Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          QoD7fyWSrygfoLYnVY7jKzoF++jY26+dxymSmfnLPX4=
Subject key identifier:   AB:89:D2:41:2D:18:23:44:25:85:B8:1E:6D:60:8A:E1:77:9C:CF:A7
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       01958B4D59D2918B035C58BBC334E08053D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          1415
Signing time:             Wed 12 Mar 2025 17:00:57 +0000
Manifest this update:     Wed 12 Mar 2025 17:00:57 +0000
Manifest next update:     Thu 13 Mar 2025 17:00:57 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: TNgRlxGsrtK7MS+Fka/CAXqeDgvIXYIZ5PwxGCusso4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 17:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:4d:59:d2:91:8b:03:5c:58:bb:c3:34:e0:80:53:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Mar 12 17:00:57 2025 GMT
            Not After : Mar 13 17:00:57 2025 GMT
        Subject: CN=ab89d2412d1823442585b81e6d608ae1779ccfa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ad:c5:b3:cf:a7:12:c3:2f:d5:d4:ce:80:85:
                    8f:86:85:4d:d5:c7:d8:df:43:e5:6c:49:e3:17:5e:
                    8b:10:ed:95:db:b8:8b:b1:b0:cc:7f:09:b7:b3:5c:
                    21:12:1c:b1:a4:1b:4b:91:b1:74:8e:2d:47:87:70:
                    d2:a7:71:a2:4e:1d:d4:c8:20:8d:07:23:e5:f7:cc:
                    df:d6:83:b9:d9:db:f4:07:3a:bb:b7:ca:f0:13:62:
                    63:ab:96:ba:ac:77:bd:c9:d1:77:eb:f3:5e:a0:ab:
                    24:27:41:ee:e4:0b:c0:35:a7:03:d0:47:2b:3b:a7:
                    42:a9:6f:41:eb:c2:0f:15:05:d9:6c:43:ab:ed:7b:
                    29:18:1f:fe:bc:06:db:e2:a9:b8:9b:0f:a6:26:d2:
                    7a:bb:b2:61:30:5c:9c:38:6a:aa:d3:f3:a0:d1:7f:
                    5d:31:24:dc:aa:f1:18:9c:94:59:e2:68:90:91:07:
                    b2:9d:da:e8:4a:64:15:11:89:7f:3c:8a:7b:98:35:
                    b0:0a:7b:45:dc:80:11:48:6f:80:c5:0d:4d:21:92:
                    2c:b8:43:15:ff:2e:38:40:ef:d0:e7:01:34:bc:0f:
                    56:d8:1f:b0:5d:dd:c6:67:e2:46:d9:db:ae:14:5e:
                    4e:e1:b8:30:44:e0:e0:ae:04:21:0a:d1:28:f7:d3:
                    66:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:89:D2:41:2D:18:23:44:25:85:B8:1E:6D:60:8A:E1:77:9C:CF:A7
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:48:56:cc:db:f7:7e:30:99:2d:f1:2f:39:fd:36:b4:0a:31:
         32:79:64:c8:9f:62:03:3b:54:f7:32:ee:55:ed:ac:29:83:df:
         ec:c1:bd:2b:1e:e3:9a:0e:08:ae:9b:f7:77:cb:6a:e4:1b:69:
         61:e2:78:58:e6:5b:bf:d3:28:8f:3f:01:ff:bc:77:f8:f5:0f:
         74:b8:14:4d:0d:33:1d:ce:87:4a:2e:81:76:00:5f:c0:aa:74:
         5b:23:39:b1:14:e8:a5:96:70:39:21:99:66:96:ce:e2:3c:a6:
         95:d6:b9:bd:f1:31:d2:99:76:aa:7c:d1:c6:6a:eb:35:ae:03:
         01:49:b2:31:8c:c5:a6:db:7d:e0:1d:71:27:9b:5c:b0:c6:45:
         93:ce:23:6c:e3:33:f3:3d:67:3a:ed:76:20:ac:99:7d:c5:9b:
         bd:fc:6d:0b:fc:cd:9a:b0:ef:21:85:a2:0c:a9:69:90:0f:2a:
         5d:c3:26:29:a7:b3:d8:fb:9c:18:00:1e:f6:72:89:09:c8:0b:
         57:b7:e9:8f:84:b1:26:b3:d2:40:97:35:c2:47:e3:2d:2c:ba:
         51:43:96:a9:a9:1a:3f:ef:29:92:b3:a7:80:b8:bb:a4:0f:29:
         43:67:cc:22:0d:72:a7:17:5f:3b:b9:c8:ae:9a:2e:f5:bd:17:
         09:b3:2a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTVnSkYsDXFi7wzTggFPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUwMzEyMTcwMDU3WhcNMjUwMzEzMTcwMDU3WjAzMTEwLwYDVQQD
EyhhYjg5ZDI0MTJkMTgyMzQ0MjU4NWI4MWU2ZDYwOGFlMTc3OWNjZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK3Fs8+nEsMv1dTOgIWPhoVN1cfY
30PlbEnjF16LEO2V27iLsbDMfwm3s1whEhyxpBtLkbF0ji1Hh3DSp3GiTh3UyCCN
ByPl98zf1oO52dv0Bzq7t8rwE2Jjq5a6rHe9ydF36/NeoKskJ0Hu5AvANacD0Ecr
O6dCqW9B68IPFQXZbEOr7XspGB/+vAbb4qm4mw+mJtJ6u7JhMFycOGqq0/Og0X9d
MSTcqvEYnJRZ4miQkQeyndroSmQVEYl/PIp7mDWwCntF3IARSG+AxQ1NIZIsuEMV
/y44QO/Q5wE0vA9W2B+wXd3GZ+JG2duuFF5O4bgwRODgrgQhCtEo99NmgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuJ0kEtGCNEJYW4Hm1giuF3nM+nMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEhWzNv3
fjCZLfEvOf02tAoxMnlkyJ9iAztU9zLuVe2sKYPf7MG9Kx7jmg4Irpv3d8tq5Btp
YeJ4WOZbv9Mojz8B/7x3+PUPdLgUTQ0zHc6HSi6BdgBfwKp0WyM5sRTopZZwOSGZ
ZpbO4jymlda5vfEx0pl2qnzRxmrrNa4DAUmyMYzFptt94B1xJ5tcsMZFk84jbOMz
8z1nOu12IKyZfcWbvfxtC/zNmrDvIYWiDKlpkA8qXcMmKaez2PucGAAe9nKJCcgL
V7fpj4SxJrPSQJc1wkfjLSy6UUOWqakaP+8pkrOngLi7pA8pQ2fMIg1ypxdfO7nI
rpou9b0XCbMqjQ==
-----END CERTIFICATE-----