Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          FnlEtqHKXETv4QmtiX5Kp+lOLEErcCXUVMNPWjMUL7A=
Subject key identifier:   3F:2A:12:DD:22:D0:63:E8:EC:60:60:1B:CB:C8:3C:A2:9F:FF:B4:CB
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       01963FF9A77CDAF00F900846E8EEE20D7579
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          14F9
Signing time:             Wed 16 Apr 2025 19:00:48 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:48 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:48 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: b0r8N5yf72J6ODEvIz+qY0rwfXKRM5QK9hLaZJrtYUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:a7:7c:da:f0:0f:90:08:46:e8:ee:e2:0d:75:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Apr 16 19:00:48 2025 GMT
            Not After : Apr 17 19:00:48 2025 GMT
        Subject: CN=3f2a12dd22d063e8ec60601bcbc83ca29fffb4cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4d:bc:96:da:2c:42:45:cd:26:0d:c1:95:df:
                    f7:ec:ee:b7:7e:88:5b:6f:e0:b8:82:35:79:d6:24:
                    21:4a:df:f8:bf:52:b8:8e:e6:ca:e2:bd:cb:fe:2e:
                    c8:da:60:44:b4:3a:e8:e0:0f:c1:0f:df:8c:a4:2f:
                    0e:71:7a:fa:29:6f:81:81:d9:ac:8e:d1:8c:9d:ae:
                    58:44:2c:a3:e8:9e:d4:0d:a9:85:22:51:0f:99:3e:
                    72:7f:63:00:b3:27:b1:44:e0:b6:9c:c6:91:c7:f4:
                    69:d2:be:ca:be:e0:4f:a3:a3:3f:75:89:ba:56:29:
                    b1:7e:24:65:40:5b:cc:8b:ca:31:3c:59:bb:8d:4e:
                    76:38:aa:e1:62:10:e4:ec:b9:c0:f4:62:6d:63:8b:
                    62:63:19:df:95:39:6d:6a:27:e6:24:29:e2:98:55:
                    e1:a8:34:b3:a2:8f:f7:6c:f7:81:61:e4:d0:34:a2:
                    72:cb:36:48:cb:87:69:74:fe:4a:83:c0:c2:d7:e0:
                    ef:b3:6a:6a:98:fc:af:67:59:2b:71:3e:60:ab:63:
                    50:fe:49:2b:22:c5:73:9c:99:53:1b:b3:d4:ed:e3:
                    a4:9b:ff:aa:d2:55:5c:79:4c:72:89:84:ea:81:f5:
                    f9:ee:49:a0:83:b2:81:00:33:77:41:fc:72:84:45:
                    bc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:2A:12:DD:22:D0:63:E8:EC:60:60:1B:CB:C8:3C:A2:9F:FF:B4:CB
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:c9:94:0b:bd:7b:f7:48:5c:7f:9b:db:4d:c4:79:58:76:91:
         3f:03:d5:b5:26:46:a8:dc:04:18:b0:a3:91:8e:93:02:93:3c:
         0f:a8:30:e4:ca:ff:e9:9c:3f:88:2d:96:1c:29:a9:2f:03:a2:
         aa:64:5b:e9:91:52:f8:1c:46:b0:8b:46:6f:da:b6:a1:cf:7f:
         c1:f4:50:7d:20:8d:12:1e:02:39:ea:df:83:13:53:15:76:85:
         50:c0:66:2f:b0:87:ee:15:bb:b7:68:f9:29:f6:02:50:2b:c3:
         fe:d0:c5:b5:76:d2:9d:34:6d:ca:0e:da:b3:85:ad:17:a2:8f:
         b9:5c:3d:02:03:85:19:34:cc:9b:a5:09:fc:e0:47:cf:a5:38:
         9b:1d:33:c6:84:ea:77:b9:99:72:23:ca:96:62:ff:24:7e:68:
         a9:fe:6d:1d:30:30:95:74:ab:02:0e:9d:b0:aa:2a:f5:52:b6:
         fc:e5:63:53:e7:5a:08:b3:b8:7d:4e:19:bb:e9:12:b6:78:54:
         70:75:c2:97:ce:00:58:f8:df:46:1d:dd:64:e2:b9:9a:68:e8:
         13:6e:20:75:df:9e:ef:ab:66:b3:f5:f0:aa:e7:2d:e7:46:fd:
         00:b0:c4:cc:a4:63:c1:e7:3b:08:23:99:a1:bb:16:da:1e:87:
         2b:00:44:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+ad82vAPkAhG6O7iDXV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUwNDE2MTkwMDQ4WhcNMjUwNDE3MTkwMDQ4WjAzMTEwLwYDVQQD
EygzZjJhMTJkZDIyZDA2M2U4ZWM2MDYwMWJjYmM4M2NhMjlmZmZiNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU28ltosQkXNJg3Bld/37O63fohb
b+C4gjV51iQhSt/4v1K4jubK4r3L/i7I2mBEtDro4A/BD9+MpC8OcXr6KW+Bgdms
jtGMna5YRCyj6J7UDamFIlEPmT5yf2MAsyexROC2nMaRx/Rp0r7KvuBPo6M/dYm6
VimxfiRlQFvMi8oxPFm7jU52OKrhYhDk7LnA9GJtY4tiYxnflTltaifmJCnimFXh
qDSzoo/3bPeBYeTQNKJyyzZIy4dpdP5Kg8DC1+Dvs2pqmPyvZ1krcT5gq2NQ/kkr
IsVznJlTG7PU7eOkm/+q0lVceUxyiYTqgfX57kmgg7KBADN3QfxyhEW8twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8qEt0i0GPo7GBgG8vIPKKf/7TLMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMmUC717
90hcf5vbTcR5WHaRPwPVtSZGqNwEGLCjkY6TApM8D6gw5Mr/6Zw/iC2WHCmpLwOi
qmRb6ZFS+BxGsItGb9q2oc9/wfRQfSCNEh4COerfgxNTFXaFUMBmL7CH7hW7t2j5
KfYCUCvD/tDFtXbSnTRtyg7as4WtF6KPuVw9AgOFGTTMm6UJ/OBHz6U4mx0zxoTq
d7mZciPKlmL/JH5oqf5tHTAwlXSrAg6dsKoq9VK2/OVjU+daCLO4fU4Zu+kStnhU
cHXCl84AWPjfRh3dZOK5mmjoE24gdd+e76tms/Xwquct50b9ALDEzKRjwec7CCOZ
obsW2h6HKwBErA==
-----END CERTIFICATE-----