Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          yJTVkFUM5VI0+gFmdX6pTqcHnYM3Ka9fMzue2CGcYpE=
Subject key identifier:   D5:C4:D3:59:9B:3C:41:9B:28:23:17:A9:B5:02:F6:C8:D1:59:2A:22
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       019749D620B7CB1E479D28A9C6B2E5E495FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          0A5F
Signing time:             Sat 07 Jun 2025 10:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:59 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: ul/rWfhBtJLWjeoAjx1k7ofJFon6OPYLtL6RkGNgE9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:20:b7:cb:1e:47:9d:28:a9:c6:b2:e5:e4:95:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: Jun  7 10:00:59 2025 GMT
            Not After : Jun  8 10:00:59 2025 GMT
        Subject: CN=d5c4d3599b3c419b282317a9b502f6c8d1592a22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7b:60:5f:e5:f7:36:b8:19:00:af:6f:f7:4a:
                    ba:01:42:a9:62:1c:1f:42:3f:25:4e:1f:79:cc:68:
                    48:23:59:b3:f2:82:5e:1c:f8:b3:07:40:43:d3:53:
                    42:d5:fb:c5:d4:cb:35:ce:b9:bf:ed:cf:a0:ba:73:
                    cb:b3:c3:69:c8:a7:71:4d:6d:53:a3:79:52:84:89:
                    93:1d:da:4b:8d:1b:67:03:97:47:35:20:77:c2:fd:
                    f5:39:0d:a7:01:32:89:be:b7:50:24:b6:5d:7d:89:
                    d3:71:10:96:61:79:97:3d:a3:00:26:ce:a2:e7:7a:
                    01:c7:d3:51:d2:59:4f:24:ce:d6:85:d8:3a:71:5a:
                    6e:54:26:a4:54:fc:f6:f8:d4:5e:dd:6b:9f:10:43:
                    e4:f8:93:77:95:3e:27:54:9a:1d:ba:a1:57:fa:db:
                    1b:9e:5b:f7:8a:89:4d:a4:22:75:4d:bb:a9:49:65:
                    0f:89:e0:05:83:f5:52:04:4c:05:e8:ea:04:2d:79:
                    f2:a0:32:af:46:0d:f9:6a:a3:a4:24:ff:fb:7f:cb:
                    3e:4a:94:b2:98:6c:8d:a6:ab:a7:4a:64:e9:93:fb:
                    08:b6:4c:d0:9f:83:2f:ec:27:c4:69:f1:a6:da:27:
                    3a:ab:5f:dc:72:ea:9c:09:b3:19:e9:48:46:fa:76:
                    e1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:C4:D3:59:9B:3C:41:9B:28:23:17:A9:B5:02:F6:C8:D1:59:2A:22
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:b1:a4:f5:43:3a:2b:32:32:ac:89:23:27:5b:3e:5c:7f:49:
         99:f6:bb:56:0a:44:72:71:ff:9b:b8:8d:cc:ce:fb:2c:e3:e2:
         3a:2a:1b:5b:f7:b0:46:9d:b2:c8:ea:80:42:78:a7:f6:92:83:
         13:bf:49:fe:20:77:1c:12:34:70:68:d9:17:6a:b4:f2:c0:a5:
         4c:56:1c:2f:01:4f:88:7b:a9:91:53:72:9a:31:aa:bf:0a:7e:
         d1:b1:b0:c9:7d:37:4d:98:ba:24:f5:2b:11:2f:38:f0:b3:43:
         3f:55:84:79:75:0b:6d:93:26:2f:4a:44:78:8a:d7:78:35:6b:
         7e:94:50:73:64:c7:01:f5:8d:34:90:f8:31:03:f7:dc:5d:7c:
         9e:9d:43:db:72:7a:15:13:de:b3:66:71:1d:e9:8a:82:e9:4c:
         d0:cf:0c:60:15:20:b9:3b:e4:41:c4:76:0b:9c:30:6d:17:0b:
         ee:b5:78:2f:59:d7:f9:48:ba:ca:46:7b:69:96:1a:8a:8f:e3:
         e1:90:04:14:cc:0e:6f:14:b7:9a:57:d1:e2:8e:bf:74:8b:59:
         8b:58:06:67:ee:46:dd:66:60:96:6c:06:f7:06:4a:d5:9f:18:
         08:d7:d2:53:52:c1:ac:71:1a:4d:53:f2:f6:9b:e4:c0:07:1b:
         7f:74:28:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1iC3yx5HnSipxrLl5JX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjUwNjA3MTAwMDU5WhcNMjUwNjA4MTAwMDU5WjAzMTEwLwYDVQQD
EyhkNWM0ZDM1OTliM2M0MTliMjgyMzE3YTliNTAyZjZjOGQxNTkyYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HtgX+X3NrgZAK9v90q6AUKpYhwf
Qj8lTh95zGhII1mz8oJeHPizB0BD01NC1fvF1Ms1zrm/7c+gunPLs8NpyKdxTW1T
o3lShImTHdpLjRtnA5dHNSB3wv31OQ2nATKJvrdQJLZdfYnTcRCWYXmXPaMAJs6i
53oBx9NR0llPJM7Whdg6cVpuVCakVPz2+NRe3WufEEPk+JN3lT4nVJoduqFX+tsb
nlv3iolNpCJ1TbupSWUPieAFg/VSBEwF6OoELXnyoDKvRg35aqOkJP/7f8s+SpSy
mGyNpqunSmTpk/sItkzQn4Mv7CfEafGm2ic6q1/ccuqcCbMZ6UhG+nbh9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXE01mbPEGbKCMXqbUC9sjRWSoiMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7Gk9UM6
KzIyrIkjJ1s+XH9Jmfa7VgpEcnH/m7iNzM77LOPiOiobW/ewRp2yyOqAQnin9pKD
E79J/iB3HBI0cGjZF2q08sClTFYcLwFPiHupkVNymjGqvwp+0bGwyX03TZi6JPUr
ES848LNDP1WEeXULbZMmL0pEeIrXeDVrfpRQc2THAfWNNJD4MQP33F18np1D23J6
FRPes2ZxHemKgulM0M8MYBUguTvkQcR2C5wwbRcL7rV4L1nX+Ui6ykZ7aZYaio/j
4ZAEFMwObxS3mlfR4o6/dItZi1gGZ+5G3WZglmwG9wZK1Z8YCNfSU1LBrHEaTVPy
9pvkwAcbf3Qo5g==
-----END CERTIFICATE-----