Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
File:                     xbqElpIUKuxW19DdyN1N20HPg8E.mft (raw, json)
Hash identifier:          MwnJnNM/zLbCKoZf4PaEaYJdJJQayBJz3xAlM5K4SrU=
Subject key identifier:   25:49:9C:95:73:85:4F:F4:E3:CE:91:9B:6C:0A:8C:A0:35:F8:45:21
Authority key identifier: C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1
Certificate issuer:       /CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
Certificate serial:       01962B2A33EB3181B853F9804F4ABFA603E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
Manifest number:          0DE8
Signing time:             Sat 12 Apr 2025 18:01:48 +0000
Manifest this update:     Sat 12 Apr 2025 18:01:48 +0000
Manifest next update:     Sun 13 Apr 2025 18:01:48 +0000
Files and hashes:         1: xbqElpIUKuxW19DdyN1N20HPg8E.crl (hash: 0Kfj3driYTejr42B/OynNEGxek0yhim46SYJRdTEYtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 18:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2b:2a:33:eb:31:81:b8:53:f9:80:4f:4a:bf:a6:03:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5ba849692142aec56d7d0ddc8dd4ddb41cf83c1
        Validity
            Not Before: Apr 12 18:01:48 2025 GMT
            Not After : Apr 13 18:01:48 2025 GMT
        Subject: CN=25499c9573854ff4e3ce919b6c0a8ca035f84521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:94:30:36:97:ab:75:8f:36:ad:4b:67:0d:78:
                    8d:2b:de:b9:5a:ac:ab:c2:01:40:de:fd:a4:4c:76:
                    a6:c7:46:a9:a0:f8:20:7e:e2:af:31:05:e3:61:81:
                    10:38:27:aa:a4:3a:58:fb:7e:b7:05:ee:7d:fc:4e:
                    9a:13:a5:96:d0:80:ab:a5:d2:08:a1:2c:30:25:d3:
                    64:0f:d6:70:7b:2f:3e:93:c8:42:7d:84:9d:d3:87:
                    89:27:ba:57:af:e1:8a:33:79:41:d4:66:10:95:b8:
                    4b:5b:78:1d:02:57:c8:e6:74:f5:ba:a6:64:9e:04:
                    1c:31:58:8a:e5:07:0c:7b:dd:b4:e3:b6:61:e5:a5:
                    47:b6:56:4f:5f:05:46:63:df:27:ef:a4:8f:03:59:
                    bf:fb:d6:88:65:6d:12:9d:f6:17:06:38:6a:ff:01:
                    1a:e2:c3:78:7a:33:1f:4a:c0:89:68:6a:f9:d8:d2:
                    52:f3:22:d6:c2:7d:6a:c2:7c:a1:21:d8:6c:6c:ab:
                    ba:5d:9d:11:ec:cd:f6:b2:5d:dc:bc:82:a1:82:24:
                    be:64:82:f6:34:c1:7b:90:72:46:82:89:70:48:22:
                    4d:34:21:cd:d2:bb:15:10:44:04:be:d0:83:d5:29:
                    b3:c2:9c:54:a7:1e:aa:93:2b:01:3c:09:f1:44:ef:
                    db:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:49:9C:95:73:85:4F:F4:E3:CE:91:9B:6C:0A:8C:A0:35:F8:45:21
            X509v3 Authority Key Identifier:
                keyid:C5:BA:84:96:92:14:2A:EC:56:D7:D0:DD:C8:DD:4D:DB:41:CF:83:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbqElpIUKuxW19DdyN1N20HPg8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/06684c-9955-424b-ace8-23797aeabb0f/1/xbqElpIUKuxW19DdyN1N20HPg8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ce:60:6d:d9:cb:61:17:28:c7:d4:9d:83:7d:16:d0:0d:61:
         b7:8b:a0:ac:1c:01:e9:aa:80:fe:55:07:d4:84:9e:df:c9:89:
         b2:6f:c5:c3:10:33:55:2b:aa:c2:e3:8e:84:b2:4d:d3:6d:71:
         d2:ab:7d:d5:65:6a:38:0f:ac:10:f0:7c:d8:23:fb:fd:25:f0:
         03:ef:4a:17:70:51:e8:bf:ee:9f:73:91:1b:94:e8:55:37:5b:
         2c:38:d5:3f:7f:25:76:e0:60:d7:13:45:b1:22:8d:b1:80:4b:
         41:25:97:84:5d:a1:b3:1e:8d:83:c7:56:53:e6:67:20:25:0a:
         1d:67:cf:4e:c3:c5:02:1b:72:bd:18:c6:07:fb:44:21:99:38:
         4f:c4:44:20:fd:17:d6:96:07:1c:a9:57:0c:61:55:4b:45:f4:
         49:41:cf:83:0a:3d:d2:6f:d3:1c:48:5e:5c:5a:29:5c:81:6b:
         a1:7e:b8:54:4e:98:d9:22:1a:79:e2:94:44:f0:9a:05:88:6f:
         93:5f:61:a0:15:a8:66:7a:f7:c6:50:2f:69:76:52:c6:51:e8:
         57:85:82:8f:6c:fa:df:d0:84:b1:d2:52:9a:e1:ca:e6:85:df:
         41:47:7a:de:e4:c9:b0:36:c2:4c:6d:49:bc:91:dc:76:73:9f:
         5e:16:47:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYrKjPrMYG4U/mAT0q/pgPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmE4NDk2OTIxNDJhZWM1NmQ3ZDBkZGM4ZGQ0ZGRiNDFj
ZjgzYzEwHhcNMjUwNDEyMTgwMTQ4WhcNMjUwNDEzMTgwMTQ4WjAzMTEwLwYDVQQD
EygyNTQ5OWM5NTczODU0ZmY0ZTNjZTkxOWI2YzBhOGNhMDM1Zjg0NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpQwNperdY82rUtnDXiNK965Wqyr
wgFA3v2kTHamx0apoPggfuKvMQXjYYEQOCeqpDpY+363Be59/E6aE6WW0ICrpdII
oSwwJdNkD9Zwey8+k8hCfYSd04eJJ7pXr+GKM3lB1GYQlbhLW3gdAlfI5nT1uqZk
ngQcMViK5QcMe92047Zh5aVHtlZPXwVGY98n76SPA1m/+9aIZW0SnfYXBjhq/wEa
4sN4ejMfSsCJaGr52NJS8yLWwn1qwnyhIdhsbKu6XZ0R7M32sl3cvIKhgiS+ZIL2
NMF7kHJGgolwSCJNNCHN0rsVEEQEvtCD1SmzwpxUpx6qkysBPAnxRO/bywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVJnJVzhU/0486Rm2wKjKA1+EUhMB8GA1UdIwQY
MBaAFMW6hJaSFCrsVtfQ3cjdTdtBz4PBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgt
MjM3OTdhZWFiYjBmLzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wNjY4NGMtOTk1NS00MjRiLWFjZTgtMjM3OTdhZWFiYjBm
LzEveGJxRWxwSVVLdXhXMTlEZHlOMU4yMEhQZzhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj85gbdnL
YRcox9Sdg30W0A1ht4ugrBwB6aqA/lUH1ISe38mJsm/FwxAzVSuqwuOOhLJN021x
0qt91WVqOA+sEPB82CP7/SXwA+9KF3BR6L/un3ORG5ToVTdbLDjVP38lduBg1xNF
sSKNsYBLQSWXhF2hsx6Ng8dWU+ZnICUKHWfPTsPFAhtyvRjGB/tEIZk4T8REIP0X
1pYHHKlXDGFVS0X0SUHPgwo90m/THEheXFopXIFroX64VE6Y2SIaeeKURPCaBYhv
k19hoBWoZnr3xlAvaXZSxlHoV4WCj2z639CEsdJSmuHK5oXfQUd63uTJsDbCTG1J
vJHcdnOfXhZH/w==
-----END CERTIFICATE-----