Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
File:                     9XGHM6rUPvapm9jZUEog3YkCLo8.mft (raw, json)
Hash identifier:          V2+5Y3xsGN8GTrgRUBHxKUKgGXXYWibtWwUYgG3JgN8=
Subject key identifier:   8E:AA:6A:20:64:D0:10:B2:F4:32:65:EC:05:98:04:09:3D:3A:12:67
Authority key identifier: F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F
Certificate issuer:       /CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
Certificate serial:       0196549301CA683C2A2F6AB3D2EDA7471CDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
Manifest number:          11FD
Signing time:             Sun 20 Apr 2025 19:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:42 +0000
Files and hashes:         1: 9XGHM6rUPvapm9jZUEog3YkCLo8.crl (hash: EO2e3olBIQFkYRyjtdhYoW4XjDwJcMvGUO64uQJSzq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:01:ca:68:3c:2a:2f:6a:b3:d2:ed:a7:47:1c:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
        Validity
            Not Before: Apr 20 19:00:42 2025 GMT
            Not After : Apr 21 19:00:42 2025 GMT
        Subject: CN=8eaa6a2064d010b2f43265ec059804093d3a1267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ae:8a:a3:0c:40:61:52:36:c7:22:16:4b:72:
                    b6:7f:3e:3f:48:82:7e:b5:25:52:7f:04:f1:5b:dc:
                    1a:9c:0f:60:b8:99:b0:18:e9:a0:9d:d6:6d:01:8c:
                    78:e8:04:60:36:6c:47:ca:27:63:7d:fd:89:2e:fb:
                    12:e8:20:90:ed:00:97:c8:31:4b:d9:4d:06:93:ab:
                    31:0a:58:f4:18:f9:e3:2c:7d:5b:1d:4c:65:df:51:
                    71:e4:41:19:ad:6b:c6:ea:db:fc:e8:3b:09:a1:b9:
                    16:1f:5c:9c:50:fd:a8:bf:3b:fd:a7:d5:80:ef:dc:
                    ca:d1:6d:46:1d:b3:88:16:57:12:98:e3:9c:71:86:
                    ea:ec:45:68:c1:f7:e0:6b:77:ac:05:b5:1b:dc:72:
                    34:1e:ca:13:58:f6:42:e9:18:10:0d:ac:4e:7a:ef:
                    ef:43:7c:a8:61:ee:a2:17:b3:c7:23:df:9d:c7:cb:
                    10:f6:1a:05:b3:f1:45:f7:60:9e:3f:ea:5f:58:5e:
                    3b:ec:df:dc:77:b0:88:e6:b7:5b:fd:a2:ee:e9:0f:
                    d4:2b:7a:23:7b:f3:15:7a:25:8d:6f:54:00:73:e2:
                    13:2b:61:2e:b6:af:2d:98:72:b2:1b:c9:84:4a:f1:
                    7d:43:d0:a6:c1:fd:74:6b:aa:5e:a1:0c:67:db:50:
                    ba:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:AA:6A:20:64:D0:10:B2:F4:32:65:EC:05:98:04:09:3D:3A:12:67
            X509v3 Authority Key Identifier:
                keyid:F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:3d:c2:76:e0:4c:e7:6b:98:cb:74:d6:ea:be:3b:29:b1:ac:
         93:a6:cc:e4:b5:0b:0e:4d:75:0f:d9:95:ff:80:98:7b:bd:40:
         e2:ac:04:a4:23:02:cc:bc:6e:d2:92:63:31:26:c1:87:8d:2d:
         af:87:04:e0:45:b7:62:d4:e0:cb:a7:22:69:da:e0:d7:34:83:
         36:08:b0:d4:08:fd:f8:c9:0a:98:24:4e:3f:35:a9:fb:b4:10:
         66:02:36:e4:2f:72:36:1d:65:1d:e9:0f:c3:84:e1:96:c8:9a:
         2d:84:84:8a:46:58:e8:b1:bc:f7:e3:fb:3f:20:47:d7:d7:c0:
         48:06:ed:a1:db:55:b8:60:64:b8:56:90:99:cd:0a:fb:79:90:
         3f:40:e9:97:f0:af:3c:49:9e:cd:a4:b3:6d:82:8b:29:55:0a:
         86:0f:a5:27:3d:e2:7e:77:99:7a:eb:36:c0:60:d1:0b:3f:c7:
         ad:c0:7b:f9:1c:b6:c7:42:98:96:4f:de:15:86:24:06:48:ab:
         80:29:84:3d:cb:5d:a7:f0:e0:08:dd:1e:3f:7c:aa:9d:db:45:
         25:cc:92:fa:22:a0:39:c5:1b:7f:2a:56:85:4a:a0:98:54:ba:
         92:c4:a9:6c:9a:28:d4:cd:fb:74:57:bb:f6:c7:8b:76:21:f0:
         72:dd:ed:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkwHKaDwqL2qz0u2nRxzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzE4NzMzYWFkNDNlZjZhOTliZDhkOTUwNGEyMGRkODkw
MjJlOGYwHhcNMjUwNDIwMTkwMDQyWhcNMjUwNDIxMTkwMDQyWjAzMTEwLwYDVQQD
Eyg4ZWFhNmEyMDY0ZDAxMGIyZjQzMjY1ZWMwNTk4MDQwOTNkM2ExMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq6KowxAYVI2xyIWS3K2fz4/SIJ+
tSVSfwTxW9wanA9guJmwGOmgndZtAYx46ARgNmxHyidjff2JLvsS6CCQ7QCXyDFL
2U0Gk6sxClj0GPnjLH1bHUxl31Fx5EEZrWvG6tv86DsJobkWH1ycUP2ovzv9p9WA
79zK0W1GHbOIFlcSmOOccYbq7EVowffga3esBbUb3HI0HsoTWPZC6RgQDaxOeu/v
Q3yoYe6iF7PHI9+dx8sQ9hoFs/FF92CeP+pfWF477N/cd7CI5rdb/aLu6Q/UK3oj
e/MVeiWNb1QAc+ITK2Eutq8tmHKyG8mESvF9Q9Cmwf10a6peoQxn21C6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6qaiBk0BCy9DJl7AWYBAk9OhJnMB8GA1UdIwQY
MBaAFPVxhzOq1D72qZvY2VBKIN2JAi6PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5Yzgt
ZDcyNWZhNjczMmI2LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5YzgtZDcyNWZhNjczMmI2
LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmT3CduBM
52uYy3TW6r47KbGsk6bM5LULDk11D9mV/4CYe71A4qwEpCMCzLxu0pJjMSbBh40t
r4cE4EW3YtTgy6ciadrg1zSDNgiw1Aj9+MkKmCROPzWp+7QQZgI25C9yNh1lHekP
w4ThlsiaLYSEikZY6LG89+P7PyBH19fASAbtodtVuGBkuFaQmc0K+3mQP0Dpl/Cv
PEmezaSzbYKLKVUKhg+lJz3ifneZeus2wGDRCz/HrcB7+Ry2x0KYlk/eFYYkBkir
gCmEPctdp/DgCN0eP3yqndtFJcyS+iKgOcUbfypWhUqgmFS6ksSpbJoo1M37dFe7
9seLdiHwct3tUg==
-----END CERTIFICATE-----