Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          PTgXzCuXyP4AordRZQA+l2V6MbUcKeo5W2YwuDu3reg=
Subject key identifier:   32:CD:15:E2:65:C3:87:D4:30:3F:16:3E:AD:76:6F:D4:E3:79:43:35
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       0196526D478B7849040C6823E376C7C3F4B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          14F8
Signing time:             Sun 20 Apr 2025 09:00:15 +0000
Manifest this update:     Sun 20 Apr 2025 09:00:15 +0000
Manifest next update:     Mon 21 Apr 2025 09:00:15 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: 9FghBLEVGWwYOLHNfXz17jSOAuxZI1YSR4ScUlpsRp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:6d:47:8b:78:49:04:0c:68:23:e3:76:c7:c3:f4:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Apr 20 09:00:15 2025 GMT
            Not After : Apr 21 09:00:15 2025 GMT
        Subject: CN=32cd15e265c387d4303f163ead766fd4e3794335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:51:ef:56:18:d7:3d:7a:7e:c5:80:92:83:b1:
                    79:37:81:97:24:a6:a8:1e:38:d4:5d:28:fb:40:9c:
                    78:cc:c0:c4:bd:4e:31:4f:42:a9:e7:57:36:bb:0d:
                    d4:31:47:10:da:51:f9:ec:6a:d7:1e:3b:80:de:c1:
                    59:b4:14:16:6a:22:d7:f9:66:85:b7:60:b5:eb:6a:
                    7c:fd:6a:56:5a:bd:2e:58:77:1e:a0:d2:ba:f5:31:
                    bf:e6:da:ac:c7:35:28:9b:c1:05:48:c6:46:af:6d:
                    0b:53:dd:fc:40:f1:35:13:73:1e:dc:49:4c:f2:fd:
                    eb:5e:b7:b2:8c:53:95:8e:69:01:b2:8f:d6:e2:4d:
                    5a:a5:6a:68:b6:f9:5f:be:a2:05:25:19:7a:c0:59:
                    e6:ca:e1:5e:87:36:45:df:12:e2:59:bc:dd:b6:cc:
                    6e:4f:72:78:f0:ee:28:44:b1:82:c2:15:6a:90:1f:
                    08:92:c8:0d:c7:65:d6:f4:88:6d:be:0c:40:bf:9f:
                    c2:e2:f1:ad:c7:c0:94:20:22:a3:b7:4c:ce:b8:0b:
                    98:4e:9c:81:71:e8:21:6b:24:2f:47:ab:41:3c:02:
                    7b:5a:0f:f5:ca:d6:c0:48:89:f1:b6:fe:f4:2a:a7:
                    f4:e3:3f:fe:03:16:bc:17:8a:1c:9e:fa:da:40:65:
                    67:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CD:15:E2:65:C3:87:D4:30:3F:16:3E:AD:76:6F:D4:E3:79:43:35
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:89:57:9b:7c:42:d8:3e:8e:e3:48:01:f4:cf:26:04:6d:93:
         2f:ee:2a:99:9c:f8:4f:e8:b3:7b:f1:da:f5:07:3a:fa:09:1b:
         c0:df:44:22:d5:9a:62:96:8e:21:f8:dd:60:08:a9:2d:34:e7:
         45:09:94:e3:bb:4b:fe:3b:ee:ab:ba:a9:ca:8d:5c:a0:84:ca:
         12:33:4c:92:89:8f:dd:e8:f5:ba:61:ed:7b:b0:d1:41:b5:ae:
         78:fc:3c:91:64:d5:ec:78:f8:1d:7a:52:a5:69:e3:d0:ae:0c:
         47:c5:61:90:d8:78:b0:b4:87:03:23:de:41:0d:c7:78:59:04:
         d3:b5:f6:6a:e7:4f:ba:ff:67:e1:ee:d9:17:df:09:a2:2f:6f:
         e4:35:1b:e8:78:77:07:99:33:ea:d6:e6:f9:26:45:81:d5:85:
         1f:e9:c6:54:49:b7:bc:60:55:77:66:fb:be:44:fa:6a:d9:a9:
         47:db:a5:e9:f8:4f:b8:1e:86:40:e3:24:39:a5:95:08:e9:ff:
         7f:99:98:45:2e:2d:79:42:59:11:c4:d6:23:8c:1d:05:25:c7:
         21:2e:56:ab:24:59:ec:80:1e:60:18:e4:07:bb:f7:71:82:0a:
         73:0b:5f:6d:92:17:8a:6e:7c:7d:03:7d:c2:0e:73:aa:17:57:
         cf:45:25:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSbUeLeEkEDGgj43bHw/S1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjUwNDIwMDkwMDE1WhcNMjUwNDIxMDkwMDE1WjAzMTEwLwYDVQQD
EygzMmNkMTVlMjY1YzM4N2Q0MzAzZjE2M2VhZDc2NmZkNGUzNzk0MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1HvVhjXPXp+xYCSg7F5N4GXJKao
HjjUXSj7QJx4zMDEvU4xT0Kp51c2uw3UMUcQ2lH57GrXHjuA3sFZtBQWaiLX+WaF
t2C162p8/WpWWr0uWHceoNK69TG/5tqsxzUom8EFSMZGr20LU938QPE1E3Me3ElM
8v3rXreyjFOVjmkBso/W4k1apWpotvlfvqIFJRl6wFnmyuFehzZF3xLiWbzdtsxu
T3J48O4oRLGCwhVqkB8IksgNx2XW9IhtvgxAv5/C4vGtx8CUICKjt0zOuAuYTpyB
ceghayQvR6tBPAJ7Wg/1ytbASInxtv70Kqf04z/+Axa8F4ocnvraQGVnkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLNFeJlw4fUMD8WPq12b9TjeUM1MB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIlXm3xC
2D6O40gB9M8mBG2TL+4qmZz4T+ize/Ha9Qc6+gkbwN9EItWaYpaOIfjdYAipLTTn
RQmU47tL/jvuq7qpyo1coITKEjNMkomP3ej1umHte7DRQbWuePw8kWTV7Hj4HXpS
pWnj0K4MR8VhkNh4sLSHAyPeQQ3HeFkE07X2audPuv9n4e7ZF98Joi9v5DUb6Hh3
B5kz6tbm+SZFgdWFH+nGVEm3vGBVd2b7vkT6atmpR9ul6fhPuB6GQOMkOaWVCOn/
f5mYRS4teUJZEcTWI4wdBSXHIS5WqyRZ7IAeYBjkB7v3cYIKcwtfbZIXim58fQN9
wg5zqhdXz0UlTw==
-----END CERTIFICATE-----