Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          uNGKXNj1E2cTOwPza8+Yn/xBauvYFrIDTGO0ZTPaHTk=
Subject key identifier:   69:2E:D6:F0:44:FE:7E:9F:E5:2A:7B:6A:F4:9D:2C:0A:52:AC:93:59
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       01964EC790CD59CDFE05A1077996ABE696B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          05CC
Signing time:             Sat 19 Apr 2025 16:00:23 +0000
Manifest this update:     Sat 19 Apr 2025 16:00:23 +0000
Manifest next update:     Sun 20 Apr 2025 16:00:23 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: pgslg80YfSncU8qLMn7cOHu1jHnx9Qp5BGCt+zgkwAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:c7:90:cd:59:cd:fe:05:a1:07:79:96:ab:e6:96:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Apr 19 16:00:23 2025 GMT
            Not After : Apr 20 16:00:23 2025 GMT
        Subject: CN=692ed6f044fe7e9fe52a7b6af49d2c0a52ac9359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:57:3f:f2:62:19:b0:90:63:12:55:64:03:0b:
                    9f:f7:27:b6:84:1d:9b:48:76:08:3e:1c:3b:5d:98:
                    bb:0e:af:e5:52:c6:fc:53:1d:19:46:cd:8c:a1:67:
                    f0:1f:43:6b:c3:4b:c6:08:1e:ee:eb:84:94:ea:bf:
                    0d:87:05:14:24:65:48:43:05:10:4e:db:ff:df:5a:
                    a4:fc:13:0e:bf:e8:60:ff:68:86:d2:42:d7:5d:80:
                    34:05:f1:52:72:2d:9e:cf:c6:96:07:35:e2:83:c4:
                    c8:47:1f:34:d1:4b:db:70:b3:65:cf:17:45:cc:c4:
                    11:40:9d:dd:a2:e4:4e:16:1c:7e:f7:0a:e1:89:5d:
                    86:6a:6b:2b:12:05:d6:e3:c6:50:31:e1:67:04:71:
                    6f:50:55:0c:f2:9d:ce:46:41:cc:28:7a:51:18:1e:
                    92:06:1a:e6:52:20:ab:ec:74:8d:3b:1a:e9:51:af:
                    1e:83:a8:54:be:ec:a7:9d:8f:19:6f:7c:dc:e5:4a:
                    c3:cb:7f:f1:d7:5c:e4:3f:a9:91:66:27:d0:03:f1:
                    71:3e:98:f0:f0:dc:9e:92:1a:a5:82:8d:7a:f7:63:
                    e2:fe:1a:be:47:1f:f8:72:14:8d:ed:4f:3b:4a:86:
                    32:16:5b:29:62:23:02:5c:a3:63:09:67:06:d4:14:
                    26:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:2E:D6:F0:44:FE:7E:9F:E5:2A:7B:6A:F4:9D:2C:0A:52:AC:93:59
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:3e:1c:a2:1f:05:e4:aa:99:02:76:e2:37:d6:69:50:b7:56:
         28:55:dd:88:d9:1a:78:6d:59:33:af:4b:42:c7:89:f1:00:6d:
         4f:be:69:3d:ee:fd:c0:14:76:50:e1:4f:44:10:c8:74:85:40:
         83:ba:b3:96:b2:1b:2d:fc:ef:94:36:75:ee:78:be:4c:b1:68:
         3a:dc:d6:f3:4b:56:cb:db:4e:25:55:58:ef:5c:df:9a:27:a4:
         e6:90:2a:92:21:56:49:ac:d8:71:9c:e7:1d:63:0b:be:75:f5:
         84:dc:2d:15:9c:bc:30:29:83:6b:68:10:75:3a:eb:33:73:e4:
         9a:36:fc:8f:d1:9d:b4:0f:f2:78:97:6b:15:65:1e:d7:d7:55:
         db:bf:7b:74:2e:a4:cf:1a:92:28:5e:37:1b:52:90:12:94:d6:
         d7:8b:4b:98:5f:06:29:46:11:6e:11:ee:82:da:e7:4c:5b:f0:
         4d:87:92:6b:b0:42:2d:81:5f:20:8e:76:96:2f:36:ee:b7:f4:
         86:8f:87:bd:a2:ad:f6:f4:50:49:6c:db:d3:12:f3:e8:d8:d2:
         62:52:b6:ab:61:b5:96:d2:30:7f:90:dd:d1:45:88:63:10:b4:
         09:65:56:3f:03:4d:37:80:7d:07:62:7a:cf:1c:1a:b4:74:5b:
         22:50:00:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOx5DNWc3+BaEHeZar5payMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjUwNDE5MTYwMDIzWhcNMjUwNDIwMTYwMDIzWjAzMTEwLwYDVQQD
Eyg2OTJlZDZmMDQ0ZmU3ZTlmZTUyYTdiNmFmNDlkMmMwYTUyYWM5MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFc/8mIZsJBjElVkAwuf9ye2hB2b
SHYIPhw7XZi7Dq/lUsb8Ux0ZRs2MoWfwH0Nrw0vGCB7u64SU6r8NhwUUJGVIQwUQ
Ttv/31qk/BMOv+hg/2iG0kLXXYA0BfFSci2ez8aWBzXig8TIRx800UvbcLNlzxdF
zMQRQJ3douROFhx+9wrhiV2GamsrEgXW48ZQMeFnBHFvUFUM8p3ORkHMKHpRGB6S
BhrmUiCr7HSNOxrpUa8eg6hUvuynnY8Zb3zc5UrDy3/x11zkP6mRZifQA/FxPpjw
8Nyekhqlgo1692Pi/hq+Rx/4chSN7U87SoYyFlspYiMCXKNjCWcG1BQmfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGku1vBE/n6f5Sp7avSdLApSrJNZMB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOj4coh8F
5KqZAnbiN9ZpULdWKFXdiNkaeG1ZM69LQseJ8QBtT75pPe79wBR2UOFPRBDIdIVA
g7qzlrIbLfzvlDZ17ni+TLFoOtzW80tWy9tOJVVY71zfmiek5pAqkiFWSazYcZzn
HWMLvnX1hNwtFZy8MCmDa2gQdTrrM3Pkmjb8j9GdtA/yeJdrFWUe19dV2797dC6k
zxqSKF43G1KQEpTW14tLmF8GKUYRbhHugtrnTFvwTYeSa7BCLYFfII52li827rf0
ho+HvaKt9vRQSWzb0xLz6NjSYlK2q2G1ltIwf5Dd0UWIYxC0CWVWPwNNN4B9B2J6
zxwatHRbIlAAcg==
-----END CERTIFICATE-----