Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          NangtdrkdJ5EiHaeh91+JqKGIHcsrC0UU1VRaffcDPU=
Subject key identifier:   E8:AA:F4:C9:8E:F3:AB:75:BD:87:CB:1D:A4:64:4F:13:7E:40:DE:4B
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       0194C3874D13BBFE5FCD355ADC066D90C12D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:11 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:11 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:11 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: Kzyka643z7qUT+GOb3ha8JEzpHgkQsBsHd9LlbLjFFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:4d:13:bb:fe:5f:cd:35:5a:dc:06:6d:90:c1:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Feb  1 22:00:11 2025 GMT
            Not After : Feb  2 22:00:11 2025 GMT
        Subject: CN=e8aaf4c98ef3ab75bd87cb1da4644f137e40de4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cb:32:a9:f0:8f:86:90:82:44:ac:1e:7d:66:
                    e0:32:2b:38:d1:ca:51:14:db:30:97:3c:bf:bc:bb:
                    98:ac:41:9c:91:f6:bd:ac:ae:c2:08:8b:38:fe:05:
                    d1:a3:2d:4d:79:d3:3f:b6:c9:eb:40:4f:de:e3:0a:
                    5d:cc:a2:13:98:8a:24:48:0a:bc:c0:b1:fa:25:11:
                    ff:f3:f9:72:ae:46:6e:23:4b:c2:73:70:bb:9e:86:
                    80:2f:e0:4c:de:68:e3:d0:2e:c5:7c:ae:c5:8e:70:
                    50:8d:7d:e7:b6:26:55:56:87:f9:9d:c0:90:0e:ee:
                    53:b4:a0:c6:a6:f3:29:a7:53:13:34:99:86:fd:10:
                    78:c0:d0:7f:43:d9:fa:6c:ea:1f:ef:0a:f5:31:ee:
                    c4:42:39:2e:39:6d:c7:ea:7d:c1:a4:96:7c:a3:6e:
                    97:9e:3a:fc:20:c4:3b:8a:b1:d6:a6:86:6d:cb:48:
                    79:0c:fb:ca:21:a2:9a:2a:df:e6:4f:d2:67:6c:4d:
                    a0:d8:62:35:cf:e6:5f:6c:19:da:53:78:76:ec:55:
                    34:82:e4:98:dc:e5:a5:f1:6d:b2:08:30:a4:a2:a2:
                    f7:28:16:fe:cd:ba:c8:b3:d1:98:03:dd:b6:2f:fd:
                    9f:a7:cf:be:74:07:e1:77:a2:53:00:61:8e:18:d1:
                    ed:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:AA:F4:C9:8E:F3:AB:75:BD:87:CB:1D:A4:64:4F:13:7E:40:DE:4B
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:05:79:d4:83:16:26:23:e4:2b:76:5b:89:7d:5f:c6:07:d8:
         71:5f:87:e3:73:93:81:5f:c2:9a:37:b0:95:df:22:47:6a:df:
         78:82:3c:fa:fe:25:89:90:14:f9:ee:9b:f3:a0:08:93:1f:12:
         a6:58:2d:4d:11:a2:9b:ea:14:2d:6b:3e:e3:06:50:ad:52:96:
         18:7f:6d:62:cf:36:bf:c5:65:c9:ef:af:7e:f2:bc:6e:ef:f2:
         56:a7:8f:cf:dc:73:66:f0:03:ee:2a:ae:a3:18:a3:ce:7b:9a:
         35:68:21:07:d7:f6:7b:ae:cf:95:87:c3:e2:08:d4:60:68:d4:
         0a:92:4b:c8:c4:38:bd:4e:d8:1a:e6:f6:bb:d9:c0:e0:16:f4:
         97:a9:c5:e4:07:c6:a5:f7:ee:0f:af:42:cd:05:19:92:b6:ff:
         df:65:7e:bb:db:b7:08:fb:aa:af:0f:d5:66:fc:e7:6c:1e:8a:
         b3:dd:48:bd:e5:d1:22:30:56:2a:47:84:d6:1a:f0:dd:16:bb:
         39:3f:75:37:7d:de:b5:1e:f4:c9:a5:41:8c:fa:1e:a8:58:e4:
         af:f4:f2:f9:56:c8:0a:b3:e6:1f:28:eb:63:3e:66:4f:79:d9:
         49:6a:9d:03:cd:44:75:8d:0d:4f:41:20:28:e9:08:02:fc:7d:
         b7:71:cc:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh00Tu/5fzTVa3AZtkMEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjUwMjAxMjIwMDExWhcNMjUwMjAyMjIwMDExWjAzMTEwLwYDVQQD
EyhlOGFhZjRjOThlZjNhYjc1YmQ4N2NiMWRhNDY0NGYxMzdlNDBkZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlssyqfCPhpCCRKwefWbgMis40cpR
FNswlzy/vLuYrEGckfa9rK7CCIs4/gXRoy1NedM/tsnrQE/e4wpdzKITmIokSAq8
wLH6JRH/8/lyrkZuI0vCc3C7noaAL+BM3mjj0C7FfK7FjnBQjX3ntiZVVof5ncCQ
Du5TtKDGpvMpp1MTNJmG/RB4wNB/Q9n6bOof7wr1Me7EQjkuOW3H6n3BpJZ8o26X
njr8IMQ7irHWpoZty0h5DPvKIaKaKt/mT9JnbE2g2GI1z+ZfbBnaU3h27FU0guSY
3OWl8W2yCDCkoqL3KBb+zbrIs9GYA922L/2fp8++dAfhd6JTAGGOGNHtowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiq9MmO86t1vYfLHaRkTxN+QN5LMB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwV51IMW
JiPkK3ZbiX1fxgfYcV+H43OTgV/Cmjewld8iR2rfeII8+v4liZAU+e6b86AIkx8S
plgtTRGim+oULWs+4wZQrVKWGH9tYs82v8Vlye+vfvK8bu/yVqePz9xzZvAD7iqu
oxijznuaNWghB9f2e67PlYfD4gjUYGjUCpJLyMQ4vU7YGub2u9nA4Bb0l6nF5AfG
pffuD69CzQUZkrb/32V+u9u3CPuqrw/VZvznbB6Ks91IveXRIjBWKkeE1hrw3Ra7
OT91N33etR70yaVBjPoeqFjkr/Ty+VbICrPmHyjrYz5mT3nZSWqdA81EdY0NT0Eg
KOkIAvx9t3HMKQ==
-----END CERTIFICATE-----