Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
File:                     XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft (raw, json)
Hash identifier:          nF6L/leQLHq/Id/eTVMWk4GgGQNBev5LIEM++0i01/0=
Subject key identifier:   2D:F8:DA:68:CB:38:6F:BC:CE:D8:88:B9:B9:74:D5:98:1B:4D:0B:C8
Authority key identifier: 5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A
Certificate issuer:       /CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
Certificate serial:       0194BABB6A8669719AA1CC8B99AA0B87C241
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
Manifest number:          09FE
Signing time:             Fri 31 Jan 2025 05:00:32 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:32 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:32 +0000
Files and hashes:         1: XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl (hash: v0HKKY3PiR7ayBU+Zf3aPIeMfrZ9/RcGHXXEDjB/B1A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:6a:86:69:71:9a:a1:cc:8b:99:aa:0b:87:c2:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d38eb29595607ed4d8f4d9bf06cba429926864a
        Validity
            Not Before: Jan 31 05:00:32 2025 GMT
            Not After : Feb  1 05:00:32 2025 GMT
        Subject: CN=2df8da68cb386fbcced888b9b974d5981b4d0bc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:bc:d4:a6:45:c7:61:85:d1:53:01:01:1b:b2:
                    57:c0:00:55:35:c4:3e:c6:5b:0b:72:b5:48:04:d3:
                    4c:2f:5a:53:58:cf:0a:ad:25:47:c2:e0:ae:97:0b:
                    ab:2d:5f:23:d2:33:4e:47:bd:e8:d2:6b:3b:9a:46:
                    62:83:82:8c:94:be:c5:39:9b:e2:5d:95:dd:c2:97:
                    c9:8b:aa:18:cc:0e:2a:1e:b0:d9:eb:d1:32:66:ed:
                    30:8e:66:52:ea:bf:48:cc:8b:61:dc:d5:5e:d6:e6:
                    11:76:17:81:60:4e:34:8d:6e:c4:42:0e:05:7d:c9:
                    df:1b:e7:b9:42:8d:ad:7b:e4:a7:e5:ca:c7:80:e3:
                    8d:95:56:3b:a5:8d:6e:8e:90:0d:7a:84:7c:e9:e7:
                    35:12:91:84:58:e2:55:b7:6c:51:01:a5:79:4b:f3:
                    6b:a6:e0:3b:19:0d:f5:23:4b:5c:fd:db:6e:44:18:
                    5b:e8:14:ab:30:89:7e:37:b9:73:23:14:d1:d1:d8:
                    50:07:fc:2a:aa:e2:68:55:8c:ae:24:a9:34:12:2d:
                    ab:49:52:13:ec:a8:23:64:b1:cc:94:f9:9c:83:da:
                    e1:5e:02:8c:1c:fd:0b:0e:7b:73:d6:81:80:69:86:
                    5d:c0:b1:9a:bd:2f:4b:45:15:d1:de:0f:b0:5b:14:
                    85:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:F8:DA:68:CB:38:6F:BC:CE:D8:88:B9:B9:74:D5:98:1B:4D:0B:C8
            X509v3 Authority Key Identifier:
                keyid:5D:38:EB:29:59:56:07:ED:4D:8F:4D:9B:F0:6C:BA:42:99:26:86:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c7ba95-9153-4414-ab0c-d24b4a5b1cdc/1/XTjrKVlWB-1Nj02b8Gy6Qpkmhko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:24:62:d2:ac:54:a9:59:f8:4c:be:82:f9:6f:55:80:bf:eb:
         56:79:41:06:5f:f2:09:1e:f7:5c:fe:d7:c8:fd:6d:14:08:46:
         12:8d:80:a3:2c:2d:46:0a:8e:89:83:ab:0a:92:93:52:6c:8d:
         8b:b0:32:51:8e:6e:34:fe:5d:54:0b:32:1a:40:59:e6:47:6b:
         7d:54:94:2e:a5:0e:1d:5b:7d:a4:dc:e4:16:ae:2e:36:ef:13:
         f7:cd:6c:cd:b5:6d:10:16:ae:34:98:ef:1e:d4:b2:2c:a8:ed:
         bf:e5:70:dd:d3:3d:f9:a1:cc:30:9a:f8:88:ad:fd:12:4d:76:
         4b:7b:ba:6d:6f:7f:f9:9d:3b:a2:d9:0d:c0:ed:22:87:f7:8f:
         8d:0f:0f:89:40:1c:85:57:11:ab:38:39:d6:d4:05:78:20:3b:
         06:82:84:25:46:6c:51:85:fb:1a:c3:76:05:c2:7a:69:59:4f:
         77:b3:5d:e5:b8:e1:e3:b8:ca:82:42:12:f2:d3:c7:70:cd:6b:
         af:ff:1a:52:c1:02:20:5d:5d:77:67:23:f5:48:1f:3e:ce:71:
         26:3b:96:2c:4a:87:89:e0:aa:5f:c9:10:2a:b8:9c:4f:10:66:
         0e:d1:d8:40:59:7e:27:85:b1:c3:9f:7c:cc:7a:92:de:87:05:
         3a:2d:ad:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6u2qGaXGaocyLmaoLh8JBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzhlYjI5NTk1NjA3ZWQ0ZDhmNGQ5YmYwNmNiYTQyOTky
Njg2NGEwHhcNMjUwMTMxMDUwMDMyWhcNMjUwMjAxMDUwMDMyWjAzMTEwLwYDVQQD
EygyZGY4ZGE2OGNiMzg2ZmJjY2VkODg4YjliOTc0ZDU5ODFiNGQwYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirzUpkXHYYXRUwEBG7JXwABVNcQ+
xlsLcrVIBNNML1pTWM8KrSVHwuCulwurLV8j0jNOR73o0ms7mkZig4KMlL7FOZvi
XZXdwpfJi6oYzA4qHrDZ69EyZu0wjmZS6r9IzIth3NVe1uYRdheBYE40jW7EQg4F
fcnfG+e5Qo2te+Sn5crHgOONlVY7pY1ujpANeoR86ec1EpGEWOJVt2xRAaV5S/Nr
puA7GQ31I0tc/dtuRBhb6BSrMIl+N7lzIxTR0dhQB/wqquJoVYyuJKk0Ei2rSVIT
7KgjZLHMlPmcg9rhXgKMHP0LDntz1oGAaYZdwLGavS9LRRXR3g+wWxSFYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC342mjLOG+8ztiIubl01ZgbTQvIMB8GA1UdIwQY
MBaAFF046ylZVgftTY9Nm/BsukKZJoZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMt
ZDI0YjRhNWIxY2RjLzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jN2JhOTUtOTE1My00NDE0LWFiMGMtZDI0YjRhNWIxY2Rj
LzEvWFRqcktWbFdCLTFOajAyYjhHeTZRcGttaGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCRi0qxU
qVn4TL6C+W9VgL/rVnlBBl/yCR73XP7XyP1tFAhGEo2AoywtRgqOiYOrCpKTUmyN
i7AyUY5uNP5dVAsyGkBZ5kdrfVSULqUOHVt9pNzkFq4uNu8T981szbVtEBauNJjv
HtSyLKjtv+Vw3dM9+aHMMJr4iK39Ek12S3u6bW9/+Z07otkNwO0ih/ePjQ8PiUAc
hVcRqzg51tQFeCA7BoKEJUZsUYX7GsN2BcJ6aVlPd7Nd5bjh47jKgkIS8tPHcM1r
r/8aUsECIF1dd2cj9UgfPs5xJjuWLEqHieCqX8kQKricTxBmDtHYQFl+J4Wxw598
zHqS3ocFOi2t1A==
-----END CERTIFICATE-----