Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          YAsxdHS16jJHiaLlCTXuNQ+2GyruhFWBemwSq2iklrI=
Subject key identifier:   53:FA:33:3E:C8:ED:17:39:93:CC:03:D1:60:42:46:2A:9C:45:1D:20
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       019651C8FD6377D0F8184133A995AD9114E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          14F7
Signing time:             Sun 20 Apr 2025 06:00:48 +0000
Manifest this update:     Sun 20 Apr 2025 06:00:48 +0000
Manifest next update:     Mon 21 Apr 2025 06:00:48 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: DFo+Sws+Fi7K0UjDVIcUOr80gAN/bwtBzPgaCSX+5E0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 06:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:c8:fd:63:77:d0:f8:18:41:33:a9:95:ad:91:14:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Apr 20 06:00:48 2025 GMT
            Not After : Apr 21 06:00:48 2025 GMT
        Subject: CN=53fa333ec8ed173993cc03d16042462a9c451d20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ea:de:74:1e:78:74:d3:cf:5d:11:06:f9:f4:
                    c5:fa:fd:a5:c7:1a:51:fa:7d:01:96:3c:43:2b:38:
                    ca:e6:8d:6c:fc:78:11:89:e7:aa:a2:ab:48:87:ae:
                    6d:6a:47:32:47:f7:93:e3:2b:77:cd:11:12:12:dd:
                    60:4b:df:b2:ad:9d:60:c2:f4:bf:86:91:b7:0e:0a:
                    52:2b:db:30:18:9c:fe:8c:c6:b8:0a:a1:79:37:4e:
                    d0:6a:55:90:7a:bb:03:cf:6f:5d:a2:e2:78:09:87:
                    28:14:2e:11:15:dc:d6:96:28:59:dc:a2:7c:cd:9d:
                    79:1b:58:e8:59:57:d9:7d:c9:2b:9e:e2:e0:e4:72:
                    14:37:39:e7:50:0e:99:84:de:90:d4:bb:b9:93:4c:
                    cb:c1:18:9c:a1:96:d3:aa:53:47:9f:3e:9d:1e:cd:
                    af:d0:a0:53:86:3b:a0:33:30:bf:f0:40:6c:24:ef:
                    11:c7:28:96:fe:48:9d:55:01:34:cb:42:78:00:df:
                    0d:97:3b:5a:90:d5:a9:b1:f1:a5:ee:02:39:7a:25:
                    04:8c:de:2d:f2:6e:7b:83:c8:c4:ff:96:bb:48:7c:
                    83:c9:ec:ab:7a:dc:52:a7:df:34:cd:13:e4:8b:f6:
                    e6:29:26:58:90:50:74:b2:eb:ff:63:1b:e2:d8:2c:
                    2c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:FA:33:3E:C8:ED:17:39:93:CC:03:D1:60:42:46:2A:9C:45:1D:20
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:ec:68:5a:db:64:de:a7:ae:7d:89:b0:5b:f9:2e:13:a5:bb:
         e2:6c:89:0d:f7:b0:2c:62:8a:e7:8f:f9:1a:02:08:dc:5d:19:
         b6:5a:b4:cd:b8:40:3b:65:53:ae:06:36:49:ca:75:4d:3f:c1:
         49:63:29:97:8a:3c:73:bf:42:0b:6c:87:1e:cc:98:f1:34:47:
         5b:a9:18:62:be:8f:f6:9c:5b:b2:1c:76:31:e3:a7:ba:fc:3c:
         b4:5b:9e:4e:93:2c:e7:03:c3:0f:cd:a8:2c:09:8d:32:9c:27:
         fb:71:db:b2:5a:72:04:8b:76:12:7e:60:ea:5a:27:9f:eb:63:
         53:0c:3d:11:f9:69:85:3e:c5:94:d0:d6:2a:75:56:d7:9e:07:
         7e:c0:ac:f0:a6:c5:c6:00:a1:8e:b7:9c:be:ec:a3:45:ed:b7:
         09:17:4a:12:53:0a:a2:c2:17:2b:38:ea:3d:ef:ac:15:f8:ca:
         fe:41:07:d1:d8:16:5e:a2:88:cb:0b:22:e4:f6:9e:60:b3:29:
         98:c6:f0:00:99:ba:14:08:d3:15:9e:7f:d6:79:bf:97:0a:86:
         5c:19:70:0d:fb:d9:04:4c:4f:d8:08:8c:2d:82:f5:a5:f2:26:
         ec:50:26:ae:a2:62:15:e8:c8:55:4c:8a:2c:ed:a3:21:99:b9:
         54:04:42:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyP1jd9D4GEEzqZWtkRTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwNDIwMDYwMDQ4WhcNMjUwNDIxMDYwMDQ4WjAzMTEwLwYDVQQD
Eyg1M2ZhMzMzZWM4ZWQxNzM5OTNjYzAzZDE2MDQyNDYyYTljNDUxZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuredB54dNPPXREG+fTF+v2lxxpR
+n0BljxDKzjK5o1s/HgRieeqoqtIh65takcyR/eT4yt3zRESEt1gS9+yrZ1gwvS/
hpG3DgpSK9swGJz+jMa4CqF5N07QalWQersDz29douJ4CYcoFC4RFdzWlihZ3KJ8
zZ15G1joWVfZfckrnuLg5HIUNznnUA6ZhN6Q1Lu5k0zLwRicoZbTqlNHnz6dHs2v
0KBThjugMzC/8EBsJO8RxyiW/kidVQE0y0J4AN8NlztakNWpsfGl7gI5eiUEjN4t
8m57g8jE/5a7SHyDyeyretxSp980zRPki/bmKSZYkFB0suv/Yxvi2Cws6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFP6Mz7I7Rc5k8wD0WBCRiqcRR0gMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouxoWttk
3qeufYmwW/kuE6W74myJDfewLGKK54/5GgII3F0Ztlq0zbhAO2VTrgY2Scp1TT/B
SWMpl4o8c79CC2yHHsyY8TRHW6kYYr6P9pxbshx2MeOnuvw8tFueTpMs5wPDD82o
LAmNMpwn+3HbslpyBIt2En5g6lonn+tjUww9EflphT7FlNDWKnVW154HfsCs8KbF
xgChjrecvuyjRe23CRdKElMKosIXKzjqPe+sFfjK/kEH0dgWXqKIywsi5PaeYLMp
mMbwAJm6FAjTFZ5/1nm/lwqGXBlwDfvZBExP2AiMLYL1pfIm7FAmrqJiFejIVUyK
LO2jIZm5VARCAw==
-----END CERTIFICATE-----