Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
File:                     xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft (raw, json)
Hash identifier:          I7v8XPxbVeV7WPaVTm2sCiDBKOxADVGiUMTswskK1mk=
Subject key identifier:   60:0C:DA:3C:8D:21:E7:6B:F2:26:4A:F4:6D:F9:E6:33:A2:8F:6E:C8
Authority key identifier: C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33
Certificate issuer:       /CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
Certificate serial:       01965793D4170E6FC62BB91C026D1D3DC2CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
Manifest number:          14FC
Signing time:             Mon 21 Apr 2025 09:00:27 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:27 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:27 +0000
Files and hashes:         1: xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl (hash: 3G42g8fLKr9P8jKxgM2xgbOmGK28FDddZAtEdBB5Iak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:d4:17:0e:6f:c6:2b:b9:1c:02:6d:1d:3d:c2:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c715cd3acf3b6b2d57bc348567582753c9cc0933
        Validity
            Not Before: Apr 21 09:00:27 2025 GMT
            Not After : Apr 22 09:00:27 2025 GMT
        Subject: CN=600cda3c8d21e76bf2264af46df9e633a28f6ec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ad:82:90:c9:b4:05:d4:2c:20:00:98:cf:e7:
                    23:a3:58:20:36:1f:95:b3:b5:d4:bf:9b:83:a1:d1:
                    fe:3a:82:2e:a3:a0:e6:58:de:ec:4d:c1:41:40:44:
                    96:b6:4d:64:d8:f3:e3:53:a9:4a:5f:8c:94:3e:4c:
                    dd:e9:7e:03:b9:93:67:88:e8:bc:9b:76:3f:8c:35:
                    11:76:2e:0f:84:43:b3:8d:17:02:b2:0c:1e:22:61:
                    5d:67:a7:d2:8e:3a:01:8d:82:ed:09:69:da:b7:3d:
                    30:c6:d0:d7:e3:ac:e5:dc:ed:85:ef:3c:8d:0d:90:
                    49:40:6f:9d:5c:06:bf:38:72:89:9a:bb:26:64:60:
                    d1:5d:d0:d7:65:e3:cf:20:41:7b:e9:16:df:f8:ef:
                    64:a2:cc:04:cb:f5:24:4d:c8:7e:1a:53:de:6c:87:
                    59:5f:c8:ec:1d:3a:0e:5d:75:93:8f:10:4a:8c:c3:
                    81:f9:89:25:be:83:e1:c2:b4:a6:7e:05:b6:42:32:
                    fb:ae:50:ee:69:d0:70:b2:c6:e5:a8:3f:23:c0:ec:
                    79:a3:24:d1:91:c8:2d:70:52:91:3d:6b:ee:4e:4f:
                    eb:fa:66:b1:72:b1:a4:8f:23:39:6b:22:0c:70:d9:
                    87:53:7e:d9:2d:9b:12:96:96:2d:ce:a0:ba:b8:f3:
                    49:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:0C:DA:3C:8D:21:E7:6B:F2:26:4A:F4:6D:F9:E6:33:A2:8F:6E:C8
            X509v3 Authority Key Identifier:
                keyid:C7:15:CD:3A:CF:3B:6B:2D:57:BC:34:85:67:58:27:53:C9:CC:09:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxXNOs87ay1XvDSFZ1gnU8nMCTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/24dd54-e910-4e4b-a921-ae8d84003ff1/1/xxXNOs87ay1XvDSFZ1gnU8nMCTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:db:6d:df:0c:cd:be:87:1f:8b:cb:0f:3b:4a:00:fb:83:98:
         e9:a1:6e:36:d1:80:93:11:67:d3:8b:02:89:10:86:98:83:91:
         77:7f:e8:f3:f7:75:31:41:8a:ea:c5:b7:14:55:4f:c5:14:84:
         b8:91:fa:4f:dd:70:5e:f1:39:31:96:4b:1e:1d:aa:31:43:cd:
         76:e7:d7:92:5c:50:52:1d:2f:fd:c2:dc:6b:41:95:9c:43:bd:
         a4:40:87:29:93:7f:df:fc:b3:56:0e:8c:59:3e:77:ae:7f:25:
         e4:d0:39:12:1f:13:9f:ef:c7:19:38:a3:bd:3c:e7:b6:69:65:
         89:33:27:e5:d9:65:bc:0c:e2:ca:9a:e6:84:7d:2e:01:3a:9f:
         d8:d4:4c:e8:34:e2:76:60:86:9c:ed:39:bb:68:24:3a:ab:e2:
         1f:c9:95:0c:35:63:54:7a:7c:d4:a8:94:40:26:48:97:f7:21:
         48:4c:fd:0c:cb:7a:76:03:24:ca:5b:0e:34:5d:44:75:e8:a4:
         6d:38:ac:f3:ac:27:48:d9:8d:75:7a:b3:c2:0e:38:cd:4e:46:
         dc:ee:69:19:d4:b3:82:e6:64:0d:b2:5e:0e:21:fc:58:21:80:
         b1:02:6a:b4:ec:47:72:9f:0e:66:fa:f2:f1:6f:ae:24:27:3e:
         f6:aa:f2:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk9QXDm/GK7kcAm0dPcLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MTVjZDNhY2YzYjZiMmQ1N2JjMzQ4NTY3NTgyNzUzYzlj
YzA5MzMwHhcNMjUwNDIxMDkwMDI3WhcNMjUwNDIyMDkwMDI3WjAzMTEwLwYDVQQD
Eyg2MDBjZGEzYzhkMjFlNzZiZjIyNjRhZjQ2ZGY5ZTYzM2EyOGY2ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK2CkMm0BdQsIACYz+cjo1ggNh+V
s7XUv5uDodH+OoIuo6DmWN7sTcFBQESWtk1k2PPjU6lKX4yUPkzd6X4DuZNniOi8
m3Y/jDURdi4PhEOzjRcCsgweImFdZ6fSjjoBjYLtCWnatz0wxtDX46zl3O2F7zyN
DZBJQG+dXAa/OHKJmrsmZGDRXdDXZePPIEF76Rbf+O9koswEy/UkTch+GlPebIdZ
X8jsHToOXXWTjxBKjMOB+YklvoPhwrSmfgW2QjL7rlDuadBwssblqD8jwOx5oyTR
kcgtcFKRPWvuTk/r+maxcrGkjyM5ayIMcNmHU37ZLZsSlpYtzqC6uPNJoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAM2jyNIedr8iZK9G355jOij27IMB8GA1UdIwQY
MBaAFMcVzTrPO2stV7w0hWdYJ1PJzAkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEt
YWU4ZDg0MDAzZmYxLzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yNGRkNTQtZTkxMC00ZTRiLWE5MjEtYWU4ZDg0MDAzZmYx
LzEveHhYTk9zODdheTFYdkRTRloxZ25VOG5NQ1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOdtt3wzN
vocfi8sPO0oA+4OY6aFuNtGAkxFn04sCiRCGmIORd3/o8/d1MUGK6sW3FFVPxRSE
uJH6T91wXvE5MZZLHh2qMUPNdufXklxQUh0v/cLca0GVnEO9pECHKZN/3/yzVg6M
WT53rn8l5NA5Eh8Tn+/HGTijvTzntmlliTMn5dllvAziyprmhH0uATqf2NRM6DTi
dmCGnO05u2gkOqviH8mVDDVjVHp81KiUQCZIl/chSEz9DMt6dgMkylsONF1Edeik
bTis86wnSNmNdXqzwg44zU5G3O5pGdSzguZkDbJeDiH8WCGAsQJqtOxHcp8OZvry
8W+uJCc+9qryiQ==
-----END CERTIFICATE-----