Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          0wRrGE60ZN8ac/Mnlo7Y/B/mqQMyZjirEdGRxZ9kB8g=
Subject key identifier:   B4:DF:77:43:3E:BD:42:41:76:2C:54:EE:23:9E:0E:0E:40:0D:D7:26
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       019652A4FD7C1EDA8CC1C8A9B202C34023F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          01F6
Signing time:             Sun 20 Apr 2025 10:01:06 +0000
Manifest this update:     Sun 20 Apr 2025 10:01:06 +0000
Manifest next update:     Mon 21 Apr 2025 10:01:06 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: rZfVBBi8VejybCUo5M4NY92e4F+PYOvFKXHVpn0D2BM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:a4:fd:7c:1e:da:8c:c1:c8:a9:b2:02:c3:40:23:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Apr 20 10:01:06 2025 GMT
            Not After : Apr 21 10:01:06 2025 GMT
        Subject: CN=b4df77433ebd4241762c54ee239e0e0e400dd726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9e:24:61:13:1d:26:2a:77:b9:b0:0a:8b:72:
                    90:c2:6f:98:a2:b1:bc:aa:a0:79:2d:05:39:3b:fe:
                    cc:36:55:05:07:96:a3:82:a6:d8:a2:63:3e:08:57:
                    cb:c8:77:85:ec:dd:d5:e2:ef:16:57:5a:0b:55:8d:
                    a1:9a:48:a0:0f:6e:65:81:9a:03:38:0d:da:86:47:
                    c4:36:1e:03:dd:38:f8:9b:34:99:af:a9:db:f2:4f:
                    d3:62:dd:2a:69:8c:8c:a2:8a:f9:31:82:2d:3a:31:
                    2f:89:bf:3b:25:4a:a5:cd:8c:fd:6b:62:f7:cb:98:
                    d9:af:2a:8c:9c:fb:81:0b:be:f1:7e:ba:a2:68:dd:
                    35:8f:3e:e4:54:ee:2c:a1:03:6b:01:4b:88:c5:2f:
                    5d:3e:ce:62:b8:c3:a9:c1:5e:b9:1c:93:06:96:c5:
                    95:e3:45:06:24:d9:bf:f6:2a:48:54:16:ef:25:f2:
                    71:8d:fb:8c:bf:66:4d:16:0d:74:2c:1d:94:24:a7:
                    9e:c0:3b:94:8e:68:4b:3c:29:53:5d:22:bc:45:47:
                    76:24:1e:77:c0:f4:40:35:a9:e2:62:3c:4d:eb:0e:
                    b5:99:ae:10:cc:10:ab:ac:39:ee:fb:b3:63:e6:05:
                    0a:11:03:45:49:29:36:a7:2c:70:a4:d6:75:9d:2f:
                    9f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:DF:77:43:3E:BD:42:41:76:2C:54:EE:23:9E:0E:0E:40:0D:D7:26
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d3:d6:4c:0b:d0:f9:c0:6e:3e:26:9a:43:bf:76:a1:ed:64:
         fb:fc:76:97:a5:e8:96:b6:0f:9b:3d:ae:47:7b:64:44:ae:28:
         83:81:0f:23:78:fc:30:a6:1c:f6:dd:76:37:f2:b3:1c:b2:57:
         5c:c7:67:cd:59:d8:da:c3:3c:9a:e7:6d:d6:fa:64:1b:cd:08:
         a7:09:b5:4f:5f:aa:0c:bb:9d:26:e8:95:77:7a:cd:2a:5a:07:
         99:c5:a9:6d:2e:bd:be:62:3a:a3:e0:e9:37:b2:1f:d6:8e:c0:
         5d:79:f2:f6:84:26:e7:ea:f3:4d:3e:b8:e7:92:9b:7a:96:41:
         15:ed:7c:d0:87:91:53:79:06:e4:6f:0f:8b:50:65:5a:0c:fe:
         aa:53:ce:92:e3:cd:51:b7:5d:ba:c5:85:71:71:44:a6:94:a6:
         82:ca:f6:92:a3:00:40:78:2a:dd:e2:66:27:56:57:14:0f:72:
         d3:11:bd:31:4e:e6:5a:04:10:59:8c:e9:2a:3c:79:c1:c5:9b:
         dd:4a:52:02:45:69:43:7d:0b:93:c8:02:d6:fb:6b:1c:41:1a:
         2a:c8:ef:96:aa:68:1a:fb:bf:40:d0:ce:27:ef:55:3f:a9:35:
         e1:90:bf:4e:b1:39:20:cc:b1:07:8d:a5:33:a9:88:f2:90:e0:
         89:9a:ea:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSpP18HtqMwcipsgLDQCPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjUwNDIwMTAwMTA2WhcNMjUwNDIxMTAwMTA2WjAzMTEwLwYDVQQD
EyhiNGRmNzc0MzNlYmQ0MjQxNzYyYzU0ZWUyMzllMGUwZTQwMGRkNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp4kYRMdJip3ubAKi3KQwm+YorG8
qqB5LQU5O/7MNlUFB5ajgqbYomM+CFfLyHeF7N3V4u8WV1oLVY2hmkigD25lgZoD
OA3ahkfENh4D3Tj4mzSZr6nb8k/TYt0qaYyMoor5MYItOjEvib87JUqlzYz9a2L3
y5jZryqMnPuBC77xfrqiaN01jz7kVO4soQNrAUuIxS9dPs5iuMOpwV65HJMGlsWV
40UGJNm/9ipIVBbvJfJxjfuMv2ZNFg10LB2UJKeewDuUjmhLPClTXSK8RUd2JB53
wPRANaniYjxN6w61ma4QzBCrrDnu+7Nj5gUKEQNFSSk2pyxwpNZ1nS+fVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTfd0M+vUJBdixU7iOeDg5ADdcmMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtPWTAvQ
+cBuPiaaQ792oe1k+/x2l6XolrYPmz2uR3tkRK4og4EPI3j8MKYc9t12N/KzHLJX
XMdnzVnY2sM8mudt1vpkG80Ipwm1T1+qDLudJuiVd3rNKloHmcWpbS69vmI6o+Dp
N7If1o7AXXny9oQm5+rzTT6455KbepZBFe180IeRU3kG5G8Pi1BlWgz+qlPOkuPN
UbddusWFcXFEppSmgsr2kqMAQHgq3eJmJ1ZXFA9y0xG9MU7mWgQQWYzpKjx5wcWb
3UpSAkVpQ30Lk8gC1vtrHEEaKsjvlqpoGvu/QNDOJ+9VP6k14ZC/TrE5IMyxB42l
M6mI8pDgiZrqOQ==
-----END CERTIFICATE-----