Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          B1G8zbaywv7zj4i4Wrzgd0tf1ndbfffEkkXE4oXKGfo=
Subject key identifier:   6E:9B:95:F8:ED:11:CF:C6:A8:F6:30:F3:D1:CC:C1:4F:35:1E:16:FF
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       01965425709E3201CE8C641E118D2B1A3591
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          147D
Signing time:             Sun 20 Apr 2025 17:01:01 +0000
Manifest this update:     Sun 20 Apr 2025 17:01:01 +0000
Manifest next update:     Mon 21 Apr 2025 17:01:01 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: ACupglQSa5/d4+vGk3ZqX2/6WAPkC+8wNMceecSaVJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:25:70:9e:32:01:ce:8c:64:1e:11:8d:2b:1a:35:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Apr 20 17:01:01 2025 GMT
            Not After : Apr 21 17:01:01 2025 GMT
        Subject: CN=6e9b95f8ed11cfc6a8f630f3d1ccc14f351e16ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d5:2c:1e:e2:26:0a:88:6d:72:e5:1d:0d:d8:
                    ed:cf:ef:d2:73:3d:21:82:42:5f:c6:72:42:15:aa:
                    03:61:73:5e:ac:db:83:21:75:e4:2b:f6:27:0b:bb:
                    47:c5:eb:70:76:1c:41:3a:c0:97:31:41:ff:e7:0d:
                    6c:7e:ba:82:2c:ba:38:40:8c:4d:d5:4a:67:52:d6:
                    13:11:f5:7b:c7:a8:2b:a6:eb:11:ec:61:82:15:e8:
                    f9:60:bc:01:11:81:33:80:0f:21:52:75:c2:f8:b0:
                    45:ac:cb:3d:e0:2b:50:b5:6b:53:f1:8e:9d:c1:9d:
                    cb:1f:35:95:91:fe:10:7d:43:91:ff:1d:ec:67:3e:
                    8b:50:f2:c6:81:b7:cf:f8:57:64:96:b0:8f:98:33:
                    8a:69:83:d7:ad:4a:e3:7b:60:39:de:da:23:2a:4b:
                    0a:1d:d2:23:c8:f0:f7:4e:5c:fc:0c:92:ad:0a:52:
                    37:dc:91:fc:2e:0a:17:e4:78:70:46:5d:8f:24:75:
                    6b:a5:7a:d0:88:c8:45:52:14:df:8b:b1:12:f9:54:
                    57:91:d5:57:83:24:9a:b7:21:50:47:c7:df:02:b8:
                    35:1b:12:6d:fd:a2:03:20:a4:6c:c0:ff:91:4d:ec:
                    ec:00:b3:21:4b:3f:f1:49:e1:d5:f3:c1:bc:ee:c0:
                    a1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:9B:95:F8:ED:11:CF:C6:A8:F6:30:F3:D1:CC:C1:4F:35:1E:16:FF
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:2f:d4:ea:a4:79:66:26:07:f5:4c:9b:aa:6b:67:0b:b7:4f:
         75:d1:98:8e:29:d4:46:2f:cc:d2:fa:69:e8:75:1a:41:42:cd:
         73:b0:45:0e:aa:66:cb:e6:07:22:91:94:0e:be:3d:68:d7:be:
         aa:2d:3f:7a:54:4f:1e:a6:90:29:c9:64:7e:f0:78:f7:6e:eb:
         32:46:3d:59:29:e6:03:21:8e:e8:39:b7:f6:b4:16:cc:03:26:
         d0:7f:70:14:0d:91:f2:5a:cd:c4:a4:a8:2c:a6:78:88:67:43:
         80:94:2e:ef:b8:3c:96:e1:7e:56:6a:2f:2e:7b:1d:7d:94:24:
         12:f4:a0:15:44:53:5a:1a:07:3a:f6:37:64:76:3a:b7:a7:65:
         19:ec:65:4b:54:cd:0b:27:9d:db:ec:b3:60:a2:01:9f:cd:bb:
         a1:47:97:e0:8c:96:52:e0:a7:8c:61:f3:42:8f:43:c5:f3:88:
         cc:09:7b:fe:a9:74:f7:c7:03:d9:b1:fa:e9:7c:cc:8b:83:5e:
         9c:eb:1f:a5:45:38:9b:a1:73:b4:1f:59:bc:4d:78:ed:39:cf:
         e8:b9:04:7a:27:3d:6d:45:86:94:b9:0c:ce:3f:d7:8e:e1:99:
         31:75:c6:b1:34:f0:42:15:f1:4b:19:e2:3e:6d:a8:95:70:35:
         85:7d:b6:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUJXCeMgHOjGQeEY0rGjWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUwNDIwMTcwMTAxWhcNMjUwNDIxMTcwMTAxWjAzMTEwLwYDVQQD
Eyg2ZTliOTVmOGVkMTFjZmM2YThmNjMwZjNkMWNjYzE0ZjM1MWUxNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNUsHuImCohtcuUdDdjtz+/Scz0h
gkJfxnJCFaoDYXNerNuDIXXkK/YnC7tHxetwdhxBOsCXMUH/5w1sfrqCLLo4QIxN
1UpnUtYTEfV7x6grpusR7GGCFej5YLwBEYEzgA8hUnXC+LBFrMs94CtQtWtT8Y6d
wZ3LHzWVkf4QfUOR/x3sZz6LUPLGgbfP+FdklrCPmDOKaYPXrUrje2A53tojKksK
HdIjyPD3Tlz8DJKtClI33JH8LgoX5HhwRl2PJHVrpXrQiMhFUhTfi7ES+VRXkdVX
gySatyFQR8ffArg1GxJt/aIDIKRswP+RTezsALMhSz/xSeHV88G87sChdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6blfjtEc/GqPYw89HMwU81Hhb/MB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeC/U6qR5
ZiYH9UybqmtnC7dPddGYjinURi/M0vpp6HUaQULNc7BFDqpmy+YHIpGUDr49aNe+
qi0/elRPHqaQKclkfvB4927rMkY9WSnmAyGO6Dm39rQWzAMm0H9wFA2R8lrNxKSo
LKZ4iGdDgJQu77g8luF+VmovLnsdfZQkEvSgFURTWhoHOvY3ZHY6t6dlGexlS1TN
Cyed2+yzYKIBn827oUeX4IyWUuCnjGHzQo9DxfOIzAl7/ql098cD2bH66XzMi4Ne
nOsfpUU4m6FztB9ZvE147TnP6LkEeic9bUWGlLkMzj/XjuGZMXXGsTTwQhXxSxni
Pm2olXA1hX22LQ==
-----END CERTIFICATE-----