Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          fhQO3opCpZOK3e9EwI4L3t5dBSrvBUbqzDb0Y/s1iIo=
Subject key identifier:   A9:28:E1:8B:31:EB:1F:72:9F:A1:65:44:38:F4:EC:C9:C5:CF:6C:A2
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       019511A2F83FB50D56BF16113EC585505520
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          13D6
Signing time:             Mon 17 Feb 2025 02:00:47 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:47 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:47 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: iEOq7/HvaiX+msPFe/nEJuA8c18qaOQP1Ukh1FHyYes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:f8:3f:b5:0d:56:bf:16:11:3e:c5:85:50:55:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: Feb 17 02:00:47 2025 GMT
            Not After : Feb 18 02:00:47 2025 GMT
        Subject: CN=a928e18b31eb1f729fa1654438f4ecc9c5cf6ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:83:c2:4a:30:0f:c7:bb:c6:cf:93:1a:f3:45:
                    2f:43:9f:24:e9:f0:85:8c:5f:be:bf:46:59:bf:46:
                    96:61:ac:57:a3:09:9f:01:d9:07:54:23:04:57:1e:
                    5e:bd:11:dc:06:c6:51:35:01:3f:4a:e7:e5:41:64:
                    5c:ba:6a:0f:76:3f:fb:84:6c:3f:f7:1b:3e:d7:48:
                    1c:65:bc:e4:4d:25:eb:25:ba:db:4b:91:27:ff:a1:
                    d7:d3:66:9c:6e:cb:6a:6f:0c:9b:28:7b:c0:58:d8:
                    52:c0:70:ac:ba:e7:e2:8c:17:d9:7a:ba:80:57:73:
                    3a:a5:63:db:09:31:40:65:7f:b8:9e:da:0e:27:c5:
                    19:09:99:cd:30:75:6d:e0:08:63:9c:51:c2:ff:8a:
                    57:78:87:73:18:aa:bc:57:5f:7a:72:d0:cd:b1:a2:
                    3e:84:e1:e3:39:87:d9:a5:6e:db:37:18:fe:3a:33:
                    00:6c:eb:08:57:d2:49:73:17:1d:5c:02:e0:d0:60:
                    8f:46:fd:91:56:0d:5e:46:0e:63:fc:c6:a3:1c:8a:
                    fa:5f:2a:09:3c:8f:df:74:a0:60:ce:35:1b:b8:3a:
                    63:5f:28:cb:96:67:dc:69:42:72:7d:b4:fa:de:a0:
                    f0:64:d0:31:72:ea:4d:32:54:79:d9:0a:b8:ad:44:
                    f5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:28:E1:8B:31:EB:1F:72:9F:A1:65:44:38:F4:EC:C9:C5:CF:6C:A2
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:31:4c:1b:05:90:64:19:f6:9a:2d:63:b4:14:22:dd:87:ee:
         a8:fc:8d:e9:ef:12:6f:75:3a:94:9e:fc:f6:0e:67:7d:94:f0:
         a1:0b:9f:30:1f:2f:35:08:db:e4:d9:2b:7d:0c:78:ed:ac:03:
         e8:75:40:17:35:7a:35:df:0d:2a:cd:5b:ba:e1:c6:62:11:95:
         ff:c3:25:c0:53:3f:2b:00:6a:52:80:f4:47:2b:df:72:78:a2:
         b9:e4:1b:a2:4d:91:7e:0d:8e:90:ff:93:32:17:4d:75:b1:76:
         78:ec:82:a1:bc:22:a7:82:ff:b4:a0:23:5f:27:35:3b:ee:05:
         52:d0:77:c0:7d:0f:f9:58:46:e9:b5:a7:07:b8:df:67:d0:03:
         c2:e4:ea:5c:68:b7:8c:98:28:ad:ff:a6:86:01:23:e4:a2:8a:
         e3:37:e8:81:1e:21:df:d4:5e:43:a0:52:fd:10:79:2d:ec:c0:
         23:52:e1:f1:a9:3d:6c:ce:88:83:5d:3b:78:f2:44:6c:03:49:
         3b:1d:11:b6:52:ca:7b:6a:cd:08:56:ca:d7:d8:fd:7d:06:f4:
         fb:60:43:dc:f2:95:60:39:92:d8:08:2e:98:1d:13:c9:74:61:
         a3:fe:e7:66:1e:eb:13:64:b5:34:71:47:f1:06:43:33:da:d5:
         28:c4:38:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURovg/tQ1WvxYRPsWFUFUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjUwMjE3MDIwMDQ3WhcNMjUwMjE4MDIwMDQ3WjAzMTEwLwYDVQQD
EyhhOTI4ZTE4YjMxZWIxZjcyOWZhMTY1NDQzOGY0ZWNjOWM1Y2Y2Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloPCSjAPx7vGz5Ma80UvQ58k6fCF
jF++v0ZZv0aWYaxXowmfAdkHVCMEVx5evRHcBsZRNQE/SuflQWRcumoPdj/7hGw/
9xs+10gcZbzkTSXrJbrbS5En/6HX02acbstqbwybKHvAWNhSwHCsuufijBfZerqA
V3M6pWPbCTFAZX+4ntoOJ8UZCZnNMHVt4AhjnFHC/4pXeIdzGKq8V196ctDNsaI+
hOHjOYfZpW7bNxj+OjMAbOsIV9JJcxcdXALg0GCPRv2RVg1eRg5j/MajHIr6XyoJ
PI/fdKBgzjUbuDpjXyjLlmfcaUJyfbT63qDwZNAxcupNMlR52Qq4rUT12QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKko4Ysx6x9yn6FlRDj07MnFz2yiMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnjFMGwWQ
ZBn2mi1jtBQi3YfuqPyN6e8Sb3U6lJ789g5nfZTwoQufMB8vNQjb5NkrfQx47awD
6HVAFzV6Nd8NKs1buuHGYhGV/8MlwFM/KwBqUoD0RyvfcniiueQbok2Rfg2OkP+T
MhdNdbF2eOyCobwip4L/tKAjXyc1O+4FUtB3wH0P+VhG6bWnB7jfZ9ADwuTqXGi3
jJgorf+mhgEj5KKK4zfogR4h39ReQ6BS/RB5LezAI1Lh8ak9bM6Ig107ePJEbANJ
Ox0RtlLKe2rNCFbK19j9fQb0+2BD3PKVYDmS2AgumB0TyXRho/7nZh7rE2S1NHFH
8QZDM9rVKMQ4Rw==
-----END CERTIFICATE-----