Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          3EXEMuxD+pcXBws9F1PIoRFJRVR/NIyGlwj1Y3z2qzg=
Subject key identifier:   6D:03:EF:3E:60:30:EE:12:79:0C:39:FF:E4:FC:62:F4:47:05:33:0F
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       019650B65C77C63E71F4F81C4B3F157ABB48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 01:00:50 +0000
Manifest this update:     Sun 20 Apr 2025 01:00:50 +0000
Manifest next update:     Mon 21 Apr 2025 01:00:50 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: HM9mwJKG6SjkYvtcQHvNV2nS59PceKJB0504fZN883E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:b6:5c:77:c6:3e:71:f4:f8:1c:4b:3f:15:7a:bb:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Apr 20 01:00:50 2025 GMT
            Not After : Apr 21 01:00:50 2025 GMT
        Subject: CN=6d03ef3e6030ee12790c39ffe4fc62f44705330f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c3:a1:73:8b:24:64:b3:a5:5d:08:fd:7a:ac:
                    a2:2a:58:44:11:34:60:b3:9a:9b:b2:29:cd:58:5c:
                    da:e2:91:66:81:51:04:6e:65:87:60:f9:f3:be:0d:
                    45:f2:85:d5:ea:fa:76:3f:b5:09:e2:c7:38:49:f6:
                    cb:41:f1:dc:fe:3d:20:7a:50:ea:2d:4a:6f:df:73:
                    ae:14:07:c1:0f:e0:78:e2:a6:3c:8c:2d:a0:13:f0:
                    ae:b4:be:0f:ed:04:77:3d:14:6f:9b:86:be:4b:69:
                    1f:ee:7d:3d:1a:48:7c:0e:b3:4f:67:3d:cc:39:00:
                    b2:4a:83:c1:1f:d9:6e:10:ad:63:18:1c:7a:1a:91:
                    fc:08:87:f5:26:4d:5d:a3:c7:aa:4d:fc:e5:05:f2:
                    db:7b:f1:cc:cc:8e:b5:d5:bb:9f:92:ab:d9:89:1f:
                    e6:43:71:b7:3b:59:3d:c3:e7:87:57:79:f6:13:26:
                    1c:15:a4:29:91:5f:34:13:73:aa:35:5a:bf:22:19:
                    bb:4a:b8:0b:24:b5:40:ad:7f:86:2f:58:74:58:66:
                    c1:f3:91:32:83:86:3e:84:a2:25:fb:ed:5f:0d:74:
                    e4:ea:0d:4a:cd:83:f8:a2:fc:c5:ad:a6:27:b2:65:
                    cc:24:2f:4e:3d:55:5b:17:f7:ec:0c:86:87:b4:83:
                    7b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:03:EF:3E:60:30:EE:12:79:0C:39:FF:E4:FC:62:F4:47:05:33:0F
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:cf:8d:7c:a4:f4:bb:d8:7e:61:7e:fc:59:5c:40:29:13:67:
         4a:3c:9a:97:df:a6:b4:84:77:23:24:a6:81:1c:68:aa:9b:3e:
         14:ae:20:60:9c:cd:c8:3d:b9:2d:57:ca:07:22:ff:04:8b:91:
         94:97:31:6b:7d:a1:47:f5:15:56:1d:a6:76:ad:8b:b2:54:1b:
         74:8d:40:d9:48:c4:3c:f6:15:f4:62:2d:4b:2c:82:96:df:78:
         de:d0:da:02:4b:97:d9:f6:08:03:40:76:16:8b:ba:ce:bf:40:
         7f:de:b6:7d:58:fb:03:55:63:85:e4:a0:29:ae:90:f3:63:2f:
         58:15:c2:47:33:3b:0d:6c:6a:e8:a2:67:5f:b3:89:7d:d6:8e:
         99:02:5b:81:b0:36:a1:86:c7:9f:b3:b7:14:ee:97:9e:76:9a:
         13:b9:f2:71:cf:7e:65:5d:2f:af:72:dd:04:13:50:be:bf:29:
         d2:c5:db:e0:76:48:28:f3:b9:ee:c7:89:11:f8:c9:b9:c4:d2:
         95:14:ca:31:68:81:bd:34:b9:8c:a0:56:03:c4:c2:76:ab:82:
         77:cb:72:a4:ac:11:ef:ef:d4:d8:74:13:63:4a:70:30:a1:31:
         a0:a8:49:70:a0:63:85:b1:ef:22:95:a3:f0:c1:fa:40:de:c2:
         b9:e3:51:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtlx3xj5x9PgcSz8VertIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjUwNDIwMDEwMDUwWhcNMjUwNDIxMDEwMDUwWjAzMTEwLwYDVQQD
Eyg2ZDAzZWYzZTYwMzBlZTEyNzkwYzM5ZmZlNGZjNjJmNDQ3MDUzMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cOhc4skZLOlXQj9eqyiKlhEETRg
s5qbsinNWFza4pFmgVEEbmWHYPnzvg1F8oXV6vp2P7UJ4sc4SfbLQfHc/j0gelDq
LUpv33OuFAfBD+B44qY8jC2gE/CutL4P7QR3PRRvm4a+S2kf7n09Gkh8DrNPZz3M
OQCySoPBH9luEK1jGBx6GpH8CIf1Jk1do8eqTfzlBfLbe/HMzI611bufkqvZiR/m
Q3G3O1k9w+eHV3n2EyYcFaQpkV80E3OqNVq/Ihm7SrgLJLVArX+GL1h0WGbB85Ey
g4Y+hKIl++1fDXTk6g1KzYP4ovzFraYnsmXMJC9OPVVbF/fsDIaHtIN7DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0D7z5gMO4SeQw5/+T8YvRHBTMPMB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZs+NfKT0
u9h+YX78WVxAKRNnSjyal9+mtIR3IySmgRxoqps+FK4gYJzNyD25LVfKByL/BIuR
lJcxa32hR/UVVh2mdq2LslQbdI1A2UjEPPYV9GItSyyClt943tDaAkuX2fYIA0B2
Fou6zr9Af962fVj7A1VjheSgKa6Q82MvWBXCRzM7DWxq6KJnX7OJfdaOmQJbgbA2
oYbHn7O3FO6XnnaaE7nycc9+ZV0vr3LdBBNQvr8p0sXb4HZIKPO57seJEfjJucTS
lRTKMWiBvTS5jKBWA8TCdquCd8typKwR7+/U2HQTY0pwMKExoKhJcKBjhbHvIpWj
8MH6QN7CueNR8A==
-----END CERTIFICATE-----