Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          36A/mSUf9kQfsbZswvR6fhgfE+2rYPSsPBXSQ0Aiwyw=
Subject key identifier:   D8:92:17:C7:7E:8C:F6:30:57:5F:C1:FA:C6:73:7C:0A:B4:49:A2:6C
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       01964CD94401185DFCCF0926887209DBA461
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          09DC
Signing time:             Sat 19 Apr 2025 07:00:29 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:29 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:29 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: BoWruQx/cVoBeWxNbAGgPgyM42Rz+TjpEOhNzzJDgho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:44:01:18:5d:fc:cf:09:26:88:72:09:db:a4:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Apr 19 07:00:29 2025 GMT
            Not After : Apr 20 07:00:29 2025 GMT
        Subject: CN=d89217c77e8cf630575fc1fac6737c0ab449a26c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:39:88:ed:81:2a:df:ac:af:d3:f0:fb:38:00:
                    be:5f:f4:9d:95:0c:50:24:73:ef:81:cb:e2:db:e4:
                    7e:50:c0:1f:21:8c:37:b1:1d:4f:6c:0f:e5:85:14:
                    36:73:6b:e6:76:08:3c:31:e3:8a:d7:cf:cf:2b:ad:
                    ae:40:60:8f:03:0b:60:4f:fd:0a:ff:a2:87:61:86:
                    5a:63:9a:25:8d:ea:58:2a:b8:f3:fa:ec:47:db:90:
                    60:01:31:2a:da:f4:8f:68:24:96:fc:6c:77:1d:bf:
                    df:32:8f:43:a3:74:67:97:0b:be:19:5d:33:e6:3d:
                    fb:63:51:42:6e:a3:9e:ba:d8:06:d9:66:07:f9:c0:
                    56:87:0c:2e:82:72:66:65:54:4d:4d:76:47:66:8d:
                    6d:ff:9a:99:3c:10:3f:fc:41:fc:ca:8d:24:18:2d:
                    30:64:7d:e1:20:78:00:1e:1f:cc:e6:91:1d:85:f9:
                    01:c3:84:e1:ba:fa:68:3e:75:cf:46:b2:45:17:14:
                    95:d8:9d:86:94:b1:d4:9a:7c:f3:59:35:54:2a:0b:
                    b0:08:5e:d9:8f:e6:e5:99:07:0c:88:df:84:eb:63:
                    e9:e0:cf:9b:40:98:8a:58:f5:a9:18:2b:42:23:99:
                    0c:8b:f2:c2:3f:96:d0:e5:27:ad:d6:93:c6:f2:70:
                    ec:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:92:17:C7:7E:8C:F6:30:57:5F:C1:FA:C6:73:7C:0A:B4:49:A2:6C
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:32:e5:72:d2:04:a0:eb:2c:fb:4f:38:ab:b8:e0:39:db:89:
         c7:55:00:dc:59:28:57:b5:af:f4:a0:88:6e:16:15:66:a0:d7:
         35:94:b4:a3:31:40:e2:d4:cf:fb:64:c0:32:8b:5f:35:09:ae:
         ba:6c:6d:cd:fb:38:0c:7f:e7:16:f2:ef:49:33:31:82:9c:3d:
         9f:4e:66:10:db:b4:5b:66:f9:12:9e:ba:4c:17:14:c6:73:66:
         39:67:32:a3:c7:15:26:5f:cf:45:23:e5:fc:55:26:e2:93:df:
         0f:75:cd:8f:06:13:b1:9f:aa:cf:ce:0c:01:7c:6d:11:d0:c2:
         4e:db:81:05:22:33:7c:e5:a8:01:df:81:ff:05:14:49:de:8f:
         ea:0e:ae:75:29:2c:53:3d:ed:ff:e6:dc:79:30:b1:8d:ef:2c:
         79:d6:9e:ea:74:14:b3:3a:f2:58:1c:a4:c8:91:0b:0f:6c:fc:
         dd:75:ed:12:2d:c8:30:f4:03:5d:b7:97:66:c7:bd:4a:52:e4:
         9f:e9:99:ec:8f:07:05:f7:0e:98:9b:f8:ed:59:b1:41:88:13:
         a8:17:c5:8a:c4:dc:2d:53:aa:63:10:6b:0c:84:c7:d8:f6:ec:
         b3:e1:a6:4e:d4:89:5b:8d:b1:7d:0f:51:0b:88:87:eb:41:4a:
         59:05:94:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2UQBGF38zwkmiHIJ26RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNDE5MDcwMDI5WhcNMjUwNDIwMDcwMDI5WjAzMTEwLwYDVQQD
EyhkODkyMTdjNzdlOGNmNjMwNTc1ZmMxZmFjNjczN2MwYWI0NDlhMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjmI7YEq36yv0/D7OAC+X/SdlQxQ
JHPvgcvi2+R+UMAfIYw3sR1PbA/lhRQ2c2vmdgg8MeOK18/PK62uQGCPAwtgT/0K
/6KHYYZaY5oljepYKrjz+uxH25BgATEq2vSPaCSW/Gx3Hb/fMo9Do3Rnlwu+GV0z
5j37Y1FCbqOeutgG2WYH+cBWhwwugnJmZVRNTXZHZo1t/5qZPBA//EH8yo0kGC0w
ZH3hIHgAHh/M5pEdhfkBw4ThuvpoPnXPRrJFFxSV2J2GlLHUmnzzWTVUKguwCF7Z
j+blmQcMiN+E62Pp4M+bQJiKWPWpGCtCI5kMi/LCP5bQ5Set1pPG8nDsoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiSF8d+jPYwV1/B+sZzfAq0SaJsMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzLlctIE
oOss+084q7jgOduJx1UA3FkoV7Wv9KCIbhYVZqDXNZS0ozFA4tTP+2TAMotfNQmu
umxtzfs4DH/nFvLvSTMxgpw9n05mENu0W2b5Ep66TBcUxnNmOWcyo8cVJl/PRSPl
/FUm4pPfD3XNjwYTsZ+qz84MAXxtEdDCTtuBBSIzfOWoAd+B/wUUSd6P6g6udSks
Uz3t/+bceTCxje8sedae6nQUszryWBykyJELD2z83XXtEi3IMPQDXbeXZse9SlLk
n+mZ7I8HBfcOmJv47VmxQYgTqBfFisTcLVOqYxBrDITH2Pbss+GmTtSJW42xfQ9R
C4iH60FKWQWUpw==
-----END CERTIFICATE-----