Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
File:                     xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft (raw, json)
Hash identifier:          YCDlSUBeWbfTJE9nUPd29Hp1ERJs4xJp6SXiVnl0D1A=
Subject key identifier:   61:25:C9:66:19:FC:85:AD:59:60:EA:A2:E1:4F:93:6D:90:96:AB:DD
Authority key identifier: C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A
Certificate issuer:       /CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
Certificate serial:       019510C6AFA61C57235090CA414FB4243724
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
Manifest number:          0BB4
Signing time:             Sun 16 Feb 2025 22:00:11 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:11 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:11 +0000
Files and hashes:         1: xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl (hash: 7PruEdxN6q5HKjdvBBArMGsotzfcTkJ+UoGPlk6fuFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:af:a6:1c:57:23:50:90:ca:41:4f:b4:24:37:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ccf9ce97d1232e0162fccd43f60c4e79831e1a
        Validity
            Not Before: Feb 16 22:00:11 2025 GMT
            Not After : Feb 17 22:00:11 2025 GMT
        Subject: CN=6125c96619fc85ad5960eaa2e14f936d9096abdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:10:c9:60:70:a8:3a:c2:fd:5e:05:5a:bb:87:
                    84:20:dc:a9:68:f3:da:3d:1a:17:4e:6c:79:f0:0b:
                    64:1b:ad:3d:e3:a9:46:6c:07:0c:6c:ce:e1:cc:d8:
                    d3:f7:50:9c:63:b2:ba:cd:99:1e:6b:8e:fd:93:b4:
                    c2:31:50:62:fb:3d:79:85:35:08:31:fc:c9:e2:95:
                    44:47:3b:64:c7:0f:7e:4c:75:9a:f2:93:f0:f0:62:
                    e7:f2:f0:d6:42:ad:c8:9a:48:e5:d1:f2:d1:f1:5d:
                    26:1b:62:d9:d9:cf:ed:6b:07:e0:6d:d1:09:38:93:
                    23:cd:21:b8:80:6c:fd:30:6e:fd:6e:c7:f2:f2:a3:
                    29:ed:43:7c:72:9a:ea:d7:ab:1d:07:38:85:91:b9:
                    ea:f0:9a:6b:61:a3:9c:48:ae:2d:7e:a9:00:d2:a1:
                    ee:fe:52:3d:ac:2d:b1:20:6a:85:fa:9d:f6:71:29:
                    ef:4d:08:62:54:20:aa:4d:dc:10:c6:f5:52:9c:e7:
                    34:2b:41:16:85:cb:e0:55:48:d6:6d:d2:22:fd:02:
                    e0:71:2f:73:92:36:b5:9b:14:67:ee:26:95:1e:1b:
                    6f:ae:d4:e9:06:02:ea:89:b8:57:ac:e5:49:56:44:
                    d3:ad:5b:e9:d0:fb:cd:07:8c:20:ef:8d:84:1a:67:
                    27:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:25:C9:66:19:FC:85:AD:59:60:EA:A2:E1:4F:93:6D:90:96:AB:DD
            X509v3 Authority Key Identifier:
                keyid:C6:CC:F9:CE:97:D1:23:2E:01:62:FC:CD:43:F6:0C:4E:79:83:1E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsz5zpfRIy4BYvzNQ_YMTnmDHho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/186bf2-fb88-4728-bf67-5a1e5fa73e4d/1/xsz5zpfRIy4BYvzNQ_YMTnmDHho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:29:d0:17:90:74:f0:4f:53:43:dc:67:a4:5e:d8:17:f3:68:
         c7:4a:0b:b5:04:9f:68:50:35:7a:6a:f6:70:b4:a8:d9:06:ee:
         76:89:2d:10:f3:b7:18:a8:ba:44:02:94:20:7d:6d:12:0f:51:
         50:55:1d:ab:72:04:bb:1b:42:44:22:7a:44:3b:58:d7:d9:19:
         ed:b6:e5:6a:50:88:38:be:14:07:79:d3:58:08:f8:e9:7e:f2:
         20:b1:04:b6:e0:f4:38:fa:d8:c2:25:f6:16:51:c3:5d:93:8e:
         0f:5c:5a:bc:8f:11:6b:ae:ab:cf:75:2c:2e:04:fd:20:85:6f:
         fd:bc:56:8e:d5:3e:f7:07:b6:5b:66:19:4f:73:23:19:c3:03:
         c4:f0:d8:45:37:31:53:3b:e2:eb:84:96:64:65:2d:3e:b1:35:
         0c:0d:fa:1c:75:24:70:36:ba:ea:69:70:46:ac:05:50:b4:c1:
         5b:79:1a:4e:6e:b2:ae:cc:96:ef:30:68:67:d1:fd:63:53:73:
         a3:c6:e4:5d:9d:7e:42:d1:b9:de:54:72:fb:43:a3:15:ef:09:
         c9:b7:e4:80:81:8b:49:19:4f:cb:9c:7e:5b:9f:48:ef:7c:0f:
         dc:b9:a6:49:2f:82:18:de:33:c1:d4:9c:86:7a:c2:c1:b8:ab:
         9b:a1:9a:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxq+mHFcjUJDKQU+0JDckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2NmOWNlOTdkMTIzMmUwMTYyZmNjZDQzZjYwYzRlNzk4
MzFlMWEwHhcNMjUwMjE2MjIwMDExWhcNMjUwMjE3MjIwMDExWjAzMTEwLwYDVQQD
Eyg2MTI1Yzk2NjE5ZmM4NWFkNTk2MGVhYTJlMTRmOTM2ZDkwOTZhYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBDJYHCoOsL9XgVau4eEINypaPPa
PRoXTmx58AtkG60946lGbAcMbM7hzNjT91CcY7K6zZkea479k7TCMVBi+z15hTUI
MfzJ4pVERztkxw9+THWa8pPw8GLn8vDWQq3Imkjl0fLR8V0mG2LZ2c/tawfgbdEJ
OJMjzSG4gGz9MG79bsfy8qMp7UN8cprq16sdBziFkbnq8JprYaOcSK4tfqkA0qHu
/lI9rC2xIGqF+p32cSnvTQhiVCCqTdwQxvVSnOc0K0EWhcvgVUjWbdIi/QLgcS9z
kja1mxRn7iaVHhtvrtTpBgLqibhXrOVJVkTTrVvp0PvNB4wg742EGmcnSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGElyWYZ/IWtWWDqouFPk22QlqvdMB8GA1UdIwQY
MBaAFMbM+c6X0SMuAWL8zUP2DE55gx4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjct
NWExZTVmYTczZTRkLzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODZiZjItZmI4OC00NzI4LWJmNjctNWExZTVmYTczZTRk
LzEveHN6NXpwZlJJeTRCWXZ6TlFfWU1Ubm1ESGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKCnQF5B0
8E9TQ9xnpF7YF/Nox0oLtQSfaFA1emr2cLSo2QbudoktEPO3GKi6RAKUIH1tEg9R
UFUdq3IEuxtCRCJ6RDtY19kZ7bblalCIOL4UB3nTWAj46X7yILEEtuD0OPrYwiX2
FlHDXZOOD1xavI8Ra66rz3UsLgT9IIVv/bxWjtU+9we2W2YZT3MjGcMDxPDYRTcx
Uzvi64SWZGUtPrE1DA36HHUkcDa66mlwRqwFULTBW3kaTm6yrsyW7zBoZ9H9Y1Nz
o8bkXZ1+QtG53lRy+0OjFe8JybfkgIGLSRlPy5x+W59I73wP3LmmSS+CGN4zwdSc
hnrCwbirm6GaAA==
-----END CERTIFICATE-----