Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
File:                     X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft (raw, json)
Hash identifier:          lCS86bYgDWpTEmrDJSapOHjnaXoO1rIVaOeHeggOcBg=
Subject key identifier:   BA:CB:20:51:81:9E:C5:28:76:25:CB:F8:8E:71:9E:81:CF:3B:26:3C
Authority key identifier: 5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6
Certificate issuer:       /CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
Certificate serial:       019748C3507DB16A1A7FA15F8656C69026B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
Manifest number:          0353
Signing time:             Sat 07 Jun 2025 05:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 05:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 05:00:48 +0000
Files and hashes:         1: X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl (hash: o0NPJLhl30XrYhvuO7WXawl2lrqQj70qqQjONMGH/aA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 05:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:c3:50:7d:b1:6a:1a:7f:a1:5f:86:56:c6:90:26:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
        Validity
            Not Before: Jun  7 05:00:48 2025 GMT
            Not After : Jun  8 05:00:48 2025 GMT
        Subject: CN=bacb2051819ec5287625cbf88e719e81cf3b263c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0d:e9:f5:43:45:f0:85:c8:aa:39:47:49:a0:
                    33:06:f2:1b:a1:d3:4d:a8:05:45:6d:b6:37:71:7d:
                    ff:2d:af:2b:09:21:bd:30:d2:e9:b4:9d:75:c0:98:
                    89:14:c0:d3:d0:f1:33:ff:1f:33:db:80:32:43:93:
                    86:fb:bb:f2:a5:97:5a:da:ea:9e:6e:14:4e:c7:94:
                    f6:2b:28:4e:32:d1:8b:85:52:53:a8:91:5e:23:9b:
                    b4:38:d4:c3:c1:7d:d1:75:c6:2b:db:c9:10:58:58:
                    23:91:b1:fb:5c:a0:b2:87:fd:15:6e:47:69:55:b5:
                    6c:42:2c:85:5e:bc:98:8b:4a:cd:cb:4a:88:9d:f9:
                    96:64:fc:dd:3f:ff:79:f2:1d:2c:44:0e:74:83:66:
                    e9:9f:1b:ff:1a:d7:fe:bb:11:71:14:d5:75:5b:c2:
                    3e:41:54:5d:61:59:5e:8c:29:6c:eb:57:92:03:fc:
                    d7:5f:a4:0f:ff:0c:1d:3e:39:72:b2:ce:b3:8d:98:
                    70:59:8a:b3:b9:92:18:aa:26:61:bb:b3:7b:73:d4:
                    2c:2d:92:d6:f0:dc:4e:06:ff:17:44:cf:f0:60:02:
                    1f:96:f1:cc:82:13:d3:17:d9:a4:2b:5b:98:92:4e:
                    c3:54:3d:85:1a:6e:c4:a2:10:6c:24:79:cd:8e:e7:
                    87:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:CB:20:51:81:9E:C5:28:76:25:CB:F8:8E:71:9E:81:CF:3B:26:3C
            X509v3 Authority Key Identifier:
                keyid:5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:04:72:46:99:71:18:26:de:09:69:8e:8f:31:32:3c:ad:01:
         45:6c:53:69:95:b5:a6:e4:cc:e3:66:e7:e1:da:78:67:46:55:
         ce:f3:d1:e3:88:6f:2d:e9:9d:7c:a9:d3:b8:a1:2d:c4:4c:f8:
         e1:83:bd:df:ef:8a:9e:f6:b3:86:c8:52:9e:76:b0:95:29:fd:
         a2:ed:8b:38:96:6a:10:5f:c6:60:fe:d3:cb:4b:e4:28:6b:e3:
         e6:8b:b8:c5:9c:20:e0:2a:de:49:20:60:37:7b:e8:01:c1:0b:
         a6:26:fb:62:10:d0:7b:ed:7f:56:82:e8:2e:7f:d6:e6:74:61:
         2f:dc:b2:fd:66:27:85:b8:62:1d:51:c6:62:c2:6f:a5:b9:e0:
         cb:81:01:2f:63:5e:4c:33:9a:29:8f:8e:0c:12:ea:4d:df:68:
         a5:cc:14:4e:1e:9c:f7:f2:84:25:c9:66:d0:19:63:05:9d:e6:
         72:89:e4:1d:99:7e:5d:ea:8a:68:d1:32:f5:83:7c:a2:db:18:
         56:bc:db:5b:9c:31:29:35:47:29:47:0e:0a:19:f3:49:b8:58:
         b7:93:48:ad:0e:c8:b7:2b:32:2c:97:83:df:a4:6c:42:ae:6b:
         fd:1e:64:10:e4:52:36:2c:7c:0e:84:05:49:92:46:56:b6:40:
         1b:c8:f8:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIw1B9sWoaf6FfhlbGkCa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2ExMjM1NDZmZTUxYTllNGJlZGY4M2VlZTAzNzUyYmQ5
NjM5ZDYwHhcNMjUwNjA3MDUwMDQ4WhcNMjUwNjA4MDUwMDQ4WjAzMTEwLwYDVQQD
EyhiYWNiMjA1MTgxOWVjNTI4NzYyNWNiZjg4ZTcxOWU4MWNmM2IyNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA3p9UNF8IXIqjlHSaAzBvIbodNN
qAVFbbY3cX3/La8rCSG9MNLptJ11wJiJFMDT0PEz/x8z24AyQ5OG+7vypZda2uqe
bhROx5T2KyhOMtGLhVJTqJFeI5u0ONTDwX3RdcYr28kQWFgjkbH7XKCyh/0Vbkdp
VbVsQiyFXryYi0rNy0qInfmWZPzdP/958h0sRA50g2bpnxv/Gtf+uxFxFNV1W8I+
QVRdYVlejCls61eSA/zXX6QP/wwdPjlyss6zjZhwWYqzuZIYqiZhu7N7c9QsLZLW
8NxOBv8XRM/wYAIflvHMghPTF9mkK1uYkk7DVD2FGm7EohBsJHnNjueHUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrLIFGBnsUodiXL+I5xnoHPOyY8MB8GA1UdIwQY
MBaAFF96EjVG/lGp5L7fg+7gN1K9ljnWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1Njkt
YjJmZjY4MWRhNmJiLzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1NjktYjJmZjY4MWRhNmJi
LzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUARyRplx
GCbeCWmOjzEyPK0BRWxTaZW1puTM42bn4dp4Z0ZVzvPR44hvLemdfKnTuKEtxEz4
4YO93++KnvazhshSnnawlSn9ou2LOJZqEF/GYP7Ty0vkKGvj5ou4xZwg4CreSSBg
N3voAcELpib7YhDQe+1/VoLoLn/W5nRhL9yy/WYnhbhiHVHGYsJvpbngy4EBL2Ne
TDOaKY+ODBLqTd9opcwUTh6c9/KEJclm0BljBZ3mconkHZl+XeqKaNEy9YN8otsY
VrzbW5wxKTVHKUcOChnzSbhYt5NIrQ7ItysyLJeD36RsQq5r/R5kEORSNix8DoQF
SZJGVrZAG8j4VQ==
-----END CERTIFICATE-----