Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          8iWVO8v2ITpo73YUMofNw4t9A2O3a1qrjwIQpqsGq4o=
Subject key identifier:   BE:29:77:9C:57:53:35:54:B5:4B:29:1B:B7:91:B1:75:09:67:FD:27
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       019655387951ED8A0C315D554131FC40E7B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 22:01:26 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:26 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:26 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: PgX24QXGYQwHErhDeZvbBjLB1pggciwL2WJQDu6Iyv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:79:51:ed:8a:0c:31:5d:55:41:31:fc:40:e7:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Apr 20 22:01:26 2025 GMT
            Not After : Apr 21 22:01:26 2025 GMT
        Subject: CN=be29779c57533554b54b291bb791b1750967fd27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6a:ad:6d:01:ad:a4:07:f0:78:aa:6f:62:de:
                    41:16:91:fb:71:3a:17:b4:61:06:18:b2:03:c2:83:
                    74:86:ea:0f:21:e1:74:10:b3:fe:de:23:a8:96:90:
                    71:02:63:84:f1:20:c8:d3:f1:6b:99:00:7d:a4:ae:
                    97:77:85:4c:e2:e4:02:c7:58:f7:8a:51:bf:3f:c5:
                    27:5b:ef:f5:c5:43:4a:2e:7b:97:f1:c4:8e:ad:c7:
                    a1:d2:5f:18:95:5d:dd:fb:54:e9:97:3f:0b:6c:d5:
                    50:df:bd:97:c4:2b:76:28:d0:e4:f1:9c:a7:1a:fd:
                    f8:cc:6e:2c:3e:14:62:8d:88:52:01:67:8e:19:1f:
                    79:0f:39:9e:07:28:62:ca:b6:8c:ab:ad:fd:da:78:
                    ee:f3:4c:d0:95:c6:33:ee:80:8f:9b:25:80:55:3b:
                    9c:56:a8:83:54:7e:69:33:d7:77:ec:3a:a4:e6:52:
                    6c:bf:be:46:20:8c:98:fb:09:a3:6e:f8:09:36:09:
                    6e:ff:5a:69:6e:66:b3:7c:68:fa:5f:51:e5:7d:2b:
                    fd:9f:87:e4:9b:e3:8a:3b:02:2d:9f:8d:fe:54:c7:
                    1b:45:32:97:a7:7f:12:48:7b:71:2d:d7:70:1c:c2:
                    37:b4:93:e5:03:e0:84:53:28:ce:95:94:a6:60:3f:
                    5b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:29:77:9C:57:53:35:54:B5:4B:29:1B:B7:91:B1:75:09:67:FD:27
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:2e:3a:03:a0:93:1e:92:a5:bf:fe:f4:c7:1d:9c:ae:c7:de:
         93:1d:f6:e4:73:b1:2d:08:f1:bd:27:52:c1:84:78:72:b8:03:
         5b:41:5a:78:e0:44:6d:19:bc:0b:9a:39:4b:82:bb:80:be:a9:
         c4:cc:a3:aa:77:75:49:e2:09:bc:37:26:bc:74:1a:4e:b5:7b:
         7d:30:ec:07:bb:66:72:f3:ae:a0:24:5b:11:13:82:b5:20:9f:
         cc:89:0f:a3:a7:ed:1e:87:1c:d2:5f:b7:d2:22:c4:27:73:5b:
         c6:81:b3:55:f4:68:9b:45:7a:cd:67:9b:4a:57:5f:8a:ed:10:
         d9:d6:66:7f:11:d7:da:7e:07:6c:ef:99:86:29:55:e0:f4:19:
         16:4a:0b:bd:df:98:82:4a:8c:67:eb:87:43:8d:cd:fe:4d:84:
         76:05:ec:9a:71:55:22:3a:3f:d8:04:f6:13:e5:92:77:68:7d:
         37:c9:38:69:aa:62:c0:d5:cc:c3:db:1c:74:7b:24:9e:a3:2e:
         b3:93:04:ed:83:66:e5:fc:18:ae:c7:ab:b5:66:6f:fa:82:90:
         4f:5f:6d:00:11:c6:86:93:81:dd:e1:aa:87:80:b2:d4:40:4a:
         61:e0:22:e9:e1:79:b8:c2:e6:58:ca:cf:03:ac:57:b3:b2:86:
         0d:d3:73:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOHlR7YoMMV1VQTH8QOeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUwNDIwMjIwMTI2WhcNMjUwNDIxMjIwMTI2WjAzMTEwLwYDVQQD
EyhiZTI5Nzc5YzU3NTMzNTU0YjU0YjI5MWJiNzkxYjE3NTA5NjdmZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWqtbQGtpAfweKpvYt5BFpH7cToX
tGEGGLIDwoN0huoPIeF0ELP+3iOolpBxAmOE8SDI0/FrmQB9pK6Xd4VM4uQCx1j3
ilG/P8UnW+/1xUNKLnuX8cSOrceh0l8YlV3d+1Tplz8LbNVQ372XxCt2KNDk8Zyn
Gv34zG4sPhRijYhSAWeOGR95DzmeByhiyraMq6392nju80zQlcYz7oCPmyWAVTuc
VqiDVH5pM9d37Dqk5lJsv75GIIyY+wmjbvgJNglu/1ppbmazfGj6X1HlfSv9n4fk
m+OKOwItn43+VMcbRTKXp38SSHtxLddwHMI3tJPlA+CEUyjOlZSmYD9bUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4pd5xXUzVUtUspG7eRsXUJZ/0nMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMS46A6CT
HpKlv/70xx2crsfekx325HOxLQjxvSdSwYR4crgDW0FaeOBEbRm8C5o5S4K7gL6p
xMyjqnd1SeIJvDcmvHQaTrV7fTDsB7tmcvOuoCRbEROCtSCfzIkPo6ftHocc0l+3
0iLEJ3NbxoGzVfRom0V6zWebSldfiu0Q2dZmfxHX2n4HbO+ZhilV4PQZFkoLvd+Y
gkqMZ+uHQ43N/k2EdgXsmnFVIjo/2AT2E+WSd2h9N8k4aapiwNXMw9scdHsknqMu
s5ME7YNm5fwYrsertWZv+oKQT19tABHGhpOB3eGqh4Cy1EBKYeAi6eF5uMLmWMrP
A6xXs7KGDdNzPg==
-----END CERTIFICATE-----