Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
File:                     XwNIeIMukX__nNPIbA-h5WX4IdM.mft (raw, json)
Hash identifier:          cUxV9u5+rp4y+rNeuMwtaL6ktHtz3QLQeG57XSmJ4iM=
Subject key identifier:   CD:4A:98:73:86:7F:B3:91:0E:F8:63:D4:E9:FF:F1:75:12:B4:36:9D
Authority key identifier: 5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3
Certificate issuer:       /CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
Certificate serial:       019749D6284BD6A50ED2E841F28C55F0089A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
Manifest number:          10CA
Signing time:             Sat 07 Jun 2025 10:01:01 +0000
Manifest this update:     Sat 07 Jun 2025 10:01:01 +0000
Manifest next update:     Sun 08 Jun 2025 10:01:01 +0000
Files and hashes:         1: XwNIeIMukX__nNPIbA-h5WX4IdM.crl (hash: SNe5Z7iKpN1k4xsYCX368RF54YndDEQb4huwmIh07dc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:28:4b:d6:a5:0e:d2:e8:41:f2:8c:55:f0:08:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f034878832e917fff9cd3c86c0fa1e565f821d3
        Validity
            Not Before: Jun  7 10:01:01 2025 GMT
            Not After : Jun  8 10:01:01 2025 GMT
        Subject: CN=cd4a9873867fb3910ef863d4e9fff17512b4369d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:67:6b:1c:5b:a5:7b:96:1b:ba:b6:c6:43:c4:
                    06:3d:b4:6a:e1:f6:11:98:92:bd:8b:7a:35:a2:ba:
                    19:b7:65:8f:1d:36:9a:2f:9c:44:1e:ec:cf:c4:39:
                    db:89:01:7a:a0:7d:bf:8e:41:3c:84:04:96:b3:7d:
                    7b:1a:e3:e8:67:47:b9:44:a2:fd:fc:0f:37:99:8b:
                    67:2e:0b:83:51:35:2e:41:58:8d:6b:76:e6:1a:d5:
                    a1:ff:1a:d2:37:21:13:87:88:aa:e3:ed:6f:38:e7:
                    18:17:fd:a9:f7:c9:ff:52:79:e8:3a:ef:48:72:d1:
                    72:ac:72:66:79:17:de:c5:6b:36:a0:1d:a8:ec:ef:
                    45:7b:43:16:6d:19:62:0f:9e:17:02:88:5b:8e:5f:
                    7d:74:59:e5:40:c5:4f:bf:b5:04:f8:71:d5:59:cb:
                    f4:f3:0f:f7:ed:b3:28:d2:01:d8:ec:6a:ef:b3:f6:
                    70:91:cf:d5:57:30:51:cf:c2:a1:2a:02:45:fb:63:
                    b0:f1:22:39:d9:59:62:cc:67:c7:ea:0b:f3:79:58:
                    60:46:6e:3b:e6:25:f9:50:49:a1:a5:ec:f5:25:73:
                    d2:fe:94:92:38:e4:96:6c:29:11:b6:68:f3:30:b1:
                    a6:0f:54:41:73:cc:c6:a0:dd:7c:f4:88:ee:f7:38:
                    29:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:4A:98:73:86:7F:B3:91:0E:F8:63:D4:E9:FF:F1:75:12:B4:36:9D
            X509v3 Authority Key Identifier:
                keyid:5F:03:48:78:83:2E:91:7F:FF:9C:D3:C8:6C:0F:A1:E5:65:F8:21:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwNIeIMukX__nNPIbA-h5WX4IdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/38cbeb-c0af-4c37-b569-df1c57c2a751/1/XwNIeIMukX__nNPIbA-h5WX4IdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:22:ae:aa:b0:f5:ad:4b:a9:60:62:e7:5d:1d:59:2d:c9:01:
         9c:e4:0c:7c:1c:5f:7a:3b:72:b0:c5:c9:8f:81:13:e0:50:e1:
         18:3f:61:48:9a:2b:2b:64:78:33:6c:3b:a2:da:38:7a:8b:b0:
         01:12:8e:47:9f:27:a7:97:bf:8f:2a:5a:18:31:0d:54:75:e4:
         19:61:bb:5d:d7:0d:bd:45:e6:4a:df:91:57:ef:8c:9c:f9:7b:
         13:a7:72:c4:2d:dc:a4:7f:ac:e4:49:77:aa:b9:9e:d5:9c:b8:
         fb:24:ba:e1:63:ed:7b:95:9f:92:a6:54:55:ff:b2:75:69:0a:
         1e:88:9f:de:3f:f5:78:c7:07:97:9f:fe:e2:3f:50:41:44:f0:
         86:82:f3:fb:80:01:d8:40:4a:49:33:6a:18:6d:6c:c7:8d:bf:
         ce:e6:e9:29:99:cf:e3:fa:81:fd:78:8e:be:44:47:86:7d:c8:
         77:e2:68:4e:dc:b8:9e:c2:f5:1f:b3:09:f9:75:3b:69:ec:a5:
         f8:40:03:b9:35:95:68:ba:53:ce:bc:14:fc:b9:6e:d3:cf:b3:
         6e:db:58:49:b7:e6:47:ff:7c:f3:7d:5a:3b:7c:8f:5f:dc:ea:
         1c:dd:96:e0:77:64:ae:3c:c3:41:70:6c:96:15:65:e0:e0:5b:
         70:e9:ed:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1ihL1qUO0uhB8oxV8AiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDM0ODc4ODMyZTkxN2ZmZjljZDNjODZjMGZhMWU1NjVm
ODIxZDMwHhcNMjUwNjA3MTAwMTAxWhcNMjUwNjA4MTAwMTAxWjAzMTEwLwYDVQQD
EyhjZDRhOTg3Mzg2N2ZiMzkxMGVmODYzZDRlOWZmZjE3NTEyYjQzNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmdrHFule5YburbGQ8QGPbRq4fYR
mJK9i3o1oroZt2WPHTaaL5xEHuzPxDnbiQF6oH2/jkE8hASWs317GuPoZ0e5RKL9
/A83mYtnLguDUTUuQViNa3bmGtWh/xrSNyETh4iq4+1vOOcYF/2p98n/UnnoOu9I
ctFyrHJmeRfexWs2oB2o7O9Fe0MWbRliD54XAohbjl99dFnlQMVPv7UE+HHVWcv0
8w/37bMo0gHY7Grvs/Zwkc/VVzBRz8KhKgJF+2Ow8SI52VlizGfH6gvzeVhgRm47
5iX5UEmhpez1JXPS/pSSOOSWbCkRtmjzMLGmD1RBc8zGoN189Iju9zgpRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1KmHOGf7ORDvhj1On/8XUStDadMB8GA1UdIwQY
MBaAFF8DSHiDLpF//5zTyGwPoeVl+CHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1Njkt
ZGYxYzU3YzJhNzUxLzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zOGNiZWItYzBhZi00YzM3LWI1NjktZGYxYzU3YzJhNzUx
LzEvWHdOSWVJTXVrWF9fbk5QSWJBLWg1V1g0SWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABiKuqrD1
rUupYGLnXR1ZLckBnOQMfBxfejtysMXJj4ET4FDhGD9hSJorK2R4M2w7oto4eouw
ARKOR58np5e/jypaGDENVHXkGWG7XdcNvUXmSt+RV++MnPl7E6dyxC3cpH+s5El3
qrme1Zy4+yS64WPte5WfkqZUVf+ydWkKHoif3j/1eMcHl5/+4j9QQUTwhoLz+4AB
2EBKSTNqGG1sx42/zubpKZnP4/qB/XiOvkRHhn3Id+JoTty4nsL1H7MJ+XU7aeyl
+EADuTWVaLpTzrwU/Llu08+zbttYSbfmR/98831aO3yPX9zqHN2W4HdkrjzDQXBs
lhVl4OBbcOntow==
-----END CERTIFICATE-----