Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
File:                     XwNIeIMukX__nNPIbA-h5WX4IdM.mft (raw, json)
Hash identifier:          hid58qTIJkgRMA/683DJzo+nBZVtedfZGCWnQik0aU0=
Subject key identifier:   F7:FA:EF:46:4A:69:DF:E3:63:0D:E0:80:F5:E5:9E:BC:96:B4:81:01
Authority key identifier: 5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3
Certificate issuer:       /CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
Certificate serial:       01963F54786BE15841C233A0795A84B87740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
Manifest number:          1040
Signing time:             Wed 16 Apr 2025 16:00:22 +0000
Manifest this update:     Wed 16 Apr 2025 16:00:22 +0000
Manifest next update:     Thu 17 Apr 2025 16:00:22 +0000
Files and hashes:         1: XwNIeIMukX__nNPIbA-h5WX4IdM.crl (hash: WUK8XH0gtpuSbv0Wxrm1gq+qMIck2nZPWVWdtNoDYMs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 16:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:54:78:6b:e1:58:41:c2:33:a0:79:5a:84:b8:77:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
        Validity
            Not Before: Apr 16 16:00:22 2025 GMT
            Not After : Apr 17 16:00:22 2025 GMT
        Subject: CN=f7faef464a69dfe3630de080f5e59ebc96b48101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:39:f7:dd:b7:96:14:9f:94:79:8e:66:13:82:
                    21:db:e1:26:e7:6a:72:01:54:10:2e:ea:d0:0c:f6:
                    2d:d0:07:78:45:02:9a:18:7f:fa:dd:e9:b8:95:c8:
                    08:0a:35:7d:b6:fd:6c:68:5c:d1:d6:49:9a:5b:f5:
                    0f:77:10:55:89:62:64:b5:7d:d4:06:f9:7e:db:70:
                    07:9a:4f:ef:60:08:9b:b7:9c:37:4b:d3:82:3e:06:
                    99:36:a7:e7:79:67:55:4c:be:e7:93:b3:2b:4f:de:
                    bf:ef:57:d6:ce:81:5e:a3:cb:b5:1b:00:ae:16:5c:
                    d2:fc:b3:68:93:dd:94:af:52:43:7c:c1:f7:40:dc:
                    7c:b2:db:ae:ff:c0:33:99:43:b3:94:8c:1d:30:29:
                    48:9f:c2:95:8c:f9:db:72:4e:ec:d1:88:a0:78:a7:
                    f3:59:e8:3c:11:69:a8:c4:f1:a4:8f:5d:d9:40:37:
                    42:6f:cb:ac:01:0c:ac:28:fa:44:f4:44:ff:b5:c9:
                    44:e3:fd:20:ea:52:0d:6d:a2:2a:51:d3:0a:98:4c:
                    af:24:45:59:53:34:9e:f1:09:86:64:71:f5:3b:3c:
                    09:94:44:af:4f:13:95:c9:4a:e2:2d:89:86:a5:cc:
                    d1:03:e5:fe:67:5a:aa:06:98:52:2a:34:e3:a8:96:
                    0e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:FA:EF:46:4A:69:DF:E3:63:0D:E0:80:F5:E5:9E:BC:96:B4:81:01
            X509v3 Authority Key Identifier:
                keyid:5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:13:a1:24:eb:0c:6b:82:10:bf:10:1b:6d:9e:af:28:ff:77:
         9b:c3:60:5c:c4:75:bb:b6:7a:44:99:00:29:af:69:57:28:e7:
         1e:64:1c:cf:22:1b:57:44:58:a0:c2:01:25:f5:5f:a3:5f:fc:
         d2:f3:62:af:eb:e7:c8:07:91:8c:6f:51:d0:fd:b6:5a:23:19:
         3d:bc:82:f9:c8:cd:d9:7d:ad:3f:d9:db:5b:3b:a1:ce:38:8c:
         6e:9d:ae:0f:05:5a:26:d3:21:61:f0:ed:ec:6b:66:1e:aa:da:
         78:c8:cb:01:87:60:3f:60:70:f8:15:77:84:19:d5:5d:b1:44:
         63:85:a8:e3:9c:1d:e5:cb:1b:33:d4:c7:06:2f:ab:73:38:9b:
         42:9b:50:b2:85:8b:7c:b9:01:41:cc:c6:94:95:2e:43:e3:89:
         72:e6:4a:c6:f1:92:12:c9:24:f8:91:78:73:be:cf:52:da:10:
         55:f9:88:26:ae:16:39:59:91:19:9b:56:a9:46:90:3c:54:9e:
         a7:c2:ae:fd:bd:01:4b:c8:27:ea:85:9c:11:66:5a:c9:71:37:
         e2:60:f4:ea:cc:81:02:a3:81:fd:cd:c5:e2:d5:bf:e3:aa:a2:
         c7:31:48:56:9e:d6:32:a4:6c:d6:15:98:61:42:57:c4:0b:c4:
         41:87:a4:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/VHhr4VhBwjOgeVqEuHdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDM0ODc4ODMyZTkxN2ZmZjljZDNjODZjMGZhMWU1NjVm
ODIxZDMwHhcNMjUwNDE2MTYwMDIyWhcNMjUwNDE3MTYwMDIyWjAzMTEwLwYDVQQD
EyhmN2ZhZWY0NjRhNjlkZmUzNjMwZGUwODBmNWU1OWViYzk2YjQ4MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjn33beWFJ+UeY5mE4Ih2+Em52py
AVQQLurQDPYt0Ad4RQKaGH/63em4lcgICjV9tv1saFzR1kmaW/UPdxBViWJktX3U
Bvl+23AHmk/vYAibt5w3S9OCPgaZNqfneWdVTL7nk7MrT96/71fWzoFeo8u1GwCu
FlzS/LNok92Ur1JDfMH3QNx8stuu/8AzmUOzlIwdMClIn8KVjPnbck7s0YigeKfz
Weg8EWmoxPGkj13ZQDdCb8usAQysKPpE9ET/tclE4/0g6lINbaIqUdMKmEyvJEVZ
UzSe8QmGZHH1OzwJlESvTxOVyUriLYmGpczRA+X+Z1qqBphSKjTjqJYOSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPf670ZKad/jYw3ggPXlnryWtIEBMB8GA1UdIwQY
MBaAFF8DSHiDLpF//5zTyGwPoeVl+CHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1Njkt
ZGYxYzU3YzJhNzUxLzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1NjktZGYxYzU3YzJhNzUx
LzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVxOhJOsM
a4IQvxAbbZ6vKP93m8NgXMR1u7Z6RJkAKa9pVyjnHmQczyIbV0RYoMIBJfVfo1/8
0vNir+vnyAeRjG9R0P22WiMZPbyC+cjN2X2tP9nbWzuhzjiMbp2uDwVaJtMhYfDt
7GtmHqraeMjLAYdgP2Bw+BV3hBnVXbFEY4Wo45wd5csbM9THBi+rczibQptQsoWL
fLkBQczGlJUuQ+OJcuZKxvGSEskk+JF4c77PUtoQVfmIJq4WOVmRGZtWqUaQPFSe
p8Ku/b0BS8gn6oWcEWZayXE34mD06syBAqOB/c3F4tW/46qixzFIVp7WMqRs1hWY
YUJXxAvEQYek9A==
-----END CERTIFICATE-----