Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          GtMfZc70Q1nCwCbywo0/UTh8ibHpzLDteox3Ydfpyiw=
Subject key identifier:   45:B4:8D:C5:95:6A:09:9B:3B:1A:F4:C7:3D:ED:DC:BD:D2:02:5A:10
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       0196504886C391DE804F829389F37C74E528
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          02F8
Signing time:             Sat 19 Apr 2025 23:00:52 +0000
Manifest this update:     Sat 19 Apr 2025 23:00:52 +0000
Manifest next update:     Sun 20 Apr 2025 23:00:52 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: V9o0vt2n7f4JnWECd5sWrVIjzMpVZL35D5BBTaD/S0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:48:86:c3:91:de:80:4f:82:93:89:f3:7c:74:e5:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Apr 19 23:00:52 2025 GMT
            Not After : Apr 20 23:00:52 2025 GMT
        Subject: CN=45b48dc5956a099b3b1af4c73deddcbdd2025a10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f2:50:c0:72:4f:95:5c:f3:6d:06:c0:d1:15:
                    de:7f:7d:93:25:cf:f2:0c:ec:47:9c:0c:d2:d7:da:
                    7e:cb:86:a6:f4:a5:04:13:5d:31:9a:c8:c9:77:07:
                    f4:44:92:f3:8a:b7:92:87:75:4a:b3:36:27:93:60:
                    8b:4b:07:b2:d1:d5:3c:55:8e:0a:52:1f:db:02:05:
                    ff:f5:77:91:ae:2e:59:3d:cc:55:cf:a6:29:42:74:
                    da:ef:75:09:65:5e:fc:4c:87:eb:71:77:0f:c0:20:
                    34:f2:7b:47:33:e6:49:68:66:48:9b:cb:c7:7e:cd:
                    35:71:72:ca:56:ad:54:20:b2:94:28:81:10:d4:e4:
                    1d:9f:41:4e:f2:30:f6:d0:96:33:7a:5d:63:d9:81:
                    8c:2a:9d:f9:23:a4:67:27:33:1d:44:d6:22:ea:98:
                    66:d6:27:e9:8a:70:eb:de:1b:3f:dd:e4:94:40:c4:
                    d3:29:bf:6b:b6:46:e9:b3:2e:51:cc:72:11:f4:61:
                    1e:18:db:16:2b:db:06:a7:34:8f:87:95:de:20:f8:
                    a1:2c:5c:34:79:f4:db:d9:2e:3a:88:19:44:ce:e9:
                    56:c2:8b:24:d3:78:db:54:6d:ea:e5:fe:07:c4:24:
                    85:49:4c:ad:f8:30:84:eb:51:bb:4a:3d:a9:f4:e5:
                    c5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B4:8D:C5:95:6A:09:9B:3B:1A:F4:C7:3D:ED:DC:BD:D2:02:5A:10
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:c8:59:b1:3a:4f:b2:ff:df:98:16:36:74:ba:e9:93:b2:4e:
         44:55:8a:ce:2e:10:15:57:db:3e:54:f3:3c:89:c8:6f:dd:a5:
         3e:85:5a:d2:46:69:ee:f2:d0:68:d8:d4:59:67:9a:60:66:2d:
         02:1c:b4:9f:6d:d4:71:c7:06:dc:51:21:4f:95:b6:78:72:22:
         75:89:7e:18:ed:23:7c:b5:3e:de:66:42:64:a6:82:86:a9:1b:
         27:6f:47:c5:4f:83:51:80:c5:1d:74:2c:c4:04:67:74:a8:e5:
         cf:b7:02:11:78:67:f3:b3:93:a1:47:b5:d6:78:17:43:e2:e4:
         34:e0:b1:56:97:cc:a4:4a:13:f6:7e:85:fa:77:23:6f:ef:fb:
         0b:5b:a5:4d:b7:e8:c6:b9:12:81:90:6b:35:ea:33:aa:de:ad:
         38:67:d0:b5:75:e2:6c:b0:1b:a0:a8:e1:78:29:e4:4b:23:4d:
         cc:8e:d0:b6:e9:5f:15:59:f3:d5:62:2d:e6:c5:ea:36:b9:b4:
         db:ca:09:fa:80:d9:4f:cf:ed:48:70:01:e4:b6:d1:db:4d:ca:
         33:a1:20:21:23:91:63:a0:10:9d:85:18:68:b4:a2:f2:f6:8c:
         85:20:b4:ac:dc:c9:54:18:0e:41:52:74:bb:b0:56:43:44:76:
         a2:24:2c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQSIbDkd6AT4KTifN8dOUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjUwNDE5MjMwMDUyWhcNMjUwNDIwMjMwMDUyWjAzMTEwLwYDVQQD
Eyg0NWI0OGRjNTk1NmEwOTliM2IxYWY0YzczZGVkZGNiZGQyMDI1YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPJQwHJPlVzzbQbA0RXef32TJc/y
DOxHnAzS19p+y4am9KUEE10xmsjJdwf0RJLzireSh3VKszYnk2CLSwey0dU8VY4K
Uh/bAgX/9XeRri5ZPcxVz6YpQnTa73UJZV78TIfrcXcPwCA08ntHM+ZJaGZIm8vH
fs01cXLKVq1UILKUKIEQ1OQdn0FO8jD20JYzel1j2YGMKp35I6RnJzMdRNYi6phm
1ifpinDr3hs/3eSUQMTTKb9rtkbpsy5RzHIR9GEeGNsWK9sGpzSPh5XeIPihLFw0
efTb2S46iBlEzulWwosk03jbVG3q5f4HxCSFSUyt+DCE61G7Sj2p9OXFkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEW0jcWVagmbOxr0xz3t3L3SAloQMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgshZsTpP
sv/fmBY2dLrpk7JORFWKzi4QFVfbPlTzPInIb92lPoVa0kZp7vLQaNjUWWeaYGYt
Ahy0n23UcccG3FEhT5W2eHIidYl+GO0jfLU+3mZCZKaChqkbJ29HxU+DUYDFHXQs
xARndKjlz7cCEXhn87OToUe11ngXQ+LkNOCxVpfMpEoT9n6F+ncjb+/7C1ulTbfo
xrkSgZBrNeozqt6tOGfQtXXibLAboKjheCnkSyNNzI7QtulfFVnz1WIt5sXqNrm0
28oJ+oDZT8/tSHAB5LbR203KM6EgISORY6AQnYUYaLSi8vaMhSC0rNzJVBgOQVJ0
u7BWQ0R2oiQsFQ==
-----END CERTIFICATE-----