Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File:                     n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier:          xmJiuo8LPILRnKSoF3PZSE78DERrY4ovIwcc4FoQkaE=
Subject key identifier:   92:D3:FD:BA:47:88:99:E8:F1:C4:22:38:29:36:C6:42:E8:A5:FF:50
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer:       /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial:       01964B90902E46E19ABBAD133BB3F34B38CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number:          0ED3
Signing time:             Sat 19 Apr 2025 01:01:27 +0000
Manifest this update:     Sat 19 Apr 2025 01:01:27 +0000
Manifest next update:     Sun 20 Apr 2025 01:01:27 +0000
Files and hashes:         1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: qVlUx08hY38iX8/Du9o52mx8FpF8b81mTxCgEERidZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4b:90:90:2e:46:e1:9a:bb:ad:13:3b:b3:f3:4b:38:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
        Validity
            Not Before: Apr 19 01:01:27 2025 GMT
            Not After : Apr 20 01:01:27 2025 GMT
        Subject: CN=92d3fdba478899e8f1c422382936c642e8a5ff50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8b:29:fd:4f:a4:56:e1:54:e4:90:8b:7c:78:
                    d3:62:83:15:f7:76:0b:58:18:34:f0:b6:2d:fa:2b:
                    e4:0a:18:9c:91:df:85:cb:76:53:66:56:a4:53:4e:
                    47:a7:a3:4a:6f:e7:fb:1f:46:62:5f:14:85:68:6f:
                    ff:39:68:40:23:ea:aa:2f:4d:88:34:2f:30:56:70:
                    78:9e:07:cc:95:ea:6c:e9:58:8c:49:7b:8f:46:4c:
                    69:66:75:a3:e6:72:76:e3:1f:4b:e4:eb:70:0a:99:
                    44:af:47:c8:82:a3:99:82:f1:21:b1:aa:b0:9e:74:
                    b3:44:f2:39:52:ec:8b:b6:46:c3:12:46:e4:1e:5c:
                    42:0c:87:3a:63:2e:2f:34:d1:fd:a9:c8:3d:55:4c:
                    56:e9:3a:87:2d:b2:6d:d1:73:86:46:b3:7c:6f:e6:
                    e7:be:04:38:52:68:90:14:6a:00:f8:0b:ec:20:8b:
                    2f:1a:c8:7b:77:2d:99:fd:66:0e:6d:8e:68:71:8f:
                    b1:23:30:3c:c2:31:d1:51:51:36:11:38:5d:6c:c3:
                    5a:1a:05:ef:e9:17:e1:e8:32:32:32:5b:1b:39:a3:
                    f0:d2:c7:4e:46:95:a5:a7:2e:1a:1f:4b:14:9f:c7:
                    f5:dc:43:e9:7f:8b:ca:56:36:31:13:ef:a9:79:ca:
                    fc:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:D3:FD:BA:47:88:99:E8:F1:C4:22:38:29:36:C6:42:E8:A5:FF:50
            X509v3 Authority Key Identifier:
                keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:c3:1c:48:69:74:3c:6c:7d:06:9c:82:4f:52:a8:12:8f:46:
         fc:af:0a:f6:c0:2d:f1:e6:69:83:8b:76:28:c2:58:19:2c:71:
         2f:d3:17:0f:3e:75:10:42:b2:93:30:99:09:de:f8:05:92:1f:
         aa:1c:d2:b3:35:be:05:e9:1e:c8:2d:5a:96:59:3c:26:bc:07:
         c3:a0:e7:81:a2:e2:46:81:ba:74:89:e1:9b:c0:60:e9:00:f4:
         d2:57:cf:08:7f:2f:17:11:a3:8e:52:75:73:c5:b7:30:d4:2f:
         2e:35:f9:51:14:77:8f:05:b2:9a:9c:39:bd:35:3f:58:94:8a:
         0b:16:15:31:25:3c:53:f6:05:b3:6c:b2:18:af:19:1a:c4:b7:
         05:91:f1:0e:43:a4:34:b2:61:af:b1:36:81:b2:31:19:1d:47:
         8d:fa:a9:aa:2c:11:fa:ea:3c:4e:24:e6:8a:de:f3:43:d4:cf:
         7a:86:47:a7:b9:dd:69:60:d6:14:2b:1f:c7:a0:71:78:8b:37:
         2a:96:9c:88:e5:bc:f8:25:80:b5:4b:a5:0c:fb:aa:60:a2:f7:
         3a:97:da:b9:93:12:08:44:3a:e8:05:b9:c0:7a:30:fe:68:49:
         ee:9a:d9:19:59:4b:49:db:2b:64:d3:bc:8f:6d:d0:d8:57:26:
         c8:e9:10:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZLkJAuRuGau60TO7PzSzjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjUwNDE5MDEwMTI3WhcNMjUwNDIwMDEwMTI3WjAzMTEwLwYDVQQD
Eyg5MmQzZmRiYTQ3ODg5OWU4ZjFjNDIyMzgyOTM2YzY0MmU4YTVmZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIsp/U+kVuFU5JCLfHjTYoMV93YL
WBg08LYt+ivkChickd+Fy3ZTZlakU05Hp6NKb+f7H0ZiXxSFaG//OWhAI+qqL02I
NC8wVnB4ngfMleps6ViMSXuPRkxpZnWj5nJ24x9L5OtwCplEr0fIgqOZgvEhsaqw
nnSzRPI5UuyLtkbDEkbkHlxCDIc6Yy4vNNH9qcg9VUxW6TqHLbJt0XOGRrN8b+bn
vgQ4UmiQFGoA+AvsIIsvGsh7dy2Z/WYObY5ocY+xIzA8wjHRUVE2EThdbMNaGgXv
6Rfh6DIyMlsbOaPw0sdORpWlpy4aH0sUn8f13EPpf4vKVjYxE++pecr8ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLT/bpHiJno8cQiOCk2xkLopf9QMB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMMcSGl0
PGx9BpyCT1KoEo9G/K8K9sAt8eZpg4t2KMJYGSxxL9MXDz51EEKykzCZCd74BZIf
qhzSszW+BekeyC1allk8JrwHw6DngaLiRoG6dInhm8Bg6QD00lfPCH8vFxGjjlJ1
c8W3MNQvLjX5URR3jwWympw5vTU/WJSKCxYVMSU8U/YFs2yyGK8ZGsS3BZHxDkOk
NLJhr7E2gbIxGR1HjfqpqiwR+uo8TiTmit7zQ9TPeoZHp7ndaWDWFCsfx6BxeIs3
KpaciOW8+CWAtUulDPuqYKL3OpfauZMSCEQ66AW5wHow/mhJ7prZGVlLSdsrZNO8
j23Q2FcmyOkQBA==
-----END CERTIFICATE-----