Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
File:                     XhG23vM9-aR3sofFIN7ExPYLOo8.mft (raw, json)
Hash identifier:          XM34GBtL07FOhaJ+zpZxCE7JGFfh6pimk+Ya1ULyIEo=
Subject key identifier:   29:89:B6:45:00:90:4B:8B:D6:18:70:6B:0A:40:1B:69:0B:F9:5A:A6
Authority key identifier: 5E:11:B6:DE:F3:3D:F9:A4:77:B2:87:C5:20:DE:C4:C4:F6:0B:3A:8F
Certificate issuer:       /CN=5e11b6def33df9a477b287c520dec4c4f60b3a8f
Certificate serial:       019510C7A6A36A113A555CC7CB062203C8D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
Manifest number:          0982
Signing time:             Sun 16 Feb 2025 22:01:14 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:14 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:14 +0000
Files and hashes:         1: XhG23vM9-aR3sofFIN7ExPYLOo8.crl (hash: 34lPZosPS662qVN2uX4PnWwGM2UeAwZeBBAUhQEdATo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:a6:a3:6a:11:3a:55:5c:c7:cb:06:22:03:c8:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e11b6def33df9a477b287c520dec4c4f60b3a8f
        Validity
            Not Before: Feb 16 22:01:14 2025 GMT
            Not After : Feb 17 22:01:14 2025 GMT
        Subject: CN=2989b64500904b8bd618706b0a401b690bf95aa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:87:98:d1:05:c0:3a:7e:98:7d:bc:8f:c2:3f:
                    59:7b:05:a0:0d:2f:c7:c8:68:77:4c:74:a2:2d:29:
                    5a:b6:e5:00:dc:56:1b:29:9a:f6:df:f9:f4:fc:ce:
                    35:e2:f5:aa:0c:f3:9f:d7:1c:7d:8f:a5:d7:29:73:
                    37:cf:6e:8d:53:bc:b0:73:79:7b:a4:b6:77:1d:45:
                    24:3b:92:e5:9f:33:0c:bd:68:fc:b4:73:2b:4a:6d:
                    6e:b8:64:57:23:30:91:00:8b:d3:fc:77:40:b8:91:
                    67:e1:c2:5b:c6:0f:c5:04:31:45:30:24:cd:c3:92:
                    4a:7b:b8:c7:bc:23:d4:fd:50:9a:67:08:3c:45:54:
                    ab:de:22:20:e7:27:69:38:2c:06:1b:4d:14:e2:2b:
                    db:e6:5b:c7:b1:6a:63:4f:f9:de:a0:57:a9:58:d6:
                    37:0e:00:19:5f:50:14:d7:4f:b2:6d:d2:8d:72:c6:
                    e8:37:8a:b1:a2:f2:05:56:e9:f6:d2:30:b3:63:15:
                    69:21:5a:e9:e8:06:e5:e2:0e:d4:1a:82:0d:a0:d6:
                    3f:e2:27:50:11:41:86:54:60:96:95:68:bd:01:e4:
                    60:f8:66:ab:99:a3:58:21:73:01:9f:84:d9:0b:70:
                    fa:35:c4:19:0a:45:3c:f0:db:9d:d7:8f:2a:a4:5a:
                    1a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:89:B6:45:00:90:4B:8B:D6:18:70:6B:0A:40:1B:69:0B:F9:5A:A6
            X509v3 Authority Key Identifier:
                keyid:5E:11:B6:DE:F3:3D:F9:A4:77:B2:87:C5:20:DE:C4:C4:F6:0B:3A:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XhG23vM9-aR3sofFIN7ExPYLOo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c28c37-f7ea-4886-8ea8-40cf3e01f06f/1/XhG23vM9-aR3sofFIN7ExPYLOo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:81:27:3d:9d:6f:67:8a:d8:12:67:53:0b:c5:c6:39:f4:6f:
         81:81:46:47:c6:f1:1f:e0:07:33:31:af:fe:48:4b:08:87:6e:
         37:29:dc:b2:ef:8f:09:60:06:ad:a8:b1:89:a7:87:17:3a:e3:
         05:b1:cc:5c:85:2c:2c:13:45:92:c6:3e:f1:ed:12:11:84:47:
         c1:45:f2:fd:c2:4f:9b:02:b3:7c:0a:ca:13:9b:7b:b6:41:2a:
         73:2b:7e:57:d9:de:41:d0:e5:53:c4:22:98:bc:17:09:4b:55:
         36:a5:94:09:d2:89:3a:23:d4:a5:9b:58:22:8f:6f:74:de:38:
         74:2c:86:92:ad:c4:19:8e:dd:88:ca:09:76:15:37:c5:ac:28:
         09:0f:e3:51:51:38:80:83:65:ba:72:b0:79:39:1f:9e:e5:c9:
         a9:ee:8d:28:1e:0b:79:7b:cd:e7:e6:e5:42:79:c5:fe:6d:45:
         ab:2b:3c:b2:97:58:19:5a:aa:22:0d:1f:71:c5:0c:fa:f9:81:
         96:57:a4:87:95:2d:86:06:c7:63:5b:dc:f8:aa:dc:c1:47:33:
         f9:2a:29:0f:7b:a2:eb:d0:45:3e:50:d8:39:99:d6:65:da:22:
         54:e8:ff:5f:1e:8e:25:62:68:ef:2d:59:55:bf:3b:5a:d2:8a:
         e1:35:03:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx6ajahE6VVzHywYiA8jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMTFiNmRlZjMzZGY5YTQ3N2IyODdjNTIwZGVjNGM0ZjYw
YjNhOGYwHhcNMjUwMjE2MjIwMTE0WhcNMjUwMjE3MjIwMTE0WjAzMTEwLwYDVQQD
EygyOTg5YjY0NTAwOTA0YjhiZDYxODcwNmIwYTQwMWI2OTBiZjk1YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIeY0QXAOn6YfbyPwj9ZewWgDS/H
yGh3THSiLSlatuUA3FYbKZr23/n0/M414vWqDPOf1xx9j6XXKXM3z26NU7ywc3l7
pLZ3HUUkO5LlnzMMvWj8tHMrSm1uuGRXIzCRAIvT/HdAuJFn4cJbxg/FBDFFMCTN
w5JKe7jHvCPU/VCaZwg8RVSr3iIg5ydpOCwGG00U4ivb5lvHsWpjT/neoFepWNY3
DgAZX1AU10+ybdKNcsboN4qxovIFVun20jCzYxVpIVrp6Abl4g7UGoINoNY/4idQ
EUGGVGCWlWi9AeRg+GarmaNYIXMBn4TZC3D6NcQZCkU88Nud148qpFoacwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmJtkUAkEuL1hhwawpAG2kL+VqmMB8GA1UdIwQY
MBaAFF4Rtt7zPfmkd7KHxSDexMT2CzqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jMjhjMzctZjdlYS00ODg2LThlYTgt
NDBjZjNlMDFmMDZmLzEvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jMjhjMzctZjdlYS00ODg2LThlYTgtNDBjZjNlMDFmMDZm
LzEvWGhHMjN2TTktYVIzc29mRklON0V4UFlMT284LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIEnPZ1v
Z4rYEmdTC8XGOfRvgYFGR8bxH+AHMzGv/khLCIduNyncsu+PCWAGraixiaeHFzrj
BbHMXIUsLBNFksY+8e0SEYRHwUXy/cJPmwKzfArKE5t7tkEqcyt+V9neQdDlU8Qi
mLwXCUtVNqWUCdKJOiPUpZtYIo9vdN44dCyGkq3EGY7diMoJdhU3xawoCQ/jUVE4
gINlunKweTkfnuXJqe6NKB4LeXvN5+blQnnF/m1Fqys8spdYGVqqIg0fccUM+vmB
llekh5UthgbHY1vc+KrcwUcz+SopD3ui69BFPlDYOZnWZdoiVOj/Xx6OJWJo7y1Z
Vb87WtKK4TUDEQ==
-----END CERTIFICATE-----