Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
File:                     xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft (raw, json)
Hash identifier:          6a38N0Gy0wH1lt2oauMsuUHVmGn8IDzTghHezn9PgQU=
Subject key identifier:   5A:9C:FF:9F:98:EC:9F:03:7B:63:37:95:68:95:B1:D2:52:F7:08:04
Authority key identifier: C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33
Certificate issuer:       /CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
Certificate serial:       01958EBCC409E048941DF1668EA4A3249994
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
Manifest number:          1494
Signing time:             Thu 13 Mar 2025 09:01:30 +0000
Manifest this update:     Thu 13 Mar 2025 09:01:30 +0000
Manifest next update:     Fri 14 Mar 2025 09:01:30 +0000
Files and hashes:         1: xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl (hash: xrDn32/lItwYiOYfpBrU31DAfIBuFH4CQlnjA8kwNvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8e:bc:c4:09:e0:48:94:1d:f1:66:8e:a4:a3:24:99:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
        Validity
            Not Before: Mar 13 09:01:30 2025 GMT
            Not After : Mar 14 09:01:30 2025 GMT
        Subject: CN=5a9cff9f98ec9f037b6337956895b1d252f70804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5f:66:92:15:c8:4f:06:0b:df:c0:8a:b6:e8:
                    6a:aa:c4:99:8a:49:d2:12:92:d7:74:1c:ed:b9:f2:
                    64:5e:12:db:57:14:67:a6:71:fb:c3:07:95:ac:bd:
                    b1:d2:91:00:2c:42:33:a9:c9:3e:b3:3b:ab:d6:d7:
                    07:b6:5c:ae:e1:3b:80:4d:2c:57:15:a0:15:41:6a:
                    cf:4a:79:13:b6:ba:c7:7e:fe:b9:69:f4:a7:c1:b1:
                    a4:69:3d:1c:bc:d9:8b:60:a8:91:2f:be:b9:28:c0:
                    8c:c3:4d:09:85:92:8b:2d:f6:38:a5:ab:d7:18:97:
                    a7:71:18:49:9f:6a:a6:34:63:aa:1c:8c:a2:62:a5:
                    5a:3e:9d:fb:85:c4:92:9b:82:95:bd:37:75:02:4b:
                    1e:73:72:ab:fd:3c:61:7f:d0:6f:3a:46:60:95:78:
                    65:93:34:a4:df:ae:4d:8c:44:5e:ce:db:9c:13:32:
                    24:53:60:e0:fd:5d:ca:43:93:f2:d0:bb:55:99:67:
                    14:ee:70:a3:62:99:94:13:e3:cc:e5:d4:61:49:0d:
                    9b:09:73:b3:8e:12:06:c3:22:de:43:e1:0a:9e:90:
                    1f:83:25:d1:14:8c:68:2f:78:17:fe:08:ba:fd:e2:
                    64:f7:57:31:a9:ba:1d:d0:6e:6b:e1:ef:db:fc:35:
                    9b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:9C:FF:9F:98:EC:9F:03:7B:63:37:95:68:95:B1:D2:52:F7:08:04
            X509v3 Authority Key Identifier:
                keyid:C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:d2:c7:8f:4e:b2:dc:e1:26:d4:62:d5:8b:3d:bf:74:26:c7:
         22:d5:e2:41:4f:b8:60:ec:59:36:01:34:19:0c:82:20:fb:b3:
         78:11:30:0c:f1:c7:b6:ae:68:f6:53:a2:4a:1c:43:45:b0:f3:
         67:e9:96:93:88:01:46:e2:47:e0:af:85:8d:69:da:6d:00:4a:
         cf:0c:f5:c8:12:f3:b9:df:db:04:ef:a5:51:29:58:77:cd:6d:
         5e:c9:f2:05:f6:44:5e:bd:27:76:1d:66:87:fe:99:ef:e9:6a:
         3e:8e:74:6f:ff:f5:cd:9c:59:35:6a:c2:59:11:5a:4d:65:35:
         8d:b2:bc:cb:e7:ab:43:cc:c9:65:92:e2:2c:21:1f:09:45:56:
         3c:76:1f:46:ff:de:56:19:96:d2:db:f5:0b:67:bb:09:a5:0c:
         5b:ad:63:c6:7d:eb:b6:b7:0b:2a:59:c9:f5:9b:62:a5:09:af:
         07:16:50:90:f5:3d:22:73:44:11:7a:cc:7e:ae:0c:65:bc:a2:
         73:c0:26:61:8f:a6:ad:e9:f4:9d:39:7e:66:83:7e:ef:d5:e9:
         8d:68:47:0b:f8:9f:36:7e:71:c4:75:d9:07:23:e6:2b:48:78:
         ce:e7:57:d9:72:b1:29:c5:4b:33:5c:47:5e:78:0f:df:a8:db:
         09:7d:51:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWOvMQJ4EiUHfFmjqSjJJmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MTVjZDNhY2YzYjZiMmQ1N2JjMzQ4NTY3NTgyNzUzYzlj
YzA5MzMwHhcNMjUwMzEzMDkwMTMwWhcNMjUwMzE0MDkwMTMwWjAzMTEwLwYDVQQD
Eyg1YTljZmY5Zjk4ZWM5ZjAzN2I2MzM3OTU2ODk1YjFkMjUyZjcwODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv19mkhXITwYL38CKtuhqqsSZiknS
EpLXdBztufJkXhLbVxRnpnH7wweVrL2x0pEALEIzqck+szur1tcHtlyu4TuATSxX
FaAVQWrPSnkTtrrHfv65afSnwbGkaT0cvNmLYKiRL765KMCMw00JhZKLLfY4pavX
GJencRhJn2qmNGOqHIyiYqVaPp37hcSSm4KVvTd1Aksec3Kr/Txhf9BvOkZglXhl
kzSk365NjEReztucEzIkU2Dg/V3KQ5Py0LtVmWcU7nCjYpmUE+PM5dRhSQ2bCXOz
jhIGwyLeQ+EKnpAfgyXRFIxoL3gX/gi6/eJk91cxqbod0G5r4e/b/DWbpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqc/5+Y7J8De2M3lWiVsdJS9wgEMB8GA1UdIwQY
MBaAFMcVzTrPO2stV7w0hWdYJ1PJzAkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEt
YWU4ZDg0MDAzZmYxLzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEtYWU4ZDg0MDAzZmYx
LzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM9LHj06y
3OEm1GLViz2/dCbHItXiQU+4YOxZNgE0GQyCIPuzeBEwDPHHtq5o9lOiShxDRbDz
Z+mWk4gBRuJH4K+FjWnabQBKzwz1yBLzud/bBO+lUSlYd81tXsnyBfZEXr0ndh1m
h/6Z7+lqPo50b//1zZxZNWrCWRFaTWU1jbK8y+erQ8zJZZLiLCEfCUVWPHYfRv/e
VhmW0tv1C2e7CaUMW61jxn3rtrcLKlnJ9ZtipQmvBxZQkPU9InNEEXrMfq4MZbyi
c8AmYY+mren0nTl+ZoN+79XpjWhHC/ifNn5xxHXZByPmK0h4zudX2XKxKcVLM1xH
XngP36jbCX1RUQ==
-----END CERTIFICATE-----