Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
File:                     xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json)
Hash identifier:          piBQyFYbs7/CnxNz4Z+BF+QZnjHup9xCqi3SzE/ikHg=
Subject key identifier:   70:73:BE:A3:6C:B3:05:51:C5:04:46:67:7C:71:E0:F9:95:0D:C6:28
Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A
Certificate issuer:       /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
Certificate serial:       01958C6067844EB3F89DEFA62E023906F2B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
Manifest number:          0BF4
Signing time:             Wed 12 Mar 2025 22:01:23 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:23 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:23 +0000
Files and hashes:         1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: Sd/WdzNYO68eq/Yx7U4nElNcpgku4EOm47LPQphVSH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:67:84:4e:b3:f8:9d:ef:a6:2e:02:39:06:f2:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
        Validity
            Not Before: Mar 12 22:01:23 2025 GMT
            Not After : Mar 13 22:01:23 2025 GMT
        Subject: CN=7073bea36cb30551c50446677c71e0f9950dc628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:27:82:0e:29:b4:e3:c8:36:5e:05:b7:89:fa:
                    3a:59:bd:45:15:be:81:39:4e:f0:a0:ab:28:ed:9c:
                    17:36:09:cd:cf:f6:1c:01:79:45:89:1b:c3:65:b4:
                    f7:e9:98:ac:5f:be:b0:19:63:97:a9:ad:34:0d:a8:
                    e1:07:ef:ab:f7:b2:c9:b4:33:48:b0:e9:36:39:1c:
                    17:1e:df:9c:75:3d:31:d9:fc:88:0d:8f:01:f7:bf:
                    ff:d4:fc:35:bf:c1:0d:4d:f9:fe:f4:44:a9:ec:88:
                    40:2c:0b:d3:9b:51:c1:40:4c:f3:7d:b7:66:95:47:
                    86:78:98:93:d0:a8:4d:e1:cc:13:df:c6:ee:62:32:
                    52:66:55:88:31:90:fc:76:7b:40:ff:0d:cf:d7:03:
                    b9:0f:11:86:5b:9c:1e:0b:f7:00:a4:dd:4f:89:84:
                    fd:b0:26:d4:c5:ba:da:bc:55:99:0e:7f:91:4f:19:
                    9f:45:34:5f:e1:92:46:ae:38:1e:eb:d6:09:e7:d8:
                    dc:3c:6e:77:ce:69:c1:c9:40:d8:49:e3:95:ef:b2:
                    f0:3f:81:99:14:7e:09:af:98:68:50:3a:44:02:49:
                    91:55:f1:f0:d1:90:c9:0d:11:03:d5:7e:f4:dc:c8:
                    6a:51:73:ce:24:7c:4e:af:0e:bb:6b:70:58:a8:bc:
                    41:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:73:BE:A3:6C:B3:05:51:C5:04:46:67:7C:71:E0:F9:95:0D:C6:28
            X509v3 Authority Key Identifier:
                keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:46:d0:b6:58:9e:b7:ae:40:14:b4:30:24:14:b9:2b:dd:21:
         cd:23:4f:b8:31:8d:0c:bd:01:ad:f3:f1:26:28:d3:db:f6:c2:
         64:77:7d:bb:6d:0b:47:56:7c:5c:1e:35:06:b0:38:40:cf:eb:
         d9:7e:c9:e1:97:d9:7e:43:b8:b1:f2:b2:50:6e:70:55:4e:07:
         a3:cf:32:3e:75:5c:59:93:94:e1:2f:b8:0e:98:d0:e8:e0:b2:
         cb:a9:4c:0b:2b:89:eb:58:63:8e:1d:62:94:ef:ad:11:37:2c:
         41:53:56:06:f5:b6:4f:6c:e4:de:40:55:26:18:5a:ee:db:22:
         57:c6:e7:99:a9:c8:2d:5d:9f:09:ca:c3:54:49:00:78:74:a0:
         e1:6e:ce:f4:2f:9f:16:ba:10:39:bd:b7:5b:86:10:33:43:ab:
         0a:7c:84:a2:b2:78:94:bc:6e:85:f6:5c:bf:60:f6:e9:1b:67:
         0a:5c:87:d3:86:e7:97:d3:d0:55:99:f1:ad:6e:d4:40:74:e7:
         05:01:ff:a5:91:62:9a:aa:77:4b:09:56:21:0f:63:c5:cd:14:
         6f:9c:ea:f2:c3:94:01:21:c9:08:bd:b5:60:de:28:e9:e1:7a:
         19:98:24:1a:ef:94:92:fc:7b:80:ef:ef:8f:08:d4:1c:28:a5:
         0a:e5:5b:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYGeETrP4ne+mLgI5BvK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4
MzFlMWEwHhcNMjUwMzEyMjIwMTIzWhcNMjUwMzEzMjIwMTIzWjAzMTEwLwYDVQQD
Eyg3MDczYmVhMzZjYjMwNTUxYzUwNDQ2Njc3YzcxZTBmOTk1MGRjNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvieCDim048g2XgW3ifo6Wb1FFb6B
OU7woKso7ZwXNgnNz/YcAXlFiRvDZbT36ZisX76wGWOXqa00DajhB++r97LJtDNI
sOk2ORwXHt+cdT0x2fyIDY8B97//1Pw1v8ENTfn+9ESp7IhALAvTm1HBQEzzfbdm
lUeGeJiT0KhN4cwT38buYjJSZlWIMZD8dntA/w3P1wO5DxGGW5weC/cApN1PiYT9
sCbUxbravFWZDn+RTxmfRTRf4ZJGrjge69YJ59jcPG53zmnByUDYSeOV77LwP4GZ
FH4Jr5hoUDpEAkmRVfHw0ZDJDRED1X703MhqUXPOJHxOrw67a3BYqLxBOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBzvqNsswVRxQRGZ3xx4PmVDcYoMB8GA1UdIwQY
MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct
NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk
LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUbQtlie
t65AFLQwJBS5K90hzSNPuDGNDL0BrfPxJijT2/bCZHd9u20LR1Z8XB41BrA4QM/r
2X7J4ZfZfkO4sfKyUG5wVU4Ho88yPnVcWZOU4S+4DpjQ6OCyy6lMCyuJ61hjjh1i
lO+tETcsQVNWBvW2T2zk3kBVJhha7tsiV8bnmanILV2fCcrDVEkAeHSg4W7O9C+f
FroQOb23W4YQM0OrCnyEorJ4lLxuhfZcv2D26RtnClyH04bnl9PQVZnxrW7UQHTn
BQH/pZFimqp3SwlWIQ9jxc0Ub5zq8sOUASHJCL21YN4o6eF6GZgkGu+Ukvx7gO/v
jwjUHCilCuVbXA==
-----END CERTIFICATE-----