Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          JFPFBw4rsH+OuZ56eCJ1kHaB4jXDoIwuarcfH7ZNlO0=
Subject key identifier:   C7:36:14:E3:A4:AC:9D:30:F4:F8:26:96:AC:8D:E8:38:5E:F2:52:97
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0196526D8672F7582E754EAEE3A5674E45F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          0144
Signing time:             Sun 20 Apr 2025 09:00:31 +0000
Manifest this update:     Sun 20 Apr 2025 09:00:31 +0000
Manifest next update:     Mon 21 Apr 2025 09:00:31 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: P9/dd9vlEomINIpt7KVKmxdbNS2zbCEoTPG0rSV1244=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 09:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:6d:86:72:f7:58:2e:75:4e:ae:e3:a5:67:4e:45:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Apr 20 09:00:31 2025 GMT
            Not After : Apr 21 09:00:31 2025 GMT
        Subject: CN=c73614e3a4ac9d30f4f82696ac8de8385ef25297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7a:03:a9:0e:c4:13:e6:96:34:ac:30:a8:4f:
                    3f:d6:71:24:e4:b2:3e:ef:c9:fb:6b:42:b6:5c:09:
                    e6:15:89:43:b5:33:1b:af:c1:49:2f:f5:42:41:b6:
                    ba:c1:56:ad:ce:65:93:90:54:c5:1d:8b:1c:b1:03:
                    eb:1c:da:af:98:57:ff:d4:c7:fd:8f:f4:db:2b:cf:
                    51:cb:46:c8:6e:35:9a:4d:15:12:52:76:8a:5f:05:
                    3b:0f:21:9e:2a:46:95:4b:fa:c6:25:9d:43:b4:d4:
                    56:29:54:2c:db:d9:9f:da:96:f9:c0:82:3a:0b:fa:
                    29:ea:ea:2b:dc:28:79:c5:bd:8e:71:8b:94:42:e9:
                    70:6c:cf:f4:f2:a0:b4:75:23:4c:a9:e2:2f:e2:00:
                    f4:83:31:3d:a9:ab:d7:be:f6:af:f9:95:74:4f:b3:
                    11:14:4c:25:2b:8d:8d:97:4a:b2:1f:ea:e7:c4:5a:
                    e9:ce:60:51:af:61:e3:70:9a:77:4c:24:cc:c8:2e:
                    f5:ac:7e:22:f3:cb:25:7b:76:1e:de:e4:8e:25:8c:
                    9e:87:36:a4:66:78:38:ea:2d:f7:53:78:be:f1:fe:
                    9b:ff:dd:53:de:13:f7:21:fa:60:2b:9f:13:c9:34:
                    fa:d3:82:76:67:95:37:4c:54:cc:41:80:36:ee:81:
                    e7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:36:14:E3:A4:AC:9D:30:F4:F8:26:96:AC:8D:E8:38:5E:F2:52:97
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:fe:90:7e:e8:06:b4:05:6b:01:88:4a:4a:b7:10:69:b4:ae:
         7d:d4:52:e9:ec:66:17:e4:2f:d6:46:86:30:c4:5e:9c:bf:23:
         2e:0c:de:f3:a6:40:e7:88:60:7c:8b:0f:34:1d:6a:cc:ea:af:
         86:e5:fe:55:6b:82:58:b8:e8:41:9c:cd:b9:7e:0e:46:d2:09:
         98:c4:3e:85:2c:03:d2:ab:8c:7c:68:b2:15:a5:fa:fa:3f:ff:
         c5:da:10:4a:3c:75:17:2f:e2:07:fa:2b:4c:11:23:b6:b2:f9:
         94:22:64:fd:57:0d:35:1e:1e:22:d2:38:e6:96:c8:46:34:03:
         a8:e6:fb:1c:62:6e:10:dd:38:aa:8d:fd:80:c5:2f:36:c8:e3:
         c0:d3:dc:31:28:8e:4b:d7:c3:5c:ed:91:d3:7e:4c:98:23:70:
         85:78:dc:26:93:2d:bf:74:a8:10:cf:78:c6:c5:99:63:27:68:
         85:8c:e2:64:bc:14:d9:3d:42:94:72:c3:ae:08:66:b1:50:02:
         ec:5e:84:c6:6c:34:26:31:da:9c:0c:17:4c:df:dd:87:29:98:
         65:25:d1:b0:83:03:91:b7:67:2d:70:55:22:f2:3c:a0:6d:28:
         a6:7b:11:84:a0:1a:1f:c4:c4:ad:41:f3:cf:15:1a:13:82:23:
         0e:be:a7:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbYZy91gudU6u46VnTkX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwNDIwMDkwMDMxWhcNMjUwNDIxMDkwMDMxWjAzMTEwLwYDVQQD
EyhjNzM2MTRlM2E0YWM5ZDMwZjRmODI2OTZhYzhkZTgzODVlZjI1Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3oDqQ7EE+aWNKwwqE8/1nEk5LI+
78n7a0K2XAnmFYlDtTMbr8FJL/VCQba6wVatzmWTkFTFHYscsQPrHNqvmFf/1Mf9
j/TbK89Ry0bIbjWaTRUSUnaKXwU7DyGeKkaVS/rGJZ1DtNRWKVQs29mf2pb5wII6
C/op6uor3Ch5xb2OcYuUQulwbM/08qC0dSNMqeIv4gD0gzE9qavXvvav+ZV0T7MR
FEwlK42Nl0qyH+rnxFrpzmBRr2HjcJp3TCTMyC71rH4i88sle3Ye3uSOJYyehzak
Zng46i33U3i+8f6b/91T3hP3IfpgK58TyTT604J2Z5U3TFTMQYA27oHnwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMc2FOOkrJ0w9PgmlqyN6Dhe8lKXMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh/6QfugG
tAVrAYhKSrcQabSufdRS6exmF+Qv1kaGMMRenL8jLgze86ZA54hgfIsPNB1qzOqv
huX+VWuCWLjoQZzNuX4ORtIJmMQ+hSwD0quMfGiyFaX6+j//xdoQSjx1Fy/iB/or
TBEjtrL5lCJk/VcNNR4eItI45pbIRjQDqOb7HGJuEN04qo39gMUvNsjjwNPcMSiO
S9fDXO2R035MmCNwhXjcJpMtv3SoEM94xsWZYydohYziZLwU2T1ClHLDrghmsVAC
7F6Exmw0JjHanAwXTN/dhymYZSXRsIMDkbdnLXBVIvI8oG0opnsRhKAaH8TErUHz
zxUaE4IjDr6n4w==
-----END CERTIFICATE-----