Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
File:                     XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft (raw, json)
Hash identifier:          PCeQR0N3lNBzndd22eMziFmE5AzSgJ03TM2Q5cVRWU4=
Subject key identifier:   D7:8E:3A:4B:F6:6F:D6:C9:50:3D:1F:F0:9B:86:4D:22:61:FA:01:69
Authority key identifier: 5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79
Certificate issuer:       /CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
Certificate serial:       01964F3594FE294439FB1555B27DFB29B71F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
Manifest number:          14F7
Signing time:             Sat 19 Apr 2025 18:00:33 +0000
Manifest this update:     Sat 19 Apr 2025 18:00:33 +0000
Manifest next update:     Sun 20 Apr 2025 18:00:33 +0000
Files and hashes:         1: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl (hash: tJRK6C6sEGriFENCVcf+Gnlb+RWvgCHvp4X8W9eBIBk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:35:94:fe:29:44:39:fb:15:55:b2:7d:fb:29:b7:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
        Validity
            Not Before: Apr 19 18:00:33 2025 GMT
            Not After : Apr 20 18:00:33 2025 GMT
        Subject: CN=d78e3a4bf66fd6c9503d1ff09b864d2261fa0169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f5:bc:22:ff:78:90:f0:6d:14:61:da:76:1c:
                    eb:07:d9:bd:72:d1:98:78:f6:0a:8e:60:cb:40:bc:
                    65:60:23:d7:f2:2e:7c:33:b2:69:2d:ad:b9:dc:96:
                    e6:b6:da:b0:99:57:4c:8c:b0:84:fe:2d:5d:2f:72:
                    b2:40:88:05:54:6f:15:f3:81:6b:e9:5d:45:df:10:
                    83:30:3b:0a:1d:38:2f:6f:61:4d:4f:18:04:23:83:
                    ad:26:c8:3e:5a:ce:a7:47:3f:04:78:cd:96:d5:85:
                    69:01:a2:d3:45:e5:84:64:13:80:29:8e:25:14:38:
                    70:6f:13:73:64:5d:4f:2d:a7:8b:43:15:bc:9a:f1:
                    3f:f3:2a:ec:a2:b1:b7:89:a6:76:21:17:94:2a:5d:
                    b2:a9:87:b6:e7:63:50:8c:82:8c:3b:43:7d:71:c2:
                    51:16:f0:eb:84:d7:0f:c2:61:7e:6a:bb:49:f1:b1:
                    1a:a7:88:34:50:6f:e4:12:76:68:6c:61:4c:2b:d2:
                    82:91:c4:bf:f9:de:bd:13:02:86:cc:7f:ff:20:98:
                    2b:58:ef:b2:69:a0:35:d6:07:db:6b:bc:84:79:72:
                    a8:aa:72:cb:bb:38:78:6c:4c:5a:d8:dc:a8:5c:49:
                    34:60:1f:ef:66:b0:bf:3f:f1:ed:01:02:05:a0:d4:
                    eb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:8E:3A:4B:F6:6F:D6:C9:50:3D:1F:F0:9B:86:4D:22:61:FA:01:69
            X509v3 Authority Key Identifier:
                keyid:5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:43:87:8e:93:8c:ef:b1:d1:2c:ce:3f:bb:1a:b3:7c:58:74:
         23:58:70:f2:0c:f9:e0:96:e7:51:61:ed:ae:80:1b:d1:c9:bd:
         77:f8:0a:a3:ba:af:c8:e0:c6:78:10:f6:a7:81:a1:e2:c4:f1:
         fc:a9:f8:59:d8:91:0d:37:97:ff:66:79:38:bd:ea:5c:f6:44:
         0b:4d:c1:ca:b8:39:cc:2b:5b:31:7a:3a:19:58:b0:19:c9:3c:
         78:1b:8b:a8:95:33:aa:2b:e8:32:41:73:8d:56:19:38:8b:e9:
         3d:e9:bf:ba:4e:cf:e1:a7:34:df:83:f3:93:0b:08:68:10:88:
         78:dc:11:5f:6d:9f:b7:1f:fb:d3:68:e5:15:1d:50:bb:32:65:
         63:27:4e:33:f1:97:cd:59:e9:93:7c:32:c7:6d:6e:6a:13:ff:
         48:81:e8:f3:15:44:d3:d9:57:96:e7:74:b8:10:fe:5d:0a:e5:
         99:fd:8e:e4:ce:b1:76:14:07:f7:87:37:8e:2b:fa:55:0d:cc:
         95:44:80:ef:63:e2:57:fe:cc:96:b0:21:8f:a9:a8:9c:44:d8:
         3f:95:48:b3:b7:18:b7:0f:a3:3a:cc:77:d6:b5:dc:89:2b:88:
         8e:b1:ba:04:6a:2d:0c:82:a7:af:4c:f0:82:1d:b4:59:98:f2:
         48:f0:87:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPNZT+KUQ5+xVVsn37KbcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmFhZmI2MWEwYzc0YTA0OWQ5NmJjZGU1OWNiOTQyY2M4
ZDU1NzkwHhcNMjUwNDE5MTgwMDMzWhcNMjUwNDIwMTgwMDMzWjAzMTEwLwYDVQQD
EyhkNzhlM2E0YmY2NmZkNmM5NTAzZDFmZjA5Yjg2NGQyMjYxZmEwMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPW8Iv94kPBtFGHadhzrB9m9ctGY
ePYKjmDLQLxlYCPX8i58M7JpLa253JbmttqwmVdMjLCE/i1dL3KyQIgFVG8V84Fr
6V1F3xCDMDsKHTgvb2FNTxgEI4OtJsg+Ws6nRz8EeM2W1YVpAaLTReWEZBOAKY4l
FDhwbxNzZF1PLaeLQxW8mvE/8yrsorG3iaZ2IReUKl2yqYe252NQjIKMO0N9ccJR
FvDrhNcPwmF+artJ8bEap4g0UG/kEnZobGFMK9KCkcS/+d69EwKGzH//IJgrWO+y
aaA11gfba7yEeXKoqnLLuzh4bExa2NyoXEk0YB/vZrC/P/HtAQIFoNTrWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeOOkv2b9bJUD0f8JuGTSJh+gFpMB8GA1UdIwQY
MBaAFF36r7YaDHSgSdlrzeWcuULMjVV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGIt
ZjJkOWYwZTdhNjk3LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGItZjJkOWYwZTdhNjk3
LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmEOHjpOM
77HRLM4/uxqzfFh0I1hw8gz54JbnUWHtroAb0cm9d/gKo7qvyODGeBD2p4Gh4sTx
/Kn4WdiRDTeX/2Z5OL3qXPZEC03Byrg5zCtbMXo6GViwGck8eBuLqJUzqivoMkFz
jVYZOIvpPem/uk7P4ac034PzkwsIaBCIeNwRX22ftx/702jlFR1QuzJlYydOM/GX
zVnpk3wyx21uahP/SIHo8xVE09lXlud0uBD+XQrlmf2O5M6xdhQH94c3jiv6VQ3M
lUSA72PiV/7MlrAhj6monETYP5VIs7cYtw+jOsx31rXciSuIjrG6BGotDIKnr0zw
gh20WZjySPCHbA==
-----END CERTIFICATE-----