Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          EOvveds2OOKldUu59c5fYJ3kmyB7qTY8abmy7yxTkaM=
Subject key identifier:   05:1E:BC:BA:81:0F:BF:D9:06:B6:48:19:91:D8:7C:3C:53:45:BE:0A
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019651FFB1C4AE6FE339BB2405F79F30C508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          02A6
Signing time:             Sun 20 Apr 2025 07:00:33 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:33 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:33 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: vNf0DuwoC1l44bwqNXy8BbsijCjQ+6QQNx779fPabGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:b1:c4:ae:6f:e3:39:bb:24:05:f7:9f:30:c5:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Apr 20 07:00:33 2025 GMT
            Not After : Apr 21 07:00:33 2025 GMT
        Subject: CN=051ebcba810fbfd906b6481991d87c3c5345be0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:7d:ce:b4:f8:23:ed:23:a8:35:e5:2f:fd:65:
                    63:4e:ea:76:7d:ae:94:f2:c3:cc:f2:a0:93:44:9b:
                    78:f6:17:b1:aa:f2:a8:c8:78:2e:93:1c:eb:12:90:
                    c0:81:28:20:e2:e8:b8:59:7d:18:b1:f6:19:1c:03:
                    9a:4d:0a:21:e8:6f:e8:65:81:95:63:fd:32:ca:50:
                    74:49:7a:00:d8:ab:0a:48:d7:27:8a:57:71:fe:6f:
                    af:7d:8e:98:cc:b1:72:dd:04:db:1a:08:6e:be:72:
                    5c:b4:ba:a2:bc:48:40:6c:4d:51:28:63:ae:f3:bd:
                    50:b9:83:ca:c3:63:ab:39:a3:2c:b3:26:c4:b9:0f:
                    86:4c:1f:cd:b2:f3:95:50:5f:ef:90:59:ee:47:ef:
                    d4:5a:37:6e:8f:b6:aa:5f:18:8a:0a:4d:4d:5c:26:
                    33:0b:a4:81:49:08:a3:8c:99:26:a8:29:dc:53:ad:
                    df:71:e1:61:4c:98:24:dd:08:c0:cd:1e:a0:8f:85:
                    0e:5c:c0:b8:93:b2:e7:f8:63:af:f3:b3:f2:02:51:
                    b2:c4:6c:ba:d3:e3:6e:36:44:ec:39:60:23:15:35:
                    6a:4c:34:c2:39:c6:23:96:29:c6:b1:3d:bb:23:38:
                    6c:45:10:8e:b7:00:fb:5b:0d:42:c8:ab:58:0d:95:
                    85:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:1E:BC:BA:81:0F:BF:D9:06:B6:48:19:91:D8:7C:3C:53:45:BE:0A
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:72:78:25:c0:f9:b7:c0:92:cf:9c:31:28:8e:98:b5:2f:f1:
         25:5b:9e:60:cb:34:6f:0f:4b:87:69:db:3d:d1:4b:44:da:ce:
         52:20:18:84:0f:d2:cd:1f:d3:51:7d:ce:0b:ad:fc:90:9d:4b:
         d9:66:ec:b9:f5:4f:8f:cc:74:2f:74:83:aa:27:3b:d6:da:42:
         88:6d:2f:76:42:a3:cd:dd:cd:45:d6:4f:cd:b3:dd:7d:f4:e4:
         41:c9:2d:78:8d:86:c4:e0:aa:69:37:0c:9a:fc:dd:e4:04:23:
         66:f2:3e:5e:0d:c6:63:03:19:2c:79:50:e6:e9:e9:8e:63:ca:
         b9:f8:01:ff:47:52:fa:78:f1:4b:14:f8:7f:01:bc:bc:76:a0:
         4a:36:ed:a0:ba:f4:93:9b:1c:2e:74:eb:f4:be:50:ba:c0:bd:
         df:fe:08:44:cd:18:46:13:e8:19:35:b6:ce:d1:78:8e:6e:5a:
         ad:7c:ab:e2:9b:b7:d0:0b:f9:29:91:f8:ba:0d:54:6d:58:ae:
         2f:48:90:e9:b8:6b:bc:f6:3c:d4:ab:97:08:3e:d6:e0:c6:ef:
         42:9b:e9:e5:45:47:b3:c4:24:b5:fb:4c:61:ae:1f:f1:d7:f7:
         2b:b8:db:e9:0b:de:91:54:7a:9a:1b:e8:2a:d9:3b:8a:40:bf:
         a7:c3:63:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR/7HErm/jObskBfefMMUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjUwNDIwMDcwMDMzWhcNMjUwNDIxMDcwMDMzWjAzMTEwLwYDVQQD
EygwNTFlYmNiYTgxMGZiZmQ5MDZiNjQ4MTk5MWQ4N2MzYzUzNDViZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn3OtPgj7SOoNeUv/WVjTup2fa6U
8sPM8qCTRJt49hexqvKoyHgukxzrEpDAgSgg4ui4WX0YsfYZHAOaTQoh6G/oZYGV
Y/0yylB0SXoA2KsKSNcnildx/m+vfY6YzLFy3QTbGghuvnJctLqivEhAbE1RKGOu
871QuYPKw2OrOaMssybEuQ+GTB/NsvOVUF/vkFnuR+/UWjduj7aqXxiKCk1NXCYz
C6SBSQijjJkmqCncU63fceFhTJgk3QjAzR6gj4UOXMC4k7Ln+GOv87PyAlGyxGy6
0+NuNkTsOWAjFTVqTDTCOcYjlinGsT27IzhsRRCOtwD7Ww1CyKtYDZWFPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUevLqBD7/ZBrZIGZHYfDxTRb4KMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlHJ4JcD5
t8CSz5wxKI6YtS/xJVueYMs0bw9Lh2nbPdFLRNrOUiAYhA/SzR/TUX3OC638kJ1L
2WbsufVPj8x0L3SDqic71tpCiG0vdkKjzd3NRdZPzbPdffTkQckteI2GxOCqaTcM
mvzd5AQjZvI+Xg3GYwMZLHlQ5unpjmPKufgB/0dS+njxSxT4fwG8vHagSjbtoLr0
k5scLnTr9L5QusC93/4IRM0YRhPoGTW2ztF4jm5arXyr4pu30Av5KZH4ug1UbViu
L0iQ6bhrvPY81KuXCD7W4MbvQpvp5UVHs8QktftMYa4f8df3K7jb6QvekVR6mhvo
Ktk7ikC/p8NjnA==
-----END CERTIFICATE-----