Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          yGKHCDm2x1jUQJnpx4yL62VMzKJxVDRGBLbkZxx2GcI=
Subject key identifier:   C6:09:75:85:D3:AC:54:32:20:D7:98:55:97:4A:E6:EA:E2:CB:92:2B
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       0194BABB39D414159A4EDFBD2A15221E57F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          0226
Signing time:             Fri 31 Jan 2025 05:00:19 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:19 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:19 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: 8q/gXjsiZ8aZvADiBclBNVcIS0QvPVR/+isaBGpIviQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:39:d4:14:15:9a:4e:df:bd:2a:15:22:1e:57:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Jan 31 05:00:19 2025 GMT
            Not After : Feb  1 05:00:19 2025 GMT
        Subject: CN=c6097585d3ac543220d79855974ae6eae2cb922b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:de:48:53:ab:d4:80:59:3c:30:4c:8b:f4:40:
                    fb:ab:a1:16:52:9b:06:1d:6c:64:77:06:7c:b9:de:
                    bb:08:5f:48:21:8c:4d:aa:a0:87:ab:d4:8d:fd:df:
                    5e:d5:6e:f2:19:82:b5:c8:fc:57:ee:e6:8c:c4:85:
                    b2:c1:67:ff:2f:d1:07:9d:49:5f:2a:da:03:05:51:
                    ef:6b:f8:01:a4:8a:e6:53:30:24:d4:b8:59:a8:2c:
                    59:7c:37:9f:2a:54:f6:ec:81:e5:0c:13:ee:22:15:
                    2b:7a:54:50:5b:72:09:46:43:7d:41:1b:a8:a7:a1:
                    a9:30:2d:7e:13:cd:65:f3:67:a7:c1:2c:41:9b:af:
                    4c:57:07:e9:8c:99:ef:6b:c7:14:29:fc:d3:1b:b8:
                    99:6a:d1:91:ba:31:e2:73:ca:de:f4:34:aa:11:ac:
                    ff:69:c5:19:01:a8:12:dd:ed:e8:b8:2f:7c:eb:37:
                    f0:a3:3e:d9:57:c4:ff:43:53:ea:11:93:85:9d:f2:
                    04:43:18:d5:f6:89:fd:0b:3f:02:28:73:e9:aa:fe:
                    7e:03:b8:ba:84:5a:4b:1d:ba:ef:55:34:95:a8:61:
                    b4:91:8f:12:25:7e:78:16:1c:f0:a3:39:ac:2a:c4:
                    8b:25:eb:5d:cc:ca:f9:9d:36:62:2f:01:72:87:97:
                    37:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:09:75:85:D3:AC:54:32:20:D7:98:55:97:4A:E6:EA:E2:CB:92:2B
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:aa:29:2f:4d:fd:6d:32:e0:9d:1a:f3:ef:e1:f3:82:70:cf:
         55:f8:8a:57:0c:c9:34:ec:bd:cd:06:6c:e3:88:40:e9:39:29:
         45:b1:6b:17:07:48:85:b2:e1:8f:b5:e1:26:63:aa:f8:90:c4:
         d0:8d:5e:20:b0:5b:a0:b6:ce:48:82:54:f5:c0:d9:55:59:56:
         ff:7e:11:7e:d6:5f:de:81:26:c6:68:99:38:1a:d4:ce:be:a7:
         7b:25:cd:84:80:ae:c2:11:63:13:12:6e:bf:d7:2b:08:53:8d:
         e7:69:55:b4:ef:99:25:b0:88:53:40:f9:fc:0e:79:72:46:57:
         c5:27:f8:c2:95:a2:4b:60:99:bf:a6:9d:71:51:85:ee:4d:4c:
         d5:eb:65:90:77:52:9f:1f:c7:af:5b:cc:89:02:f9:a5:c6:16:
         c1:dc:88:32:87:9f:78:1a:b6:4f:df:22:95:17:92:b9:43:61:
         9c:9f:5b:5a:92:4f:cf:95:42:a6:b5:0c:82:5e:f4:d9:11:3c:
         1f:1f:ef:33:98:5f:d2:b3:a4:cc:5e:2d:f7:21:b4:d6:2c:70:
         b8:1f:0a:b2:61:ba:36:01:b1:b1:34:f0:8a:15:c5:9f:3e:f9:
         87:00:37:a4:c6:56:a1:7e:e6:59:38:dd:79:ad:86:54:b6:ac:
         b6:48:99:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6uznUFBWaTt+9KhUiHlf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjUwMTMxMDUwMDE5WhcNMjUwMjAxMDUwMDE5WjAzMTEwLwYDVQQD
EyhjNjA5NzU4NWQzYWM1NDMyMjBkNzk4NTU5NzRhZTZlYWUyY2I5MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd5IU6vUgFk8MEyL9ED7q6EWUpsG
HWxkdwZ8ud67CF9IIYxNqqCHq9SN/d9e1W7yGYK1yPxX7uaMxIWywWf/L9EHnUlf
KtoDBVHva/gBpIrmUzAk1LhZqCxZfDefKlT27IHlDBPuIhUrelRQW3IJRkN9QRuo
p6GpMC1+E81l82enwSxBm69MVwfpjJnva8cUKfzTG7iZatGRujHic8re9DSqEaz/
acUZAagS3e3ouC986zfwoz7ZV8T/Q1PqEZOFnfIEQxjV9on9Cz8CKHPpqv5+A7i6
hFpLHbrvVTSVqGG0kY8SJX54FhzwozmsKsSLJetdzMr5nTZiLwFyh5c3qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYJdYXTrFQyINeYVZdK5uriy5IrMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6opL039
bTLgnRrz7+HzgnDPVfiKVwzJNOy9zQZs44hA6TkpRbFrFwdIhbLhj7XhJmOq+JDE
0I1eILBboLbOSIJU9cDZVVlW/34RftZf3oEmxmiZOBrUzr6neyXNhICuwhFjExJu
v9crCFON52lVtO+ZJbCIU0D5/A55ckZXxSf4wpWiS2CZv6adcVGF7k1M1etlkHdS
nx/Hr1vMiQL5pcYWwdyIMoefeBq2T98ilReSuUNhnJ9bWpJPz5VCprUMgl702RE8
Hx/vM5hf0rOkzF4t9yG01ixwuB8KsmG6NgGxsTTwihXFnz75hwA3pMZWoX7mWTjd
ea2GVLastkiZWw==
-----END CERTIFICATE-----