20 Apr 2025 16:00:55 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: QTYTKf1kLlWpFRu/DKzt+FJJfUHF8sauMS70iit/1Qk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:c8:0e:f1:3d:24:3b:d0:68:b4:39:73:82:ca:2c:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Apr 19 16:00:55 2025 GMT
            Not After : Apr 20 16:00:55 2025 GMT
        Subject: CN=43dba3dea9a22e348588fd9b5aaf6c388e022718
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:66:24:99:08:ae:b1:84:90:ec:96:f1:59:46:
                    58:fd:89:6c:9b:4d:ce:4f:69:de:d2:8e:25:57:ee:
                    01:95:0d:89:97:2f:e4:69:68:69:b1:32:b9:a3:30:
                    84:5d:11:5a:84:1c:a9:a2:b9:8b:d6:4e:55:d8:b2:
                    69:b0:04:10:aa:c3:f2:9a:45:f6:8e:e8:a8:3f:0d:
                    87:d9:be:47:8f:9a:93:89:78:47:0f:aa:65:e2:2d:
                    e4:98:48:3b:a0:89:88:ff:40:4c:87:89:25:49:98:
                    f5:9c:ad:a0:25:b9:20:3b:d7:52:f8:5d:34:d7:cc:
                    86:20:4c:97:a1:8d:d7:a4:c0:22:e6:c5:cb:e1:f2:
                    0d:5e:91:56:cd:df:75:b2:dc:78:fc:99:4a:e8:bd:
                    d0:11:30:d6:fc:36:f6:c0:7f:1e:8b:30:f6:05:f6:
                    58:97:58:63:e5:57:d9:ad:c6:3b:f8:6a:52:37:4c:
                    70:f5:da:df:43:0a:fb:f6:e4:92:0c:96:65:26:6b:
                    5e:57:ac:10:95:96:ce:60:23:13:1f:4b:79:9a:6c:
                    e4:ed:de:4f:38:07:f0:34:86:3b:e1:96:ca:e3:88:
                    02:23:57:5a:39:45:eb:1e:9e:04:72:c4:03:f1:46:
                    33:dd:01:f2:31:48:04:9e:05:1a:88:2d:32:e5:a1:
                    77:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:DB:A3:DE:A9:A2:2E:34:85:88:FD:9B:5A:AF:6C:38:8E:02:27:18
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:7c:d6:35:a6:55:a1:cb:e2:ad:46:43:5c:28:65:ce:5d:5c:
         4d:2c:e6:63:65:16:47:a2:eb:2d:9d:dc:53:99:33:e7:bf:c6:
         c0:fa:66:0f:2e:d0:59:cc:81:a5:54:96:68:e4:5d:ae:cf:a6:
         d0:5a:78:46:e8:5a:40:58:d3:67:2e:be:80:27:3e:b0:3a:90:
         5d:96:68:2a:12:7a:96:78:f0:a8:a7:f9:1d:06:9c:c8:75:42:
         d8:2c:a6:68:62:3e:4a:bf:b4:db:44:6a:d2:e4:52:7b:34:14:
         05:62:42:d9:7b:c1:ab:8a:d7:cc:c4:7b:68:20:44:c2:3c:25:
         48:c2:22:6b:20:fc:c8:31:1d:16:dd:68:5b:42:e3:72:8c:2e:
         c5:2e:17:30:5c:86:43:92:fd:70:70:22:5e:91:81:73:67:71:
         7d:66:09:7a:c6:c4:63:a7:2f:98:bf:58:b4:28:3a:d0:d9:1e:
         53:86:0c:fd:4e:76:5c:38:d6:e0:97:f3:c7:da:86:d1:d5:b5:
         47:03:e9:ec:0d:50:43:4d:9f:be:44:83:24:dd:7c:c6:7c:56:
         60:ba:5a:65:d9:86:97:c3:f6:ae:fe:1f:90:ee:e0:a1:02:d9:
         d7:91:b0:39:08:ba:ec:73:11:b9:c5:9f:7e:ee:a9:7f:21:01:
         00:a4:5a:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOyA7xPSQ70Gi0OXOCyix0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjUwNDE5MTYwMDU1WhcNMjUwNDIwMTYwMDU1WjAzMTEwLwYDVQQD
Eyg0M2RiYTNkZWE5YTIyZTM0ODU4OGZkOWI1YWFmNmMzODhlMDIyNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GYkmQiusYSQ7JbxWUZY/Ylsm03O
T2ne0o4lV+4BlQ2Jly/kaWhpsTK5ozCEXRFahBypormL1k5V2LJpsAQQqsPymkX2
juioPw2H2b5Hj5qTiXhHD6pl4i3kmEg7oImI/0BMh4klSZj1nK2gJbkgO9dS+F00
18yGIEyXoY3XpMAi5sXL4fINXpFWzd91stx4/JlK6L3QETDW/Db2wH8eizD2BfZY
l1hj5VfZrcY7+GpSN0xw9drfQwr79uSSDJZlJmteV6wQlZbOYCMTH0t5mmzk7d5P
OAfwNIY74ZbK44gCI1daOUXrHp4EcsQD8UYz3QHyMUgEngUaiC0y5aF3hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPbo96poi40hYj9m1qvbDiOAicYMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXzWNaZV
ocvirUZDXChlzl1cTSzmY2UWR6LrLZ3cU5kz57/GwPpmDy7QWcyBpVSWaORdrs+m
0Fp4RuhaQFjTZy6+gCc+sDqQXZZoKhJ6lnjwqKf5HQacyHVC2CymaGI+Sr+020Rq
0uRSezQUBWJC2XvBq4rXzMR7aCBEwjwlSMIiayD8yDEdFt1oW0LjcowuxS4XMFyG
Q5L9cHAiXpGBc2dxfWYJesbEY6cvmL9YtCg60NkeU4YM/U52XDjW4Jfzx9qG0dW1
RwPp7A1QQ02fvkSDJN18xnxWYLpaZdmGl8P2rv4fkO7goQLZ15GwOQi67HMRucWf
fu6pfyEBAKRaHA==
-----END CERTIFICATE-----