Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
File:                     XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft (raw, json)
Hash identifier:          bTl/UNk8WzO33vqvMY3if0bmVrClQEZb6Atfg7DOlHo=
Subject key identifier:   B4:52:80:36:48:5F:85:8A:05:6B:51:57:31:27:4B:DF:C3:D1:D7:4B
Authority key identifier: 5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E
Certificate issuer:       /CN=5ccf12899f358d1c341a207fde21d43c70a6945e
Certificate serial:       0194C4D16CB6E4833D4E8A12BB973279214B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
Manifest number:          76
Signing time:             Sun 02 Feb 2025 04:00:46 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:46 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:46 +0000
Files and hashes:         1: XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl (hash: 1y6+Egf7mtXwJhVzuF5XBpAQvakyFOHvK118XSwv3ks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:6c:b6:e4:83:3d:4e:8a:12:bb:97:32:79:21:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccf12899f358d1c341a207fde21d43c70a6945e
        Validity
            Not Before: Feb  2 04:00:46 2025 GMT
            Not After : Feb  3 04:00:46 2025 GMT
        Subject: CN=b4528036485f858a056b515731274bdfc3d1d74b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:64:d9:7d:4b:6d:9b:c0:95:62:00:44:c3:e5:
                    68:22:a7:70:ff:07:ec:86:30:5c:f9:75:8d:25:a3:
                    a0:57:61:fa:d5:2e:07:da:f0:ea:27:4e:37:89:85:
                    8c:ab:df:b3:2d:30:f3:0c:a6:be:6e:7a:e3:7c:83:
                    e5:e2:a7:91:47:f6:7d:9a:91:29:ea:bd:58:f5:d8:
                    3e:8b:13:be:6a:ba:81:24:1b:63:85:23:96:db:3b:
                    5c:24:36:ef:50:35:ed:5a:21:36:68:69:bc:ab:4b:
                    2d:ba:48:ae:49:35:2a:dd:3c:90:f1:90:ab:fc:df:
                    0a:81:7b:95:f4:d2:6d:28:dd:c7:07:16:f9:3e:a6:
                    94:3c:d3:3f:ec:6b:07:3f:31:2e:e4:f0:7c:ab:9a:
                    9f:a1:b3:6a:d8:ee:92:7b:95:e0:81:79:b7:58:32:
                    4f:cf:ee:f8:92:f0:cd:5f:2d:0b:ff:e4:05:f5:c2:
                    9f:68:73:74:92:2e:fd:74:df:74:6a:80:3e:64:38:
                    1e:6c:4e:07:9e:c7:43:e5:29:9a:0c:c2:1f:83:9b:
                    df:73:45:ac:62:f0:d5:c2:95:7f:a5:6c:47:44:39:
                    3a:91:45:09:18:cd:1e:f2:9a:d5:dc:90:35:4e:66:
                    d3:b6:93:92:5b:7c:0e:fb:cc:08:cd:be:89:bf:6d:
                    e3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:52:80:36:48:5F:85:8A:05:6B:51:57:31:27:4B:DF:C3:D1:D7:4B
            X509v3 Authority Key Identifier:
                keyid:5C:CF:12:89:9F:35:8D:1C:34:1A:20:7F:DE:21:D4:3C:70:A6:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM8SiZ81jRw0GiB_3iHUPHCmlF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c81297-62b7-49fb-ba3f-2560f8690cd2/1/XM8SiZ81jRw0GiB_3iHUPHCmlF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:60:da:ca:39:26:49:af:b5:55:36:74:43:24:47:71:ae:99:
         7d:51:39:9c:82:f1:c6:51:43:97:07:ae:93:c9:c4:e2:99:c1:
         ef:17:e1:4d:88:96:37:cd:13:5e:14:63:cb:76:21:54:5c:cb:
         3d:6d:3e:8d:45:49:87:e8:b3:fc:84:85:4b:11:31:34:1f:74:
         06:eb:ff:1e:f5:d1:f2:c5:99:11:f5:4a:0b:35:ce:a4:78:27:
         b5:1f:07:75:6d:51:5e:04:7d:cb:a2:63:26:c7:71:9b:3e:9d:
         61:54:bb:2a:cd:14:ff:fd:55:00:68:89:9f:c0:21:90:28:17:
         69:21:08:53:17:37:7a:84:47:5a:8a:4c:cf:5c:9d:76:fb:d2:
         65:3e:c6:ca:32:7c:d0:25:2c:ce:f0:fb:d2:9b:88:98:d2:5b:
         76:de:bf:be:fa:af:23:d7:05:13:6a:ed:1c:3c:40:24:f7:35:
         53:5f:a4:c2:75:5d:5e:2d:40:d8:9c:a3:08:24:63:de:09:50:
         2e:cb:cb:7d:cf:38:24:f3:3d:b2:29:d5:ae:87:00:6f:b5:5f:
         80:5e:df:b5:85:fd:75:d5:b1:ca:ba:16:09:0e:c5:12:f6:ce:
         f3:8c:b9:9b:60:57:27:33:24:34:47:2e:b0:00:d1:e0:ed:cb:
         ed:a9:c4:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0Wy25IM9TooSu5cyeSFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2YxMjg5OWYzNThkMWMzNDFhMjA3ZmRlMjFkNDNjNzBh
Njk0NWUwHhcNMjUwMjAyMDQwMDQ2WhcNMjUwMjAzMDQwMDQ2WjAzMTEwLwYDVQQD
EyhiNDUyODAzNjQ4NWY4NThhMDU2YjUxNTczMTI3NGJkZmMzZDFkNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWTZfUttm8CVYgBEw+VoIqdw/wfs
hjBc+XWNJaOgV2H61S4H2vDqJ043iYWMq9+zLTDzDKa+bnrjfIPl4qeRR/Z9mpEp
6r1Y9dg+ixO+arqBJBtjhSOW2ztcJDbvUDXtWiE2aGm8q0stukiuSTUq3TyQ8ZCr
/N8KgXuV9NJtKN3HBxb5PqaUPNM/7GsHPzEu5PB8q5qfobNq2O6Se5XggXm3WDJP
z+74kvDNXy0L/+QF9cKfaHN0ki79dN90aoA+ZDgebE4HnsdD5SmaDMIfg5vfc0Ws
YvDVwpV/pWxHRDk6kUUJGM0e8prV3JA1TmbTtpOSW3wO+8wIzb6Jv23jAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRSgDZIX4WKBWtRVzEnS9/D0ddLMB8GA1UdIwQY
MBaAFFzPEomfNY0cNBogf94h1DxwppReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2Yt
MjU2MGY4NjkwY2QyLzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jODEyOTctNjJiNy00OWZiLWJhM2YtMjU2MGY4NjkwY2Qy
LzEvWE04U2laODFqUncwR2lCXzNpSFVQSENtbEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmDayjkm
Sa+1VTZ0QyRHca6ZfVE5nILxxlFDlweuk8nE4pnB7xfhTYiWN80TXhRjy3YhVFzL
PW0+jUVJh+iz/ISFSxExNB90Buv/HvXR8sWZEfVKCzXOpHgntR8HdW1RXgR9y6Jj
Jsdxmz6dYVS7Ks0U//1VAGiJn8AhkCgXaSEIUxc3eoRHWopMz1yddvvSZT7GyjJ8
0CUszvD70puImNJbdt6/vvqvI9cFE2rtHDxAJPc1U1+kwnVdXi1A2JyjCCRj3glQ
LsvLfc84JPM9sinVrocAb7VfgF7ftYX9ddWxyroWCQ7FEvbO84y5m2BXJzMkNEcu
sADR4O3L7anEgQ==
-----END CERTIFICATE-----